Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 28, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257001 7.8 危険 Mozilla Foundation - Mozilla Firefox/SeaMonkey の GeckoActiveXObject 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-3987 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
257002 7.6 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3986 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
257003 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey におけるコンテンツを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3985 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
257004 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3984 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
257005 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性 CWE-Other
その他 		CVE-2009-3983 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
257006 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2009-3389 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
257007 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3388 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
257008 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3982 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
257009 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3981 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
257010 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3980 2010-01-28 12:15 2009-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195701 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with the ability t… CWE-79
Cross-site Scripting 		CVE-2021-21608 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195702 6.5 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory … CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2021-21607 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195703 4.3 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML … CWE-20
 Improper Input Validation  		CVE-2021-21606 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195704 8.0 HIGH
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. CWE-22
Path Traversal 		CVE-2021-21605 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195705 8.0 HIGH
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instanti… CWE-502
 Deserialization of Untrusted Data 		CVE-2021-21604 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195706 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape notification bar response contents, resulting in a cross-site scripting (XSS) vulnerability. CWE-79
Cross-site Scripting 		CVE-2021-21603 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195707 6.5 MEDIUM
Network 		jenkins jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks. CWE-59
Link Following 		CVE-2021-21602 2024-11-21 14:48 2021-01-14 Show GitHub Exploit DB Packet Storm
195708 6.5 MEDIUM
Network 		sap cla-assistant In CLA-Assistant, versions before 2.8.5, due to improper access control an authenticated user could access API endpoints which are not intended to be used by the user. This could impact the integrity… NVD-CWE-Other
CVE-2021-21471 2024-11-21 14:48 2021-01-13 Show GitHub Exploit DB Packet Storm
195709 6.5 MEDIUM
Network 		sap business_warehouse The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database ta… CWE-862
 Missing Authorization 		CVE-2021-21468 2024-11-21 14:48 2021-01-13 Show GitHub Exploit DB Packet Storm
195710 4.3 MEDIUM
Network 		sap banking_services SAP Banking Services (Generic Market Data) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. An unauthorized User is allowed to display… CWE-862
 Missing Authorization 		CVE-2021-21467 2024-11-21 14:48 2021-01-13 Show GitHub Exploit DB Packet Storm