Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201411	7.8	重要 Local	Google	-	Audioserver における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0419	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201412	7.8	重要 Local	Google	-	Audioserver における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0418	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201413	7.8	重要 Local	Google	-	Audioserver における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0417	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201414	7.8	重要 Local	Google	-	Audioserver における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0416	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201415	7.8	重要 Local	Google	-	メディアサーバにおける権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0415	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201416	5.5	警告 Local	Google	-	AOSP Messaging における情報を公開される脆弱性	CWE-200 情報漏えい	CVE-2017-0414	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201417	5.5	警告 Local	Google	-	AOSP Messaging における情報を公開される脆弱性	CWE-200 情報漏えい	CVE-2017-0413	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201418	7.8	重要 Local	Google	-	Framework API における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0412	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201419	7.8	重要 Local	Google	-	Framework API における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0411	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

201420	7.8	重要 Local	Google	-	Framework API における権限を昇格される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2017-0410	2017-02-24 09:48	2017-02-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
292371	5.3	MEDIUM Network	vembu	storegrid	In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the "ipaddress" hidden form value of the HTML source code, which is disclosed because of incorrect…	CWE-200 Information Exposure	CVE-2014-10079	2024-11-21 11:03	2019-02-23	Show	GitHub Exploit DB Packet Storm

292372	6.1	MEDIUM Network	vembu	storegrid	Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registe…	CWE-79 Cross-site Scripting	CVE-2014-10078	2024-11-21 11:03	2019-02-23	Show	GitHub Exploit DB Packet Storm

292373	7.5	HIGH Network	i18n_project debian	i18n debian_linux	Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is pre…	CWE-20 Improper Input Validation	CVE-2014-10077	2024-11-21 11:03	2018-11-7	Show	GitHub Exploit DB Packet Storm

292374	7.5	HIGH Network	wp-db-backup_project	wp-db-backup	The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control, which makes it easier for remote attackers to read backup archives via a brute-force attack.	CWE-200 Information Exposure	CVE-2014-10076	2024-11-21 11:03	2018-10-5	Show	GitHub Exploit DB Packet Storm

292375	9.8	CRITICAL Network	karo_project	karo	The karo gem 2.3.8 for Ruby allows Remote command injection via the host field.	CWE-77 Command Injection	CVE-2014-10075	2024-11-21 11:03	2018-10-5	Show	GitHub Exploit DB Packet Storm

292376	9.8	CRITICAL Network	umbraco	umbraco_cms	Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2014-10074	2024-11-21 11:03	2018-08-27	Show	GitHub Exploit DB Packet Storm

292377	7.5	HIGH Network	fancy-server_project	fancy-server	Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory.	CWE-22 Path Traversal	CVE-2014-10066	2024-11-21 11:03	2018-06-1	Show	GitHub Exploit DB Packet Storm

292378	6.1	MEDIUM Network	remarkable_project	remarkable	Certain input when passed into remarkable before 1.4.1 will bypass the bad protocol check that disallows the javascript: scheme allowing for javascript: url's to be injected into the rendered content.	CWE-79 Cross-site Scripting	CVE-2014-10065	2024-11-21 11:03	2018-06-1	Show	GitHub Exploit DB Packet Storm

292379	7.5	HIGH Network	qs_project	qs	The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of t…	CWE-399 Resource Management Errors	CVE-2014-10064	2024-11-21 11:03	2018-06-1	Show	GitHub Exploit DB Packet Storm

292380	7.5	HIGH Network	hapi	inert	The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when `showHidden` is false.	CWE-22 Path Traversal	CVE-2014-10068	2024-11-21 11:03	2018-05-30	Show	GitHub Exploit DB Packet Storm