Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209671	5.4	警告	independent	-	Android 用 i Newspaper アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7085	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209672	5.4	警告	ireadercity	-	Android 用 Hesheng 80 アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7084	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209673	5.4	警告	jiujik	-	Android 用 Jiu Jik アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7083	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209674	5.4	警告	imapp	-	Android 用 No Disturb アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7082	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209675	5.4	警告	sigong ebook project	-	Android 用 Sigong ebook アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7080	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209676	5.4	警告	cybird	-	Android 用 Romeo and Juliet アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7079	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209677	5.4	警告	payoneer sign up project	-	Android 用 Payoneer Sign Up アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7078	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209678	5.4	警告	gcefcu	-	Android 用 Gulf Coast Educators FCU アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7077	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209679	5.4	警告	Magzter Inc.	-	Android 用 Sanctuary Asia アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7076	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209680	5.4	警告	happycloud	-	Android 用 HAPPY アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7075	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252721	4.3	MEDIUM Network	gitlab	gitlab	Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauth…	CWE-863 Incorrect Authorization	CVE-2024-8974	2024-10-5 02:30	2024-09-27	Show	GitHub Exploit DB Packet Storm

252722	7.5	HIGH Network	ays-pro	chatgpt_assistant	The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2024-7713	2024-10-5 02:28	2024-09-27	Show	GitHub Exploit DB Packet Storm

252723	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msg_id before processing transcation [WHY & HOW] HDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is…	CWE-129 Improper Validation of Array Index	CVE-2024-46814	2024-10-5 02:27	2024-09-27	Show	GitHub Exploit DB Packet Storm

252724	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index a…	CWE-129 Improper Validation of Array Index	CVE-2024-46818	2024-10-5 02:18	2024-09-27	Show	GitHub Exploit DB Packet Storm

252725	7.2	HIGH Network	givewp	givewp	The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.16.1 due to insu…	CWE-89 SQL Injection	CVE-2024-9130	2024-10-5 02:18	2024-09-27	Show	GitHub Exploit DB Packet Storm

252726	9.8	CRITICAL Network	tendacn	g3_firmware	Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.	CWE-78 OS Command	CVE-2024-46628	2024-10-5 02:18	2024-09-27	Show	GitHub Exploit DB Packet Storm

252727	6.1	MEDIUM Network	ninjaforms	ninja_forms	The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privileg…	CWE-79 Cross-site Scripting	CVE-2024-7354	2024-10-5 02:16	2024-09-2	Show	GitHub Exploit DB Packet Storm

252728	6.1	MEDIUM Network	projectcaruso	flaming_forms	The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against administrators.	CWE-79 Cross-site Scripting	CVE-2024-7691	2024-10-5 02:15	2024-09-2	Show	GitHub Exploit DB Packet Storm

252729	7.5	HIGH Network	oceanicsoft	valeapp	Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-8644	2024-10-5 02:14	2024-09-27	Show	GitHub Exploit DB Packet Storm

252730	9.8	CRITICAL Network	oceanicsoft	valeapp	Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking.This issue affects ValeApp: before v2.0.0.	CWE-384 Session Fixation	CVE-2024-8643	2024-10-5 02:14	2024-09-27	Show	GitHub Exploit DB Packet Storm