Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 21, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 259701 | 10 | 危険 | IBM | - | IBM DB2 の Spatial Extender コンポーネントに同梱されているストアドプロシージャにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4335 | 2010-02-4 11:19 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 259702 | 4 | 警告 | IBM | - | IBM DB2 の DRDA Services コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4328 | 2010-02-4 11:19 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 259703 | 7.2 | 危険 | IBM | - | IBM DB2 の Install コンポーネントにおける脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-4331 | 2010-02-4 11:19 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 259704 | 7.5 | 危険 | IBM | - | IBM DB2 の Relational Data Services コンポーネントにおけるパスワードの引数を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-4333 | 2010-02-4 11:19 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 259705 | 7.2 | 危険 | IBM | - | IBM DB2 の Engine Utilities コンポーネントの db2licm における脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4330 | 2010-02-4 11:18 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 259706 | 4 | 警告 | IBM | - | IBM DB2 の Engine Utilities コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4329 | 2010-02-4 11:18 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 259707 | 7.2 | 危険 | サイバートラスト株式会社 Linux |
- | Linux kernel の kvm_dev_ioctl_get_supported_cpuid 関数における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-3638 | 2010-02-3 14:35 | 2009-10-29 | Show | GitHub Exploit DB Packet Storm |
| 259708 | 5 | 警告 | Linear LLC S2 Security |
- | Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS) |
CWE-noinfo
情報不足 |
CVE-2009-3734 | 2010-02-3 14:35 | 2010-01-5 | Show | GitHub Exploit DB Packet Storm |
| 259709 | 7.5 | 危険 | The PHP Group LibGD project サイバートラスト株式会社 レッドハット |
- | PHP および GD Graphics Library の _gdGetColors 関数におけるバッファオーバーフローの脆弱性 |
CWE-Other
その他 |
CVE-2009-3546 | 2010-02-3 14:34 | 2009-10-19 | Show | GitHub Exploit DB Packet Storm |
| 259710 | 6.8 | 警告 | GNU Project XEmacs サイバートラスト株式会社 |
- | Emacs および XEmacs における .flc ファイルの処理に関する任意のコードを実行される脆弱性 |
CWE-DesignError
|
CVE-2008-2142 | 2010-02-2 11:43 | 2008-05-12 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 21, 2026, 4:01 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249811 | 4.3 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12374 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249812 | 9.1 |
CRITICAL
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory addr… |
CWE-20
Improper Input Validation |
CVE-2018-12387 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249813 | 8.1 |
HIGH
Network |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process whe… |
CWE-704
Incorrect Type Conversion or Cast |
CVE-2018-12386 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249814 | 7.0 |
HIGH
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination w… |
CWE-20
Improper Input Validation |
CVE-2018-12385 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249815 | 5.5 |
MEDIUM
Local |
redhat debian canonical mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux ubu… |
If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not de… |
CWE-522
Insufficiently Protected Credentials |
CVE-2018-12383 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249816 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12373 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249817 | 6.5 |
MEDIUM
Network |
mozilla redhat debian canonical |
thunderbird enterprise_linux_desktop enterprise_linux_workstation enterprise_linux enterprise_linux_server debian_linux ubuntu_linux |
Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
CWE-200
Information Exposure |
CVE-2018-12372 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249818 | 8.8 |
HIGH
Network |
canonical mozilla |
ubuntu_linux firefox |
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, … |
CWE-352
Origin Validation Error |
CVE-2018-12370 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249819 | 9.8 |
CRITICAL
Network |
mozilla canonical |
firefox firefox_esr ubuntu_linux |
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects… |
CWE-863
Incorrect Authorization |
CVE-2018-12369 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |
| 249820 | 7.8 |
HIGH
Local |
redhat debian mozilla |
enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_eus enterprise_linux_server_tus enterprise_linux_server_aus debian_linux fir… |
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running t… |
CWE-787
Out-of-bounds Write |
CVE-2018-12379 | 2024-11-21 12:45 | 2018-10-18 | Show | GitHub Exploit DB Packet Storm |