Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
214471 5 警告 Mozilla Foundation - Android 上で稼動する Mozilla Firefox におけるアドレスバーを偽装される脆弱性 CWE-noinfo
情報不足 		CVE-2014-1527 2014-05-1 19:35 2014-04-29 Show GitHub Exploit DB Packet Storm
214472 5.8 警告 Mozilla Foundation - Mozilla Firefox および SeaMonkey の XrayWrapper 実装におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1526 2014-05-1 19:28 2014-04-29 Show GitHub Exploit DB Packet Storm
214473 9.3 危険 Mozilla Foundation - Mozilla Firefox および SeaMonkey の mozilla::dom::TextTrack::AddCue 関数における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-1525 2014-05-1 19:12 2014-04-29 Show GitHub Exploit DB Packet Storm
214474 10 危険 Mozilla Foundation - Mozilla Firefox および SeaMonkey の Web Audio サブシステムの mozilla::dom::OscillatorNodeEngine::ComputeCustom 関数における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2014-1522 2014-05-1 18:38 2014-04-29 Show GitHub Exploit DB Packet Storm
214475 6.9 警告 Mozilla Foundation - Windows 上で稼働する Mozilla Firefox の Maintenance Service Installer の maintenservice_installer.exe における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1520 2014-05-1 18:35 2014-04-29 Show GitHub Exploit DB Packet Storm
214476 10 危険 Mozilla Foundation - Mozilla Firefox および SeaMonkey のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-1519 2014-05-1 18:29 2014-04-29 Show GitHub Exploit DB Packet Storm
214477 4.3 警告 Digital Junkies - dompdf の dompdf.php における chroot の保護を回避される脆弱性 CWE-200
情報漏えい 		CVE-2014-2383 2014-05-1 18:18 2014-03-11 Show GitHub Exploit DB Packet Storm
214478 4.3 警告 VideoWhisper.com - Drupal 用 VideoWhisper Webcam プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2715 2014-05-1 18:10 2014-04-25 Show GitHub Exploit DB Packet Storm
214479 6.8 警告 Ubercart - Drupal 用 Ubercart モジュールにおける Web セッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2013-7302 2014-05-1 18:09 2013-12-17 Show GitHub Exploit DB Packet Storm
214480 4.3 警告 Gizra - Drupal 用 Entity reference モジュールにおけるプライベートノードのタイトルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-7066 2014-05-1 18:08 2013-11-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
381 4.3 MEDIUM
Network 		- - OpenClaw before 2026.4.20 contains a scope enforcement bypass vulnerability in the assistant-media route that allows trusted-proxy callers without operator.read scope to access protected assistant-me… New CWE-863
 Incorrect Authorization 		CVE-2026-41908 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
382 5.3 MEDIUM
Adjacent 		- - OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry to a back-end/collector over gRPC or HTTP using OpenTelemetry Protocol format (OTLP), if t… New CWE-789
 Memory Allocation with Excessive Size Value 		CVE-2026-40182 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
383 5.4 MEDIUM
Network 		- - OpenClaw before 2026.4.20 contains an improper authorization vulnerability in paired-device pairing management that allows limited-scope sessions to enumerate and act on pairing requests. Attackers w… New CWE-863
 Incorrect Authorization 		CVE-2026-41909 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
384 - - - TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in de… New CWE-1394
 Use of Default Cryptographic Key 		CVE-2026-5039 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
385 6.5 MEDIUM
Network 		- - An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the ttlWay parameter to /cgi-bin/cstecgi.cgi. New CWE-77
Command Injection 		CVE-2026-31162 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
386 6.5 MEDIUM
Network 		- - An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the dhcpMtu parameter to /cgi-bin/cstecgi.cgi. New CWE-77
Command Injection 		CVE-2026-31163 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
387 6.5 MEDIUM
Network 		- - An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the hour parameter to /cgi-bin/cstecgi.cgi. New CWE-77
Command Injection 		CVE-2026-31166 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
388 6.5 MEDIUM
Network 		- - An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the mode parameter to /cgi-bin/cstecgi.cgi. New CWE-77
Command Injection 		CVE-2026-31167 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
389 6.5 MEDIUM
Network 		- - An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the recHour parameter to /cgi-bin/cstecgi.cgi. New CWE-77
Command Injection 		CVE-2026-31168 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm
390 6.5 MEDIUM
Network 		- - An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the week parameter to /cgi-bin/cstecgi.cgi. New CWE-77
Command Injection 		CVE-2026-31169 2026-04-24 23:41 2026-04-24 Show GitHub Exploit DB Packet Storm