Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
208721 7.5 危険 Another WordPress Classifieds Plugin - WordPress 用 Another WordPress Classifieds Plugin プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-10013 2015-01-16 13:37 2014-11-8 Show GitHub Exploit DB Packet Storm
208722 4.3 警告 Another WordPress Classifieds Plugin - WordPress 用 Another WordPress Classifieds Plugin プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-10012 2015-01-16 13:34 2014-11-8 Show GitHub Exploit DB Packet Storm
208723 1.9 注意 シーメンス - iOS 用 Siemens SIMATIC WinCC Sm@rtClient アプリにおける Sm@rtServer の認証情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-5233 2015-01-16 11:55 2014-08-13 Show GitHub Exploit DB Packet Storm
208724 1.9 注意 シーメンス - iOS 用 Siemens SIMATIC Sm@rtClient アプリにおけるアプリケーションのパスワード要求を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-5232 2015-01-16 11:52 2014-08-13 Show GitHub Exploit DB Packet Storm
208725 2.1 注意 シーメンス - iOS 用 Siemens SIMATIC WinCC Sm@rtClient アプリにおけるストレージからパスワードを抽出される脆弱性 CWE-200
情報漏えい 		CVE-2014-5231 2015-01-16 11:41 2014-08-13 Show GitHub Exploit DB Packet Storm
208726 5 警告 Joomlaskin - WordPress 用 Joomlaskin JS Multi Hotel プラグインにおけるインストールパスを取得される脆弱性 CWE-200
情報漏えい 		CVE-2014-100009 2015-01-16 11:34 2014-03-29 Show GitHub Exploit DB Packet Storm
208727 4.3 警告 Joomlaskin - WordPress 用 Joomlaskin JS Multi Hotel プラグインの includes/delete_img.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-100008 2015-01-16 11:29 2014-03-29 Show GitHub Exploit DB Packet Storm
208728 4.3 警告 Henry Kellner - WordPress 用 HK Exif Tags プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-100007 2015-01-16 11:22 2014-04-9 Show GitHub Exploit DB Packet Storm
208729 4.3 警告 webtrees.net - webtrees の modules_v3/googlemap/wt_v3_street_view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-100006 2015-01-15 19:07 2014-02-10 Show GitHub Exploit DB Packet Storm
208730 6.8 警告 D-Link Systems, Inc. - D-Link DIR-600 ルータのファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-100005 2015-01-15 19:03 2014-03-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
41 8.8 HIGH
Network 		- - Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated users to escalate to … New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-6912 2026-04-25 02:56 2026-04-25 Show GitHub Exploit DB Packet Storm
42 4.9 MEDIUM
Network 		- - Cross Site Scripting vulnerability in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary code New CWE-79
Cross-site Scripting 		CVE-2026-31050 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
43 3.8 LOW
Network 		- - An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Client Balance component New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31051 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
44 5.3 MEDIUM
Network 		- - An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Checkout Authentication Flow component New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-31052 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
45 4.0 MEDIUM
Local 		- - bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL. New CWE-306
Missing Authentication for Critical Function 		CVE-2026-42095 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
46 9.8 CRITICAL
Network 		- - BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated … New CWE-1188
CWE-1391
 Insecure Default Initialization of Resource
 Use of Weak Credentials 		CVE-2026-39920 2026-04-25 02:55 2026-04-25 Show GitHub Exploit DB Packet Storm
47 6.1 MEDIUM
Network 		- - Mahara before 25.04.2 and 24.04.11 are vulnerable to displaying results that can trigger XSS via a malicious search query string. This occurs in the 'search site' feature when using the Elasticsearch… New CWE-79
Cross-site Scripting 		CVE-2025-61872 2026-04-25 02:54 2026-04-25 Show GitHub Exploit DB Packet Storm
48 4.7 MEDIUM
Network 		- - In Mahara before 24.04.10 and 25 before 25.04.1, an institution administrator or institution support administrator on a multi-tenanted site can masquerade as an institution member in an institution f… New CWE-284
Improper Access Control 		CVE-2025-59308 2026-04-25 02:54 2026-04-25 Show GitHub Exploit DB Packet Storm
49 - - - A client-side authorization flaw in Lightspeed Classroom v5.1.2.1763770643 allows unauthenticated attackers to impersonate users by bypassing integrity checks and abusing client-generated authorizati… New - CVE-2026-30368 2026-04-25 02:53 2026-04-25 Show GitHub Exploit DB Packet Storm
50 - - - In the Linux kernel, the following vulnerability has been resolved: smb: client: let send_done handle a completion without IB_SEND_SIGNALED With smbdirect_send_batch processing we likely have reque… New - CVE-2026-31534 2026-04-25 02:51 2026-04-25 Show GitHub Exploit DB Packet Storm