Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 13, 2026, noon
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 258691 | 7.1 | 危険 | オラクル | - | Oracle Database の Core RDBMS コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0860 | 2010-05-12 15:16 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258692 | 7.5 | 危険 | オラクル | - | 複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0853 | 2010-05-12 15:16 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258693 | 2.6 | 注意 | シックス・アパート株式会社 | - | Movable Type におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-1985 | 2010-05-12 12:01 | 2010-05-12 | Show | GitHub Exploit DB Packet Storm |
| 258694 | 10 | 危険 | 日立 | - | 複数の EUR Form 製品 および EUR 製品における任意のコードが実行される脆弱性 |
CWE-noinfo
情報不足 |
- | 2010-05-11 15:16 | 2010-03-31 | Show | GitHub Exploit DB Packet Storm |
| 258695 | 6.4 | 警告 | マイクロソフト | - | Microsoft Windows における ISATAP パケットの処理に関する IPv4 ソースアドレスの制限を回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-0812 | 2010-05-11 15:16 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258696 | 7.6 | 危険 | マイクロソフト | - | Microsoft Office Visio における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-0256 | 2010-05-11 15:16 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258697 | 7.6 | 危険 | マイクロソフト | - | Microsoft Office Visio における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-0254 | 2010-05-11 15:15 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258698 | 5 | 警告 | マイクロソフト | - | Microsoft Windows の SMTP コンポーネントにおける情報漏えいの脆弱性 |
CWE-200
情報漏えい |
CVE-2010-0025 | 2010-05-11 15:15 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258699 | 5 | 警告 | マイクロソフト | - | Microsoft Windows の SMTP コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2010-0024 | 2010-05-11 15:15 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
| 258700 | 9.3 | 危険 | マイクロソフト | - | Microsoft Office Publisher におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2010-0479 | 2010-05-11 15:14 | 2010-04-13 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 13, 2026, 4:20 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249111 | 9.8 |
CRITICAL
Network |
sv3c | h.264_poe_ip_camera_firmware | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication … |
CWE-287
Improper Authentication |
CVE-2018-12666 | 2024-11-21 12:45 | 2018-10-20 | Show | GitHub Exploit DB Packet Storm |
| 249112 | 5.3 |
MEDIUM
Network |
mozilla | firefox | The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of … |
CWE-20
Improper Input Validation |
CVE-2018-12382 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249113 | 5.3 |
MEDIUM
Network |
mozilla |
firefox firefox_esr |
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only af… |
CWE-610
Externally Controlled Reference to a Resource in Another Sphere |
CVE-2018-12381 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249114 | 8.8 |
HIGH
Network |
mozilla canonical |
firefox ubuntu_linux |
Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2018-12375 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249115 | 4.3 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12374 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249116 | 9.1 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… |
CWE-20
Improper Input Validation |
CVE-2018-12387 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249117 | 8.1 |
HIGH
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… |
CWE-704
Incorrect Type Conversion or Cast |
CVE-2018-12386 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249118 | 7.0 |
HIGH
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… |
CWE-20
Improper Input Validation |
CVE-2018-12385 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249119 | 5.5 |
MEDIUM
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… |
CWE-522
Insufficiently Protected Credentials |
CVE-2018-12383 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249120 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12373 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |