Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230551	4.3	警告	webwizguide	-	Web Wiz Forum におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3391	2012-12-20 18:52	2008-07-31	Show	GitHub Exploit DB Packet Storm

230552	7.5	危険	phpfootball	-	PHPFootball の show.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3387	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230553	4.3	警告	snarky	-	Snark VisualPic におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3379	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230554	7.5	危険	talkback	-	TalkBack の install/help.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3371	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230555	7.5	危険	viart	-	ViArt Shop の products_rss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3369	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230556	4.3	警告	webwizguide	-	Web Wiz RTE の RTE_popup_link.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-3367	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230557	7.5	危険	Pligg	-	Pligg CMS の story.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-3366	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230558	6.8	警告	Pixelpost.org	-	Windows 上で稼動する Pixelpost の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-3365	2012-12-20 18:52	2008-07-27	Show	GitHub Exploit DB Packet Storm

230559	9.3	危険	トレンドマイクロ	-	Trend Micro OSCE Web-Deployment などの ObjRemoveCtrl Class ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-3364	2012-12-20 18:52	2008-07-30	Show	GitHub Exploit DB Packet Storm

230560	7.5	危険	runcms	-	RunCMS の Newbb Plus モジュールにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2008-3354	2012-12-20 18:52	2008-07-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196091	8.8	HIGH Network	mozilla	thunderbird firefox firefox_esr	If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vul…	CWE-269 CWE-697 Improper Privilege Management Incorrect Comparison	CVE-2021-23999	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196092	6.5	MEDIUM Network	mozilla	thunderbird firefox firefox_esr	Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Fir…	CWE-345 Insufficient Verification of Data Authenticity	CVE-2021-23998	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196093	8.8	HIGH Network	mozilla	firefox	Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary …	CWE-681 Incorrect Conversion between Numeric Types	CVE-2021-23997	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196094	6.5	MEDIUM Network	mozilla	firefox	By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other att…	NVD-CWE-Other	CVE-2021-23996	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196095	8.8	HIGH Network	mozilla	thunderbird firefox firefox_esr	When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulner…	CWE-672 Operation on a Resource after Expiration or Release	CVE-2021-23995	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196096	8.8	HIGH Network	mozilla	thunderbird firefox firefox_esr	A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.	CWE-909 Missing Initialization of Resource	CVE-2021-23994	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196097	6.5	MEDIUM Network	mozilla	thunderbird	An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, …	CWE-347 Improper Verification of Cryptographic Signature	CVE-2021-23993	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196098	4.3	MEDIUM Network	mozilla	thunderbird	Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user I…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2021-23992	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196099	6.8	MEDIUM Network	mozilla	thunderbird	If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an em…	NVD-CWE-Other	CVE-2021-23991	2024-11-21 14:52	2021-06-24	Show	GitHub Exploit DB Packet Storm

196100	5.4	MEDIUM Network	codecabin	wp_go_maps	The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site S…	CWE-79 Cross-site Scripting	CVE-2021-24383	2024-11-21 14:52	2021-06-22	Show	GitHub Exploit DB Packet Storm