Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1511 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における例外的な状態のチェックに関する脆弱性 CWE-754
例外的な状態における不適切なチェック 		CVE-2026-6772 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1512 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-6773 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1513 5.4 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における保護メカニズムの不具合に関する脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-6774 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1514 5.3 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-6775 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1515 7.8 重要
Local 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-6776 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1516 5.3 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-20
CWE-352
CWE-400
CVE-2026-6777 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1517 5.3 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-476
CWE-824
CVE-2026-6778 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1518 5.3 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-119
CWE-20
CWE-79
CVE-2026-6779 2026-04-24 11:39 2026-04-21 Show GitHub Exploit DB Packet Storm
1519 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-6780 2026-04-24 11:38 2026-04-21 Show GitHub Exploit DB Packet Storm
1520 7.5 重要
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-6781 2026-04-24 11:38 2026-04-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347711 - osticket osticket_sts SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable. NVD-CWE-Other
CVE-2005-2153 2008-09-6 05:51 2005-07-6 Show GitHub Exploit DB Packet Storm
347712 - osticket osticket_sts PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc pa… NVD-CWE-Other
CVE-2005-2154 2008-09-6 05:51 2005-07-6 Show GitHub Exploit DB Packet Storm
347713 - phpnews phpnews SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the prevnext parameter. NVD-CWE-Other
CVE-2005-2156 2008-09-6 05:51 2005-07-6 Show GitHub Exploit DB Packet Storm
347714 - globalnotescript globalnotescript read.cgi in GlobalNoteScript allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameters. NVD-CWE-Other
CVE-2005-2165 2008-09-6 05:51 2005-07-6 Show GitHub Exploit DB Packet Storm
347715 - kaf_oseo quick_and_dirty_phpsource_printer Directory traversal vulnerability in source.php in Quick & Dirty PHPSource Printer 1.1 and earlier allows remote attackers to read arbitrary files via ".../...//" sequences in the file parameter, whi… NVD-CWE-Other
CVE-2005-2169 2008-09-6 05:51 2005-07-6 Show GitHub Exploit DB Packet Storm
347716 - mozilla bugzilla The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2.18.1 and 2.19.1 to 2.19.3 do not verify that the flag ID is appropriate for the given bug or attachment ID, which allows users to… NVD-CWE-Other
CVE-2005-2173 2008-09-6 05:51 2005-07-8 Show GitHub Exploit DB Packet Storm
347717 - mozilla bugzilla Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access info… NVD-CWE-Other
CVE-2005-2174 2008-09-6 05:51 2005-07-8 Show GitHub Exploit DB Packet Storm
347718 - ibm lotus_notes The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based att… NVD-CWE-Other
CVE-2005-2175 2008-09-6 05:51 2005-07-9 Show GitHub Exploit DB Packet Storm
347719 - apple airport_card The Apple AirPort card uses a default WEP key when not connected to a known or trusted network, which can cause it to automatically connect to a malicious network. NVD-CWE-Other
CVE-2005-2196 2008-09-6 05:51 2005-07-19 Show GitHub Exploit DB Packet Storm
347720 - spid spid PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter. NVD-CWE-Other
CVE-2005-2198 2008-09-6 05:51 2005-07-11 Show GitHub Exploit DB Packet Storm