Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228221	10	危険	Mozilla Foundation	-	複数の Mozilla 製品における任意の JavaScript コードを実行される脆弱性	CWE-DesignError	CVE-2012-1967	2012-12-14 18:33	2012-07-17	Show	GitHub Exploit DB Packet Storm

228222	4.3	警告	Mozilla Foundation	-	Mozilla Firefox および Firefox ESR におけるクロスサイトスクリプティングの脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1966	2012-12-14 18:32	2012-07-17	Show	GitHub Exploit DB Packet Storm

228223	4.3	警告	Mozilla Foundation	-	Mozilla Firefox におけるクロスサイトスクリプティング保護メカニズムを回避される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1965	2012-12-14 18:31	2012-07-17	Show	GitHub Exploit DB Packet Storm

228224	4	警告	Mozilla Foundation	-	複数の Mozilla 製品における意図しない例外を追加させられる脆弱性	CWE-noinfo 情報不足	CVE-2012-1964	2012-12-14 18:29	2012-07-17	Show	GitHub Exploit DB Packet Storm

228225	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品における OpenID 認証情報と OAuth 2.0 アクセストークンを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1963	2012-12-14 18:28	2012-07-17	Show	GitHub Exploit DB Packet Storm

228226	10	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-399 リソース管理の問題	CVE-2012-1962	2012-12-14 18:27	2012-07-17	Show	GitHub Exploit DB Packet Storm

228227	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品におけるクリックジャッキング攻撃の脆弱性	CWE-20 不適切な入力確認	CVE-2012-1961	2012-12-14 18:26	2012-07-17	Show	GitHub Exploit DB Packet Storm

228228	5	警告	Mozilla Foundation	-	複数の Mozilla 製品における XBL へのアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1959	2012-12-14 18:14	2012-07-17	Show	GitHub Exploit DB Packet Storm

228229	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の nsGlobalWindow::PageHidden 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2012-1958	2012-12-14 18:13	2012-07-17	Show	GitHub Exploit DB Packet Storm

228230	4.3	警告	Mozilla Foundation	-	複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1957	2012-12-14 18:12	2012-07-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211601	4.3	MEDIUM Network	ibm	rational_engineering_lifecycle_manager	IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive in…	CWE-200 Information Exposure	CVE-2015-7484	2024-11-21 11:36	2018-01-17	Show	GitHub Exploit DB Packet Storm

211602	5.4	MEDIUM Network	ibm	rational_engineering_lifecycle_manager	Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and…	CWE-79 Cross-site Scripting	CVE-2015-7474	2024-11-21 11:36	2018-01-17	Show	GitHub Exploit DB Packet Storm

211603	6.1	MEDIUM Network	stackideas	komento	Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web sc…	CWE-79 Cross-site Scripting	CVE-2015-7324	2024-11-21 11:36	2017-12-28	Show	GitHub Exploit DB Packet Storm

211604	9.8	CRITICAL Network	puppet	puppetlabs-mysql	puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host…	CWE-287 Improper Authentication	CVE-2015-7224	2024-11-21 11:36	2017-12-22	Show	GitHub Exploit DB Packet Storm

211605	4.2	MEDIUM Physics	seagate	st500lt015_firmware	Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protectio…	CWE-254 7PK - Security Features	CVE-2015-7269	2024-11-21 11:36	2017-11-28	Show	GitHub Exploit DB Packet Storm

211606	4.2	MEDIUM Physics	samsung seagate	850_pro_firmware pm851_firmware st500lt015_firmware st500lt025_firmware	Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or…	CWE-254 7PK - Security Features	CVE-2015-7268	2024-11-21 11:36	2017-11-28	Show	GitHub Exploit DB Packet Storm

211607	4.2	MEDIUM Physics	samsung seagate	850_pro_firmware pm851_firmware st500lt015_firmware st500lt025_firmware	Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS…	CWE-254 7PK - Security Features	CVE-2015-7267	2024-11-21 11:36	2017-11-28	Show	GitHub Exploit DB Packet Storm

211608	9.8	CRITICAL Network	redhat	jboss_operations_network jboss_a-mq jboss_enterprise_application_platform jboss_bpm_suite jboss_enterprise_brms_platform openshift jboss_fuse subscription_asset_manager jboss_…	Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service…	CWE-502 Deserialization of Untrusted Data	CVE-2015-7501	2024-11-21 11:36	2017-11-10	Show	GitHub Exploit DB Packet Storm

211609	7.8	HIGH Local	sos_project canonical redhat	sos ubuntu_linux enterprise_linux_desktop enterprise_linux_server_aus enterprise_linux_workstation enterprise_linux_server_tus enterprise_linux_server enterprise_linux_server_eus	sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by so…	CWE-59 Link Following	CVE-2015-7529	2024-11-21 11:36	2017-11-7	Show	GitHub Exploit DB Packet Storm

211610	6.0	MEDIUM Local	qemu	qemu	The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveragin…	CWE-476 NULL Pointer Dereference	CVE-2015-7549	2024-11-21 11:36	2017-10-30	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed