Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 21, 2024, 6:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201311 8.5 危険 VMware - 複数の VMware 製品の VMware Tools における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1142 2010-05-7 17:24 2010-04-9 Show GitHub Exploit DB Packet Storm
201312 8.5 危険 VMware - 複数の VMware 製品の VMware Tools における任意のコードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1141 2010-05-7 17:24 2010-04-9 Show GitHub Exploit DB Packet Storm
201313 5 警告 アップル
サイバートラスト株式会社
レッドハット
ターボリナックス
CUPS		 - CUPS の ippReadIO 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-0949 2010-05-7 16:55 2009-06-3 Show GitHub Exploit DB Packet Storm
201314 6.8 警告 レッドハット
サイバートラスト株式会社
ターボリナックス
CUPS		 - CUPS の TIFF イメージデコーディングルーチンにおける整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-0163 2010-05-7 16:51 2009-04-16 Show GitHub Exploit DB Packet Storm
201315 4.6 警告 GNU Project
サイバートラスト株式会社
レッドハット		 - GNU cpio における大きなサイズのファイル処理によるバッファーオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2005-4268 2010-05-7 16:51 2005-12-15 Show GitHub Exploit DB Packet Storm
201316 4.3 警告 日本電気
Apache Software Foundation		 - Apache Xerces C++ におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2009-1885 2010-05-6 13:47 2009-08-6 Show GitHub Exploit DB Packet Storm
201317 6.4 警告 アップル
ターボリナックス
CUPS		 - CUPS における DNS リバインド攻撃を誘導される脆弱性 CWE-20
不適切な入力確認 		CVE-2009-0164 2010-05-6 13:46 2009-04-24 Show GitHub Exploit DB Packet Storm
201318 5 警告 freedesktop.org
日本電気
サイバートラスト株式会社
レッドハット		 - JBIG2 デコーダにおける SplashBitmap に関連する整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-1188 2010-05-6 13:46 2009-04-23 Show GitHub Exploit DB Packet Storm
201319 5 警告 freedesktop.org
日本電気
サイバートラスト株式会社
レッドハット		 - JBIG2 デコーダにおける CairoOutputDev に関連する整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-1187 2010-05-6 13:46 2009-04-23 Show GitHub Exploit DB Packet Storm
201320 9.3 危険 アドビシステムズ
レッドハット		 - Adobe Reader および Acrobat の custom heap management system におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1241 2010-04-30 10:26 2010-04-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 10, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
301 7.5 HIGH
Network 		mozilla
debian 		firefox
firefox_esr
debian_linux 		An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR… Update CWE-125
Out-of-bounds Read 		CVE-2023-4048 2024-10-21 22:55 2023-08-2 Show GitHub Exploit DB Packet Storm
302 8.8 HIGH
Network 		mozilla
debian 		firefox
firefox_esr
debian_linux 		A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, a… Update NVD-CWE-noinfo
CVE-2023-4047 2024-10-21 22:55 2023-08-2 Show GitHub Exploit DB Packet Storm
303 5.3 MEDIUM
Network 		mozilla
debian 		firefox
firefox_esr
debian_linux 		In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process… Update NVD-CWE-noinfo
CVE-2023-4046 2024-10-21 22:55 2023-08-2 Show GitHub Exploit DB Packet Storm
304 5.3 MEDIUM
Network 		mozilla
debian 		firefox
firefox_esr
debian_linux 		Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox… Update CWE-346
 Origin Validation Error 		CVE-2023-4045 2024-10-21 22:55 2023-08-2 Show GitHub Exploit DB Packet Storm
305 8.8 HIGH
Network 		mozilla thunderbird
firefox_esr
firefox 		Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume t… Update CWE-787
 Out-of-bounds Write 		CVE-2022-38478 2024-10-21 22:55 2022-12-23 Show GitHub Exploit DB Packet Storm
306 8.8 HIGH
Network 		mozilla thunderbird
firefox_esr
firefox 		A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). This vulnerability affects Thunderbird < 102.2, Thunderbird < 9… Update CWE-281
 Improper Preservation of Permissions 		CVE-2022-38473 2024-10-21 22:55 2022-12-23 Show GitHub Exploit DB Packet Storm
307 6.5 MEDIUM
Network 		mozilla thunderbird
firefox 		An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into … Update CWE-346
 Origin Validation Error 		CVE-2022-38472 2024-10-21 22:55 2022-12-23 Show GitHub Exploit DB Packet Storm
308 8.8 HIGH
Network 		mozilla
debian 		firefox
firefox_esr
thunderbird
debian_linux 		Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these… Update NVD-CWE-noinfo
CVE-2021-38500 2024-10-21 22:55 2021-11-3 Show GitHub Exploit DB Packet Storm
309 8.8 HIGH
Network 		mozilla
debian 		firefox
firefox_esr
thunderbird
debian_linux 		During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbir… Update CWE-416
 Use After Free 		CVE-2021-38496 2024-10-21 22:55 2021-11-3 Show GitHub Exploit DB Packet Storm
310 6.5 MEDIUM
Network 		mozilla firefox
firefox_esr
thunderbird 		When delegating navigations to the operating system, Firefox would accept the `mk` scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. *T… Update NVD-CWE-noinfo
CVE-2021-38492 2024-10-21 22:55 2021-11-3 Show GitHub Exploit DB Packet Storm