Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 25, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3921 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-8949 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3922 9.3 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-8950 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3923 6.5 警告
Network 		Mozilla Foundation Mozilla Firefox Mozilla FoundationのMozilla Firefoxにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-8951 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3924 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-8952 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3925 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-8955 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3926 9.8 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-8956 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3927 8.8 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における権限管理に関する脆弱性 CWE-269
不適切な権限管理 		CVE-2026-8957 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3928 8.6 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-668
CWE-693
CVE-2026-8958 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3929 9.6 緊急
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-119
CWE-20
CWE-693
CVE-2026-8959 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
3930 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-8960 2026-05-22 10:52 2026-05-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 26, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
305531 - linux linux_kernel The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4604 2024-11-21 10:32 2013-06-7 Show GitHub Exploit DB Packet Storm
305532 - microsys promotic Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4520 2024-11-21 10:32 2013-05-24 Show GitHub Exploit DB Packet Storm
305533 - microsys promotic Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-4519 2024-11-21 10:32 2013-05-24 Show GitHub Exploit DB Packet Storm
305534 - microsys promotic Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors. CWE-22
Path Traversal 		CVE-2011-4518 2024-11-21 10:32 2013-05-24 Show GitHub Exploit DB Packet Storm
305535 - gnu glibc The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. CWE-399
 Resource Management Errors 		CVE-2011-4609 2024-11-21 10:32 2013-05-2 Show GitHub Exploit DB Packet Storm
305536 - siemens wincc_tia_portal Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive informatio… CWE-255
Credentials Management 		CVE-2011-4515 2024-11-21 10:32 2013-03-21 Show GitHub Exploit DB Packet Storm
305537 - dovecot dovecot Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Comm… CWE-20
 Improper Input Validation  		CVE-2011-4318 2024-11-21 10:32 2013-03-7 Show GitHub Exploit DB Packet Storm
305538 - gnu gdb GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafte… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-4355 2024-11-21 10:32 2013-03-6 Show GitHub Exploit DB Packet Storm
305539 - redhat jboss_enterprise_web_platform
jboss_enterprise_application_platform
jboss_enterprise_brms_platform 		Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform … CWE-20
 Improper Input Validation  		CVE-2011-4575 2024-11-21 10:32 2013-02-6 Show GitHub Exploit DB Packet Storm
305540 - simplerealtytheme advanced_text_widget_plugin Cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page para… CWE-79
Cross-site Scripting 		CVE-2011-4618 2024-11-21 10:32 2013-01-24 Show GitHub Exploit DB Packet Storm