Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209801	5.4	警告	civitasmedia	-	Android 用 Mt. Airy News アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6950	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209802	5.4	警告	fotoschilenas	-	Android 用 Akne Ernahrung アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6949	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209803	5.4	警告	th3professional	-	Android 用 TH3 professional Al Mohtarif アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6948	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209804	5.4	警告	iversemedia	-	Android 用 Archie Comics アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6947	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209805	5.4	警告	misterpark	-	Android 用 Re:kyu アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6946	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209806	5.4	警告	dakshaa	-	Android 用 Neeku Naaku Dash Dash アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6945	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209807	5.4	警告	mitfahrgelegenheit	-	Android 用 mitfahrgelegenheit.at アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6944	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209808	5.4	警告	koenigsleiten77	-	Android 用 Konigsleiten アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6943	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209809	5.4	警告	automon	-	Android 用 Alisha Marie (Unofficial) アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6942	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209810	5.4	警告	nos	-	Android 用 NOS Alive アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6941	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 18, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252161	6.5	MEDIUM Network	cisco	nexus_dashboard nexus_dashboard_fabric_controller	A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to learn sensitive information on an affected device. This vulnerability…	NVD-CWE-noinfo	CVE-2024-20441	2024-10-8 22:45	2024-10-3	Show	GitHub Exploit DB Packet Storm

252162	6.8	MEDIUM Network	cisco	rv042_firmware rv042g_firmware rv320_firmware rv325_firmware	A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an un…	CWE-787 Out-of-bounds Write	CVE-2024-20516	2024-10-8 22:44	2024-10-3	Show	GitHub Exploit DB Packet Storm

252163	8.8	HIGH Network	mi	ax9000_firmware	The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This vulnerability is caused by the lack of input filtering, allowing an attacker to exploit it to obtain root acce…	CWE-77 Command Injection	CVE-2023-26315	2024-10-8 19:15	2024-08-26	Show	GitHub Exploit DB Packet Storm

252164	4.8	MEDIUM Network	expresstech	quiz_and_survey_master	The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Sc…	CWE-79 Cross-site Scripting	CVE-2024-8758	2024-10-8 06:35	2024-09-23	Show	GitHub Exploit DB Packet Storm

252165	6.1	MEDIUM Network	seopress	seopress	The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versi…	CWE-79 Cross-site Scripting	CVE-2024-9225	2024-10-8 05:24	2024-10-2	Show	GitHub Exploit DB Packet Storm

252166	9.8	CRITICAL Network	code-projects	restaurant_reservation_system	A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The …	CWE-89 SQL Injection	CVE-2024-9429	2024-10-8 05:15	2024-10-2	Show	GitHub Exploit DB Packet Storm

252167	6.1	MEDIUM Network	icopydoc	yml_for_yandex_market	The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitizat…	CWE-79 Cross-site Scripting	CVE-2024-9378	2024-10-8 05:15	2024-10-2	Show	GitHub Exploit DB Packet Storm

252168	4.8	MEDIUM Network	redhat	build_of_keycloak	A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds (default). Instead of expiring and deemed unusable around 3…	CWE-324 Use of a Key Past its Expiration Date	CVE-2024-7318	2024-10-8 05:15	2024-09-10	Show	GitHub Exploit DB Packet Storm

252169	5.4	MEDIUM Network	cisco	nexus_dashboard_fabric_controller nexus_dashboard	A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an affected device. Thi…	CWE-862 Missing Authorization	CVE-2024-20442	2024-10-8 05:11	2024-10-3	Show	GitHub Exploit DB Packet Storm

252170	5.4	MEDIUM Network	vowelweb	ibtana	The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all vers…	CWE-79 Cross-site Scripting	CVE-2024-8282	2024-10-8 05:11	2024-10-2	Show	GitHub Exploit DB Packet Storm