Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
209801 5.4 警告 civitasmedia - Android 用 Mt. Airy News アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6950 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209802 5.4 警告 fotoschilenas - Android 用 Akne Ernahrung アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6949 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209803 5.4 警告 th3professional - Android 用 TH3 professional Al Mohtarif アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6948 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209804 5.4 警告 iversemedia - Android 用 Archie Comics アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6947 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209805 5.4 警告 misterpark - Android 用 Re:kyu アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6946 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209806 5.4 警告 dakshaa - Android 用 Neeku Naaku Dash Dash アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6945 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209807 5.4 警告 mitfahrgelegenheit - Android 用 mitfahrgelegenheit.at アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6944 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209808 5.4 警告 koenigsleiten77 - Android 用 Konigsleiten アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6943 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209809 5.4 警告 automon - Android 用 Alisha Marie (Unofficial) アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6942 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
209810 5.4 警告 nos - Android 用 NOS Alive アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6941 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
252131 8.8 HIGH
Network 		deltaww diaenergie Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product. CWE-89
SQL Injection 		CVE-2024-42417 2024-10-9 00:43 2024-10-4 Show GitHub Exploit DB Packet Storm
252132 9.8 CRITICAL
Network 		draytek vigor3912_firmware
vigor2962_firmware
vigor3910_firmware
vigor165_firmware
vigor1000b_firmware
vigor166_firmware
vigor2135_firmware
vigor2763_firmware
vigor2765_firmware
vi… 		DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ft_payload_dns(), because a byte sign-extension operation occurs for the length argument of… CWE-787
 Out-of-bounds Write 		CVE-2024-41593 2024-10-9 00:35 2024-10-4 Show GitHub Exploit DB Packet Storm
252133 6.1 MEDIUM
Network 		draytek vigor2620_firmware
vigor2915_firmware
vigor2866_firmware
vigor2766_firmware
vigor2865_firmware
vigor2765_firmware
vigor2763_firmware
vigor2135_firmware
vigor166_firmware
vi… 		DrayTek Vigor3910 devices through 4.3.2.6 allow unauthenticated DOM-based reflected XSS. CWE-79
Cross-site Scripting 		CVE-2024-41591 2024-10-9 00:34 2024-10-4 Show GitHub Exploit DB Packet Storm
252134 6.1 MEDIUM
Network 		cozmoslabs membership_\&_content_restriction_-_paid_member_subscriptions The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a… CWE-79
Cross-site Scripting 		CVE-2024-9222 2024-10-9 00:34 2024-10-2 Show GitHub Exploit DB Packet Storm
252135 6.1 MEDIUM
Network 		ibericode mailchimp_top_bar The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in… CWE-79
Cross-site Scripting 		CVE-2024-9210 2024-10-9 00:34 2024-10-2 Show GitHub Exploit DB Packet Storm
252136 8.8 HIGH
Network 		cisco nexus_dashboard_fabric_controller A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with low privileges to execute arbitrary code on an affected device. This vulnerabil… CWE-22
Path Traversal 		CVE-2024-20449 2024-10-9 00:33 2024-10-3 Show GitHub Exploit DB Packet Storm
252137 6.1 MEDIUM
Network 		themegrill magazine_blocks The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us… CWE-79
Cross-site Scripting 		CVE-2024-9218 2024-10-9 00:33 2024-10-2 Show GitHub Exploit DB Packet Storm
252138 5.4 MEDIUM
Network 		draytek vigor3910_firmware
vigor3912_firmware
vigor2962_firmware
vigor165_firmware
vigor1000b_firmware
vigor166_firmware
vigor2135_firmware
vigor2763_firmware
vigor2765_firmware
vi… 		Stored XSS, by authenticated users, is caused by poor sanitization of the Login Page Greeting message in DrayTek Vigor310 devices through 4.3.2.6. CWE-79
Cross-site Scripting 		CVE-2024-41587 2024-10-9 00:32 2024-10-4 Show GitHub Exploit DB Packet Storm
252139 7.5 HIGH
Network 		draytek vigor2620_firmware
vigor2915_firmware
vigor2866_firmware
vigor2766_firmware
vigor2865_firmware
vigor2765_firmware
vigor2763_firmware
vigor2135_firmware
vigor166_firmware
vi… 		An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive information because the httpd server of the Vigor management UI uses a static string for seeding the PRNG o… CWE-326
Inadequate Encryption Strength 		CVE-2024-41594 2024-10-9 00:31 2024-10-4 Show GitHub Exploit DB Packet Storm
252140 5.5 MEDIUM
Network 		cisco nexus_dashboard_fabric_controller A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center Network Manager (DCNM), could allow an authenticated, remote attacker with network-admin privileges to pe… CWE-88
Argument Injection 		CVE-2024-20444 2024-10-9 00:26 2024-10-3 Show GitHub Exploit DB Packet Storm