Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209361	5.4	警告	verkehrsmuseum-dresden	-	Android 用 Dresden Transport Museum アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7655	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209362	5.4	警告	magicam photo magic editor project	-	Android 用 Magicam Photo Magic Editor アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7652	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209363	5.4	警告	ashok88	-	Android 用 JJA- Juvenile Justice Act 1986 アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7650	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209364	5.4	警告	pocketmags	-	Android 用 Classic Car Buyer アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7649	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209365	5.4	警告	ip-phone-smart	-	Android 用 SMARTalk アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7648	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209366	5.4	警告	mygoodhotels	-	Android 用 BOOKING DISCOUNT アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7647	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209367	5.4	警告	buzztouch	-	Android 用 EMT-Paramedic Lite アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7646	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209368	5.4	警告	doapps	-	Android 用 Go MSX MLS アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7644	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209369	5.4	警告	crgroup-lb	-	Android 用 C.R. Group アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7643	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209370	5.4	警告	pegasus airlines project	-	Android 用 Pegasus Airlines アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7642	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251841	-		-	-	A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies t…	-	CVE-2023-22650	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251842	-		-	-	The BigBlueButton plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the moderator code and viewer code fields in versions up to, and including, 3.0.0-beta.4 due to insufficien…	CWE-79 Cross-site Scripting	CVE-2023-7296	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251843	6.1	MEDIUM Network	-	-	The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.21 due to insufficient input sanitization and out…	CWE-79 Cross-site Scripting	CVE-2023-7295	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251844	-		-	-	The Accordion Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ attribute of an accordion slider in all versions up to, and including, 1.9.11 due to insufficient…	CWE-79 Cross-site Scripting	CVE-2024-9582	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251845	6.5	MEDIUM Network	-	-	The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the edit_users c…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2023-7286	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251846	6.3	MEDIUM Network	-	-	The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce prot…	CWE-862 Missing Authorization	CVE-2022-4974	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251847	8.8	HIGH Network	-	-	The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form a…	CWE-862 Missing Authorization	CVE-2021-4447	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251848	6.3	MEDIUM Network	-	-	The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes i…	CWE-862 Missing Authorization	CVE-2021-4446	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251849	-		-	-	The Product Filter by WooBeWoo plugin for WordPress is vulnerable to authorization bypass in versions up to, and including 1.4.9 due to missing authorization checks on various functions. This makes i…	CWE-862 Missing Authorization	CVE-2021-4444	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

251850	9.8	CRITICAL Network	-	-	The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compiler_save AJAX action. This makes it possible for unauthentic…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-4443	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm