Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 5, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 257531 | 4.9 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の tcf_fill_node 関数におけるカーネルメモリから重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-3612 | 2010-04-2 13:49 | 2009-10-19 | Show | GitHub Exploit DB Packet Storm |
| 257532 | 7.8 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の ipv6_hop_jumbo 関数におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2007-4567 | 2010-04-2 13:48 | 2007-12-21 | Show | GitHub Exploit DB Packet Storm |
| 257533 | 4.3 | 警告 | 株式会社アルマス | - | Compiere におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-1333 | 2010-04-1 15:02 | 2010-04-1 | Show | GitHub Exploit DB Packet Storm |
| 257534 | 2.6 | 注意 | 株式会社アルマス | - | Compiere におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-1333 | 2010-04-1 15:02 | 2010-04-1 | Show | GitHub Exploit DB Packet Storm |
| 257535 | 4.3 | 警告 | PrettyBook | - | PrettyFormMail におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-1332 | 2010-04-1 15:01 | 2010-04-1 | Show | GitHub Exploit DB Packet Storm |
| 257536 | 10 | 危険 | サイバートラスト株式会社 Mozilla Foundation レッドハット |
- | 複数の Mozilla 製品の HTML パーサにおける任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-1571 | 2010-04-1 13:51 | 2010-02-17 | Show | GitHub Exploit DB Packet Storm |
| 257537 | 10 | 危険 | サイバートラスト株式会社 Mozilla Foundation レッドハット |
- | 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0159 | 2010-04-1 13:50 | 2010-02-17 | Show | GitHub Exploit DB Packet Storm |
| 257538 | 9.3 | 危険 | サイバートラスト株式会社 Mozilla Foundation レッドハット |
- | 複数の Mozilla 製品における任意のコードを実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-3979 | 2010-04-1 13:49 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257539 | 4.4 | 警告 | サイバートラスト株式会社 Mozilla Foundation レッドハット |
- | Mozilla Firefox におけるダウンロードファイルを置き換えられる脆弱性 |
CWE-Other
その他 |
CVE-2009-3274 | 2010-04-1 13:47 | 2009-09-21 | Show | GitHub Exploit DB Packet Storm |
| 257540 | 9.3 | 危険 | サイバートラスト株式会社 Mozilla Foundation レッドハット |
- | Mozilla Firefox/SeaMonkey における意図しないファイルをダウンロードさせられる脆弱性 |
CWE-16
環境設定 |
CVE-2009-3376 | 2010-04-1 13:46 | 2009-10-27 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 5, 2026, 4:11 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 246801 | 9.8 |
CRITICAL
Network |
mozilla canonical |
firefox firefox_esr ubuntu_linux |
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… |
CWE-863
Incorrect Authorization |
CVE-2018-12369 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246802 | 7.8 |
HIGH
Local |
redhat debian mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux fir… |
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running t… |
CWE-787
Out-of-bounds Write |
CVE-2018-12379 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246803 | 9.8 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus enterprise_linux_server_eus enterprise_linux_server_tus debian_linux ubu… |
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploita… |
CWE-416
Use After Free |
CVE-2018-12378 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246804 | 9.8 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exp… |
CWE-416
Use After Free |
CVE-2018-12377 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246805 | 9.8 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to … |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2018-12376 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246806 | 8.1 |
HIGH
Network |
mozilla |
firefox firefox_esr thunderbird |
Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the w… |
NVD-CWE-noinfo
|
CVE-2018-12368 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246807 | 4.3 |
MEDIUM
Network |
debian canonical mozilla |
debian_linux ubuntu_linux firefox thunderbird firefox_esr |
In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTimi… |
CWE-20
Improper Input Validation |
CVE-2018-12367 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246808 | 8.8 |
HIGH
Network |
mozilla debian canonical |
firefox thunderbird firefox_esr debian_linux ubuntu_linux |
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which resul… |
CWE-190
Integer Overflow or Wraparound |
CVE-2018-12361 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246809 | 4.3 |
MEDIUM
Network |
mozilla canonical |
firefox ubuntu_linux |
Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability … |
CWE-200
Information Exposure |
CVE-2018-12358 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 246810 | 6.5 |
MEDIUM
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability af… |
CWE-125
Out-of-bounds Read |
CVE-2018-12366 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |