Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257511	5.1	警告	Mozilla Foundation	-	Mac OS X 上で稼働する Mozilla Firefox の gfxTextRun::SanitizeGlyphRuns 関数における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0166	2010-04-7 14:49	2010-03-23	Show	GitHub Exploit DB Packet Storm

257512	9.3	危険	Mozilla Foundation	-	Mozilla Firefox の TraceRecorder::traverseScopeChain 関数における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0165	2010-04-7 14:49	2010-03-23	Show	GitHub Exploit DB Packet Storm

257513	4.3	警告	Mozilla Foundation	-	Mozilla Firefox の非同期認証プロンプト実装における信頼できる認証ダイアログになりすまされる脆弱性	CWE-Other その他	CVE-2010-0172	2010-04-6 16:50	2010-03-23	Show	GitHub Exploit DB Packet Storm

257514	5	警告	Mozilla Foundation レッドハット	-	複数の Mozilla 製品の CSSLoaderImpl::DoSheetComplete 関数におけるウェブページのレンダリングを中断される脆弱性	CWE-Other その他	CVE-2010-0169	2010-04-6 16:50	2010-03-23	Show	GitHub Exploit DB Packet Storm

257515	7.6	危険	Mozilla Foundation	-	Mozilla Firefox の nsDocument::MaybePreLoadImage 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0168	2010-04-6 16:49	2010-03-23	Show	GitHub Exploit DB Packet Storm

257516	9.3	危険	Mozilla Foundation	-	Mozilla Firefox の imgContainer::InternalAddFrameHelper 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0164	2010-04-6 16:49	2010-03-23	Show	GitHub Exploit DB Packet Storm

257517	4.3	警告	Mozilla Foundation レッドハット	-	複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0171	2010-04-5 14:54	2010-03-23	Show	GitHub Exploit DB Packet Storm

257518	4.3	警告	Mozilla Foundation	-	Mozilla Firefox における同一生成元ポリシーを回避される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0170	2010-04-5 14:53	2010-03-23	Show	GitHub Exploit DB Packet Storm

257519	7.5	危険	Heartlogic	-	HL-SiteManager における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1331	2010-04-2 15:02	2010-04-2	Show	GitHub Exploit DB Packet Storm

257520	9.3	危険	Mozilla Foundation	-	Mozilla Firefox の Web Open Fonts Format デコーダにおける整数オーバーフローの脆弱性	CWE-noinfo 情報不足	CVE-2010-1028	2010-04-2 14:05	2010-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
286551	7.8	HIGH Local	kajam_project	kajam	vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the (1) mysqldump command line in the capture function and (2) mysql command…	CWE-200 Information Exposure	CVE-2014-4999	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286552	7.8	HIGH Local	lean-ruport_project	lean-ruport	test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.	CWE-200 Information Exposure	CVE-2014-4998	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286553	7.8	HIGH Local	point-cli_project	point-cli	lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.	CWE-200 Information Exposure	CVE-2014-4997	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286554	5.5	MEDIUM Local	vladtheenterprising_project	vladtheenterprising	lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.	CWE-59 Link Following	CVE-2014-4996	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286555	7.0	HIGH Local	vladtheenterprising_project	vladtheenterprising	Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before …	CWE-200 CWE-362 Information Exposure Race Condition	CVE-2014-4995	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286556	5.5	MEDIUM Local	gyazo_project	gyazo	lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames.	CWE-20 Improper Input Validation	CVE-2014-4994	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286557	7.8	HIGH Local	backup_checksum_project backup-agoddard_project	backup_checksum backup-agoddard	(1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allow…	CWE-200 Information Exposure	CVE-2014-4993	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286558	7.8	HIGH Local	cap-strap_project	cap-strap	lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process.	CWE-200 Information Exposure	CVE-2014-4992	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286559	7.8	HIGH Local	codders-dataset_project	codders-dataset	(1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to o…	CWE-200 Information Exposure	CVE-2014-4991	2024-11-21 11:11	2018-01-11	Show	GitHub Exploit DB Packet Storm

286560	5.9	MEDIUM Network	huawei	s9300_firmware s9300e_firmware s7700_firmware s9700_firmware s5700_firmware s6700_firmware s5300_firmware s6300_firmware s2300_firmware s2700_firmware s3300_firmware …	Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.	CWE-200 Information Exposure	CVE-2014-5394	2024-11-21 11:11	2018-01-9	Show	GitHub Exploit DB Packet Storm