Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209091 6.8 警告 Mikiurl Wordpress Eklentisi project - WordPress 用 Mikiurl Wordpress Eklentisi プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-9337 2014-12-24 14:34 2014-12-9 Show GitHub Exploit DB Packet Storm
209092 6.8 警告 iTwitter project - WordPress 用 iTwitter プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-9336 2014-12-24 14:34 2014-12-9 Show GitHub Exploit DB Packet Storm
209093 6.8 警告 DandyID Services project - WordPress 用 DandyID Services プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2014-9335 2014-12-24 14:34 2014-12-9 Show GitHub Exploit DB Packet Storm
209094 6.5 警告 Sergey Romanenko - Morfy CMS の install.php における config.php に任意の PHP コード を挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-9185 2014-12-24 11:58 2014-12-3 Show GitHub Exploit DB Packet Storm
209095 4.3 警告 Huawei - Huawei P7-L10 スマートフォンの PackageInstaller モジュールにおける元のウェブサイトになりすまされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-9135 2014-12-24 11:49 2014-11-20 Show GitHub Exploit DB Packet Storm
209096 5.8 警告 株式会社 T-MEDIAホールディングス - Android 版 TSUTAYAアプリにおける任意の Java のメソッドが実行される脆弱性 CWE-DesignError
CVE-2014-7241 2014-12-22 17:51 2014-12-18 Show GitHub Exploit DB Packet Storm
209097 2.6 注意 リックソフト株式会社 - WBS ガントチャート for JIRA におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-7268 2014-12-22 17:50 2014-12-18 Show GitHub Exploit DB Packet Storm
209098 4 警告 リックソフト株式会社 - WBS ガントチャート for JIRA におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-7267 2014-12-22 17:49 2014-12-18 Show GitHub Exploit DB Packet Storm
209099 5 警告 Revive Adserver - Revive Adserver の lib/pear/XML/RPC.php の XML_RPC_cd 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-8875 2014-12-22 17:48 2014-08-8 Show GitHub Exploit DB Packet Storm
209100 4.3 警告 Revive Adserver - Revive Adserver の lib/max/Admin/UI/Field/PublisherIdField.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-8793 2014-12-22 17:44 2014-11-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
251411 - - - Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the `transaction_delete_group` function. The vulnerability is due to improper sanitization of user input in the … - CVE-2024-41618 2024-10-30 02:35 2024-10-25 Show GitHub Exploit DB Packet Storm
251412 - - - Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control. The `redirect_if_not_loggedin` function in `functions_security.php` fails to terminate script execution… - CVE-2024-41617 2024-10-30 02:35 2024-10-25 Show GitHub Exploit DB Packet Storm
251413 6.5 MEDIUM
Network 		apple macos
watchos
safari
iphone_os
ipados 		A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Ma… NVD-CWE-noinfo
CVE-2024-44155 2024-10-30 02:34 2024-10-29 Show GitHub Exploit DB Packet Storm
251414 5.5 MEDIUM
Local 		apple watchos
tvos
iphone_os
ipados
macos 		A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 and … CWE-120
Classic Buffer Overflow 		CVE-2024-44144 2024-10-30 02:34 2024-10-29 Show GitHub Exploit DB Packet Storm
251415 5.4 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings CWE-79
Cross-site Scripting 		CVE-2024-50577 2024-10-30 02:18 2024-10-28 Show GitHub Exploit DB Packet Storm
251416 5.4 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest CWE-79
Cross-site Scripting 		CVE-2024-50576 2024-10-30 02:18 2024-10-28 Show GitHub Exploit DB Packet Storm
251417 6.1 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API CWE-79
Cross-site Scripting 		CVE-2024-50575 2024-10-30 02:18 2024-10-28 Show GitHub Exploit DB Packet Storm
251418 7.5 HIGH
Network 		informatik.hu-berlin flair A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loade… CWE-94
Code Injection 		CVE-2024-10073 2024-10-30 02:18 2024-10-18 Show GitHub Exploit DB Packet Storm
251419 5.4 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag CWE-79
Cross-site Scripting 		CVE-2024-50581 2024-10-30 02:17 2024-10-28 Show GitHub Exploit DB Packet Storm
251420 5.4 MEDIUM
Network 		jetbrains youtrack In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule CWE-79
Cross-site Scripting 		CVE-2024-50580 2024-10-30 02:17 2024-10-28 Show GitHub Exploit DB Packet Storm