Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 19, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 258901 | 6.2 | 警告 | オラクル | - | Oracle Solaris における rdist の処理に関する脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0916 | 2010-08-3 19:20 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258902 | 7.5 | 危険 | OpenBSD FreeBSD オラクル NetBSD |
- | 複数の製品の ftpd におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2008-4247 | 2010-08-3 19:19 | 2008-09-25 | Show | GitHub Exploit DB Packet Storm |
| 258903 | 7.5 | 危険 | ターボリナックス MySQL AB |
- | MySQL で使用される yaSSL における複数のスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-4484 | 2010-08-3 18:59 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 258904 | 2.1 | 注意 | オラクル | - | Oracle Database Server の Export コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0901 | 2010-08-2 19:32 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258905 | 2.6 | 注意 | オラクル | - | Windows 上で稼働する Oracle Database Server の Network Layer コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0900 | 2010-08-2 19:32 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258906 | 4.3 | 警告 | オラクル | - | Oracle Database Server の Application Express コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0892 | 2010-08-2 19:32 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258907 | 6 | 警告 | オラクル | - | Oracle Database Server の Oracle OLAP コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0902 | 2010-08-2 19:31 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258908 | 7.8 | 危険 | オラクル | - | Windows 上で稼働する Oracle Database Server の Net Foundation Layer コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0903 | 2010-08-2 19:31 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258909 | 7.8 | 危険 | オラクル | - | Oracle Database Server の Listener コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0911 | 2010-08-2 19:30 | 2010-07-13 | Show | GitHub Exploit DB Packet Storm |
| 258910 | 5.5 | 警告 | PostgreSQL.org サイバートラスト株式会社 サン・マイクロシステムズ レッドハット |
- | PostgreSQL における任意のパラメータ設定を削除される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-1975 | 2010-08-2 17:13 | 2010-05-19 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 20, 2026, 4:01 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249811 | 4.3 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12374 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249812 | 9.1 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… |
CWE-20
Improper Input Validation |
CVE-2018-12387 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249813 | 8.1 |
HIGH
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… |
CWE-704
Incorrect Type Conversion or Cast |
CVE-2018-12386 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249814 | 7.0 |
HIGH
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… |
CWE-20
Improper Input Validation |
CVE-2018-12385 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249815 | 5.5 |
MEDIUM
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… |
CWE-522
Insufficiently Protected Credentials |
CVE-2018-12383 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249816 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12373 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249817 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12372 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249818 | 8.8 |
HIGH
Network |
canonical mozilla |
ubuntu_linux firefox |
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, … |
CWE-352
Origin Validation Error |
CVE-2018-12370 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249819 | 9.8 |
CRITICAL
Network |
mozilla canonical |
firefox firefox_esr ubuntu_linux |
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… |
CWE-863
Incorrect Authorization |
CVE-2018-12369 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249820 | 7.8 |
HIGH
Local |
redhat debian mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux fir… |
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running t… |
CWE-787
Out-of-bounds Write |
CVE-2018-12379 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |