Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 19, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 259341 | 9.3 | 危険 | マイクロソフト | - | Microsoft Internet Explorer における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-0807 | 2010-04-19 19:18 | 2010-03-30 | Show | GitHub Exploit DB Packet Storm |
| 259342 | 9.3 | 危険 | マイクロソフト | - | Microsoft Internet Explorer における任意のコードを実行される脆弱性 |
CWE-362
競合状態 |
CVE-2010-0489 | 2010-04-19 19:18 | 2010-03-30 | Show | GitHub Exploit DB Packet Storm |
| 259343 | 9.3 | 危険 | マイクロソフト | - | Microsoft Internet Explorer における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-0267 | 2010-04-19 19:18 | 2010-03-30 | Show | GitHub Exploit DB Packet Storm |
| 259344 | 10 | 危険 | アップル | - | Apple Mac OS X の xar におけるパッケージ署名の検証処理に関する脆弱性 |
CWE-DesignError
|
CVE-2010-0055 | 2010-04-16 16:59 | 2010-03-29 | Show | GitHub Exploit DB Packet Storm |
| 259345 | 0 | 注意 | アップル | - | Apple Mac OS X の Wiki サーバにおけるコンテンツを公開される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-0534 | 2010-04-16 16:58 | 2010-03-29 | Show | GitHub Exploit DB Packet Storm |
| 259346 | 5 | 警告 | アップル | - | Apple Mac OS X の Wiki サーバにおける重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2010-0523 | 2010-04-16 16:58 | 2010-03-29 | Show | GitHub Exploit DB Packet Storm |
| 259347 | 9 | 危険 | アップル | - | Apple Mac OS X のサーバ管理における管理者権限の処理に関する脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-0522 | 2010-04-16 16:58 | 2010-03-29 | Show | GitHub Exploit DB Packet Storm |
| 259348 | 5 | 警告 | アップル | - | Apple Mac OS X のサーバ管理における重要な情報を取得される脆弱性 |
CWE-287
不適切な認証 |
CVE-2010-0521 | 2010-04-16 16:58 | 2010-03-29 | Show | GitHub Exploit DB Packet Storm |
| 259349 | 4.3 | 警告 | アップル Ruby on Rails project |
- | Ruby on Rails の strip_tags 関数におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4214 | 2010-04-16 16:58 | 2009-12-7 | Show | GitHub Exploit DB Packet Storm |
| 259350 | 4.3 | 警告 | アップル Ruby on Rails project |
- | Ruby on Rails におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3009 | 2010-04-16 16:58 | 2009-09-8 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 20, 2026, 4:01 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249811 | 4.3 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12374 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249812 | 9.1 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… |
CWE-20
Improper Input Validation |
CVE-2018-12387 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249813 | 8.1 |
HIGH
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… |
CWE-704
Incorrect Type Conversion or Cast |
CVE-2018-12386 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249814 | 7.0 |
HIGH
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… |
CWE-20
Improper Input Validation |
CVE-2018-12385 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249815 | 5.5 |
MEDIUM
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… |
CWE-522
Insufficiently Protected Credentials |
CVE-2018-12383 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249816 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12373 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249817 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12372 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249818 | 8.8 |
HIGH
Network |
canonical mozilla |
ubuntu_linux firefox |
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, … |
CWE-352
Origin Validation Error |
CVE-2018-12370 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249819 | 9.8 |
CRITICAL
Network |
mozilla canonical |
firefox firefox_esr ubuntu_linux |
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… |
CWE-863
Incorrect Authorization |
CVE-2018-12369 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249820 | 7.8 |
HIGH
Local |
redhat debian mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux fir… |
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running t… |
CWE-787
Out-of-bounds Write |
CVE-2018-12379 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |