Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209931	5.4	警告	core-apps	-	Android 用 OHBM 20th Annual Meeting アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6818	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209932	5.4	警告	covechurch	-	Android 用 Cove アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6817	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209933	5.4	警告	lvtu99	-	Android 用 WISDOM アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6816	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209934	5.4	警告	voucherry	-	Android 用 Vouch! アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6815	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209935	5.4	警告	sentinels randomizer project	-	Android 用 Sentinels Randomizer アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6814	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209936	5.4	警告	klassens project	-	Android 用 klassens アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6813	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209937	5.4	警告	qmania	-	Android 用 Aloha Guide アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6812	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209938	5.4	警告	core-apps	-	Android 用 RIMS 2014 Annual Conference アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6810	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209939	5.4	警告	active 24 project	-	Android 用 Active 24 アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6808	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

209940	5.4	警告	olaschool	-	Android 用 OLA School アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-6807	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 22, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
252461	6.1	MEDIUM Network	contempo	pdf_image_generator	The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includi…	CWE-79 Cross-site Scripting	CVE-2024-9241	2024-10-8 03:51	2024-10-1	Show	GitHub Exploit DB Packet Storm

252462	9.8	CRITICAL Network	coderevolution	echo_rss_feed_post_generator	The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles t…	NVD-CWE-noinfo	CVE-2024-9265	2024-10-8 03:48	2024-10-1	Show	GitHub Exploit DB Packet Storm

252463	7.8	HIGH Local	autodesk	navisworks	A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensit…	CWE-125 Out-of-bounds Read	CVE-2024-7670	2024-10-8 03:43	2024-10-1	Show	GitHub Exploit DB Packet Storm

252464	7.8	HIGH Local	autodesk	navisworks	A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sen…	CWE-787 Out-of-bounds Write	CVE-2024-7672	2024-10-8 03:35	2024-10-1	Show	GitHub Exploit DB Packet Storm

252465	7.8	HIGH Local	autodesk	navisworks	A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitra…	CWE-416 Use After Free	CVE-2024-7675	2024-10-8 03:34	2024-10-1	Show	GitHub Exploit DB Packet Storm

252466	7.8	HIGH Local	autodesk	navisworks	A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or e…	CWE-787 Out-of-bounds Write	CVE-2024-7674	2024-10-8 03:34	2024-10-1	Show	GitHub Exploit DB Packet Storm

252467	7.8	HIGH Local	autodesk	navisworks	A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or ex…	CWE-787 Out-of-bounds Write	CVE-2024-7673	2024-10-8 03:34	2024-10-1	Show	GitHub Exploit DB Packet Storm

252468	7.8	HIGH Local	autodesk	navisworks	A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write se…	CWE-787 Out-of-bounds Write	CVE-2024-7671	2024-10-8 03:34	2024-10-1	Show	GitHub Exploit DB Packet Storm

252469	9.8	CRITICAL Network	redefiningtheweb	affiliate_pro	The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. This is due to the rtwwwap_login_request_callbac…	CWE-306 Missing Authentication for Critical Function	CVE-2024-9289	2024-10-8 03:25	2024-10-1	Show	GitHub Exploit DB Packet Storm

252470	7.4	HIGH Adjacent	cisco	ios_xr	A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause …	NVD-CWE-noinfo	CVE-2024-20406	2024-10-8 02:56	2024-09-12	Show	GitHub Exploit DB Packet Storm