Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226491	3.3	注意	アップル	-	iPhone デバイス上で稼働する Apple iOS のパスコードロックにおけるパスコードの要件を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-5160	2013-10-1 15:21	2013-09-26	Show	GitHub Exploit DB Packet Storm

226492	6.8	警告	IBM	-	IBM Rational ClearQuest の Web クライアントにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-0598	2013-10-1 15:11	2013-09-16	Show	GitHub Exploit DB Packet Storm

226493	10	危険	IBM	-	IBM WebSphere DataPower XC10 アプライアンスにおける管理アクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-5403	2013-10-1 15:07	2013-09-26	Show	GitHub Exploit DB Packet Storm

226494	7.5	危険	インターネットイニシアティブ	-	SEIL シリーズにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-4709	2013-09-30 16:44	2013-09-20	Show	GitHub Exploit DB Packet Storm

226495	7.8	危険	ISC, Inc. アップル	-	ISC BIND におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-5688	2013-09-30 16:39	2012-12-4	Show	GitHub Exploit DB Packet Storm

226496	7.8	危険	ISC, Inc. アップル	-	ISC BIND におけるサービス運用妨害 (named デーモンハング) の脆弱性	CWE-189 数値処理の問題	CVE-2012-5166	2013-09-30 16:31	2012-10-9	Show	GitHub Exploit DB Packet Storm

226497	7.8	危険	ISC, Inc. アップル VMware	-	ISC BIND におけるサービス運用妨害 (表明違反および Daemon Exit) の脆弱性	CWE-20 不適切な入力確認	CVE-2012-3817	2013-09-30 16:24	2012-07-20	Show	GitHub Exploit DB Packet Storm

226498	7.8	危険	ISC, Inc. アップル	-	ISC BIND におけるサービス運用妨害 (表明違反および named デーモンの終了) の脆弱性	CWE-noinfo 情報不足	CVE-2012-4244	2013-09-30 16:11	2012-09-12	Show	GitHub Exploit DB Packet Storm

226499	6.8	警告	D-Link Systems, Inc.	-	D-Link DES-3810 シリーズにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2013-4707	2013-09-30 15:51	2013-09-20	Show	GitHub Exploit DB Packet Storm

226500	5	警告	アップル OpenSSL Project	-	OpenSSL の TLS の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-310 暗号の問題	CVE-2012-2686	2013-09-30 15:48	2013-02-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
221771	9.8	CRITICAL Network	mozilla	firefox firefox_esr thunderbird	A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affe…	CWE-617 CWE-843 Reachable Assertion Type Confusion	CVE-2019-9795	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221772	9.8	CRITICAL Network	mozilla	firefox firefox_esr thunderbird	A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files…	CWE-88 Argument Injection	CVE-2019-9794	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221773	5.9	MEDIUM Network	mozilla	firefox firefox_esr thunderbird	A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2019-9793	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221774	9.8	CRITICAL Network	mozilla redhat	firefox firefox_esr thunderbird enterprise_linux enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus	The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory c…	CWE-787 Out-of-bounds Write	CVE-2019-9792	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221775	9.8	CRITICAL Network	mozilla	thunderbird firefox firefox_esr	A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially e…	CWE-416 Use After Free	CVE-2019-9790	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221776	9.8	CRITICAL Network	mozilla	firefox	Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of…	CWE-787 Out-of-bounds Write	CVE-2019-9789	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221777	9.8	CRITICAL Network	mozilla redhat	firefox firefox_esr thunderbird enterprise_linux enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus	The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the con…	CWE-843 Type Confusion	CVE-2019-9791	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221778	9.8	CRITICAL Network	mozilla redhat	firefox firefox_esr thunderbird enterprise_linux enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus	Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we pres…	CWE-787 Out-of-bounds Write	CVE-2019-9788	2024-11-21 13:52	2019-04-27	Show	GitHub Exploit DB Packet Storm

221779	6.1	MEDIUM Network	wordfence	wordfence	The Wordfence plugin 7.2.3 for WordPress allows XSS via a unique attack vector. NOTE: It has been asserted that this is not a valid vulnerability in the context of the Wordfence WordPress plugin as t…	CWE-79 Cross-site Scripting	CVE-2019-9669	2024-11-21 13:52	2019-04-26	Show	GitHub Exploit DB Packet Storm

221780	10.0	CRITICAL Network	envoyproxy	envoy	Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative path, e.g., something/../admin, to bypass access control, e.g., a block on /admin. A backend server co…	CWE-706 Use of Incorrectly-Resolved Name or Reference	CVE-2019-9901	2024-11-21 13:52	2019-04-26	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed