Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209771	5.4	警告	NHN Japan	-	Android 用 LINE PLAY アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6980	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209772	5.4	警告	miway	-	Android 用 MiWay Insurance Ltd アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6979	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209773	5.4	警告	grouperahal	-	Android 用 Karim Rahal Essoulami アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6978	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209774	5.4	警告	chattanoogastate	-	Android 用 eLearn アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6977	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209775	5.4	警告	aeroexpress	-	Android 用 Aeroexpress アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6976	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209776	5.4	警告	twin lin project	-	Android 用 Twin Lin アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6975	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209777	5.4	警告	mifashow	-	Android 用 MifaShow Hairstyles アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6974	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209778	5.4	警告	akronchildrens	-	Android 用 Care4Kids アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6973	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209779	5.4	警告	kazakhstan radio project	-	Android 用 Kazakhstan Radio アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6972	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209780	5.4	警告	easy video downloader project	-	Android 用 Easy Video Downloader アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6971	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 17, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252011	5.4	MEDIUM Network	cisco	nexus_dashboard nexus_dashboard_fabric_controller	A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device. This vulnerability exis…	CWE-862 Missing Authorization	CVE-2024-20477	2024-10-9 01:00	2024-10-3	Show	GitHub Exploit DB Packet Storm

252012	8.2	HIGH Network	synology	drive_client	Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial …	CWE-120 Classic Buffer Overflow	CVE-2023-52946	2024-10-9 00:55	2024-09-26	Show	GitHub Exploit DB Packet Storm

252013	8.6	HIGH Network	cisco	nexus_dashboard_orchestrator nexus_dashboard_insights nexus_dashboard_fabric_controller	A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because …	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-20491	2024-10-9 00:55	2024-10-3	Show	GitHub Exploit DB Packet Storm

252014	9.8	CRITICAL Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the target…	CWE-89 SQL Injection	CVE-2024-43699	2024-10-9 00:44	2024-10-4	Show	GitHub Exploit DB Packet Storm

252015	8.8	HIGH Network	deltaww	diaenergie	Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.	CWE-89 SQL Injection	CVE-2024-42417	2024-10-9 00:43	2024-10-4	Show	GitHub Exploit DB Packet Storm

252016	9.8	CRITICAL Network	draytek	vigor3912_firmware vigor2962_firmware vigor3910_firmware vigor165_firmware vigor1000b_firmware vigor166_firmware vigor2135_firmware vigor2763_firmware vigor2765_firmware vi…	DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of…	CWE-787 Out-of-bounds Write	CVE-2024-41593	2024-10-9 00:35	2024-10-4	Show	GitHub Exploit DB Packet Storm

252017	6.1	MEDIUM Network	draytek	vigor2620_firmware vigor2915_firmware vigor2866_firmware vigor2766_firmware vigor2865_firmware vigor2765_firmware vigor2763_firmware vigor2135_firmware vigor166_firmware vi…	DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS.	CWE-79 Cross-site Scripting	CVE-2024-41591	2024-10-9 00:34	2024-10-4	Show	GitHub Exploit DB Packet Storm

252018	6.1	MEDIUM Network	cozmoslabs	membership_\&_content_restriction_-_paid_member_subscriptions	The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…	CWE-79 Cross-site Scripting	CVE-2024-9222	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

252019	6.1	MEDIUM Network	ibericode	mailchimp_top_bar	The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-9210	2024-10-9 00:34	2024-10-2	Show	GitHub Exploit DB Packet Storm

252020	8.8	HIGH Network	cisco	nexus_dashboard_fabric_controller	A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil…	CWE-22 Path Traversal	CVE-2024-20449	2024-10-9 00:33	2024-10-3	Show	GitHub Exploit DB Packet Storm