Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
257751 4.3 警告 Simple Machines - Simple Machines Forum におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2011-4173 2011-10-31 14:07 2011-09-18 Show GitHub Exploit DB Packet Storm
257752 4.3 警告 KENT-WEB - KENT-WEB WEB FORUM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-4172 2011-10-31 14:05 2011-10-24 Show GitHub Exploit DB Packet Storm
257753 4.3 警告 IBM - IBM WebSphere ILOG Rule Team Server の content/error.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2011-4171 2011-10-31 14:00 2011-10-5 Show GitHub Exploit DB Packet Storm
257754 7.5 危険 Simple Machines - Simple Machines Forum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-3615 2011-10-31 13:59 2011-09-18 Show GitHub Exploit DB Packet Storm
257755 9.3 危険 Novell - Novell ZENworks Handheld Management (ZHM) の ZfHSrvr.exe における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-2656 2011-10-31 13:59 2011-10-5 Show GitHub Exploit DB Packet Storm
257756 9.3 危険 Novell - Novell ZENworks Handheld Management (ZHM) の ZfHSrvr.exe における任意のコードを実行される脆弱性 CWE-noinfo
情報不足
CVE-2011-2655 2011-10-31 13:57 2011-10-5 Show GitHub Exploit DB Packet Storm
257757 6.8 警告 Digium - Asterisk Open Source の chan_sip.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-4063 2011-10-31 10:31 2011-10-4 Show GitHub Exploit DB Packet Storm
257758 7.5 危険 Atcom S.A. - ATCOM Netvolution における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2011-3340 2011-10-31 10:29 2011-10-21 Show GitHub Exploit DB Packet Storm
257759 6.5 警告 BlackBerry - BlackBerry Collaboration Service における任意のユーザアカウントへログインされる脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-0290 2011-10-31 10:29 2011-10-11 Show GitHub Exploit DB Packet Storm
257760 7.5 危険 Atcom S.A. - ATCOM Netvolution の default.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4967 2011-10-31 10:28 2011-10-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252461 7.8 HIGH
Local
redhat
debian
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
debian_linux
fir…
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running t… CWE-787
 Out-of-bounds Write
CVE-2018-12379 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252462 9.8 CRITICAL
Network
redhat
debian
canonical
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_server_tus
debian_linux
ubu…
A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a potentially exploita… CWE-416
 Use After Free
CVE-2018-12378 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252463 9.8 CRITICAL
Network
redhat
debian
canonical
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
debian_linux
ubu…
A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially exp… CWE-416
 Use After Free
CVE-2018-12377 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252464 9.8 CRITICAL
Network
redhat
debian
canonical
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
debian_linux
ubu…
Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to … CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2018-12376 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252465 8.1 HIGH
Network
mozilla firefox
firefox_esr
thunderbird
Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the w… NVD-CWE-noinfo
CVE-2018-12368 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252466 4.3 MEDIUM
Network
debian
canonical
mozilla
debian_linux
ubuntu_linux
firefox
thunderbird
firefox_esr
In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTimi… CWE-20
 Improper Input Validation 
CVE-2018-12367 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252467 8.8 HIGH
Network
mozilla
debian
canonical
firefox
thunderbird
firefox_esr
debian_linux
ubuntu_linux
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which resul… CWE-190
 Integer Overflow or Wraparound
CVE-2018-12361 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252468 4.3 MEDIUM
Network
mozilla
canonical
firefox
ubuntu_linux
Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability … CWE-200
Information Exposure
CVE-2018-12358 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252469 6.5 MEDIUM
Network
redhat
debian
canonical
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
debian_linux
ubu…
An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability af… CWE-125
Out-of-bounds Read
CVE-2018-12366 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm
252470 6.5 MEDIUM
Network
redhat
debian
canonical
mozilla
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
debian_linux
ubu…
A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private l… CWE-200
Information Exposure
CVE-2018-12365 2024-11-21 12:45 2018-10-18 Show GitHub Exploit DB Packet Storm