Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
215271	5.4	警告	informaciondelvaticano	-	Android 用 Noticias del Vaticano アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7742	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215272	5.4	警告	almasiapps	-	Android 用 Healing Bookstore アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7741	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215273	5.4	警告	pocketmags	-	Android 用 Pony Magazine アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7740	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215274	5.4	警告	deceiver	-	Android 用 Anahi A Adopter FR アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7739	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215275	5.4	警告	fmac	-	Android 用 FMAC : Federation Culinaire アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7737	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215276	5.4	警告	2rv	-	Android 用 Dr. Sheikh Adnan Ibrahim アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7735	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215277	5.4	警告	onesolutionapps	-	Android 用 Reds Anytime Bail アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7734	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215278	5.4	警告	Magzter Inc.	-	Android 用 Karaf Magazin アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7733	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215279	5.4	警告	radio de la cato project	-	Android 用 Radio de la Cato アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7731	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

215280	5.4	警告	civitasmedia	-	Android 用 Logan Banner アプリケーションにおけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2014-7728	2014-12-17 09:57	2014-09-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
293371	-	apache	mod_dontdothat subversion	The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a den…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4505	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293372	-	supmua	sup	lib/sup/message_chunks.rb in Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the content_type of an email attachment.	CWE-94 Code Injection	CVE-2013-4479	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293373	-	supmua	sup	Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment.	CWE-94 Code Injection	CVE-2013-4478	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293374	-	steven_jones	context	The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support t…	CWE-94 Code Injection	CVE-2013-4446	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293375	-	steven_jones	context	The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2013-4445	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293376	-	apache	roller	Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated b…	CWE-94 Code Injection	CVE-2013-4212	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293377	-	apache	roller	Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the search results in the (1) RS…	CWE-79 Cross-site Scripting	CVE-2013-4171	2024-11-21 10:55	2013-12-8	Show	GitHub Exploit DB Packet Storm

293378	-	i18n_project	i18n	Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationDa…	CWE-79 Cross-site Scripting	CVE-2013-4492	2024-11-21 10:55	2013-12-7	Show	GitHub Exploit DB Packet Storm

293379	-	rubyonrails	rails ruby_on_rails	Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/translation_helper.rb in the internationalization component in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allo…	CWE-79 Cross-site Scripting	CVE-2013-4491	2024-11-21 10:55	2013-12-7	Show	GitHub Exploit DB Packet Storm

293380	-	jahia	jahia_xcm	Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM 6.6.1.0 before hotfix 7 allow remote attackers to inject arbitrary web script or HTML via (1) the site parameter to engines/manager.js…	CWE-79 Cross-site Scripting	CVE-2013-4624	2024-11-21 10:55	2013-11-28	Show	GitHub Exploit DB Packet Storm