Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217751 5.4 警告 AOL - Android 用 DailyFinance - Stocks & News アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5570 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217752 5.4 警告 Animoca - Android 用 Star Girl アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5569 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217753 5.4 警告 MDickie - Android 用 Hard Time アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5558 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217754 5.4 警告 US Census Bureau - Android 用 America's Economy for Phone アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5557 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217755 5.4 警告 AndroKera - Android 用 Las Vegas Lottery Scratch Off アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5568 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217756 5.4 警告 appsdeve - Android 用 hasb_e_haal アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5567 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217757 5.4 警告 Fly Fishing and Fly Tying magazine - Android 用 Fly Fishing & Fly Tying アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5556 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217758 5.4 警告 ilaz hoxha - Android 用 Sprint jump アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5545 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217759 5.4 警告 i Learn With - Kids Educational Game - Android 用 Animals! Kids Preschool Games アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5550 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
217760 5.4 警告 FreshPlanet - Android 用 SongPop アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-5544 2014-09-17 17:15 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
297201 9.8 CRITICAL
Network 		apache hadoop Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easier for context-depen… CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2012-4449 2024-11-21 10:42 2017-10-31 Show GitHub Exploit DB Packet Storm
297202 6.1 MEDIUM
Network 		mediawiki mediawiki Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web s… CWE-79
Cross-site Scripting 		CVE-2012-4378 2024-11-21 10:42 2017-10-27 Show GitHub Exploit DB Packet Storm
297203 6.1 MEDIUM
Network 		mediawiki mediawiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image. CWE-79
Cross-site Scripting 		CVE-2012-4377 2024-11-21 10:42 2017-10-27 Show GitHub Exploit DB Packet Storm
297204 4.9 MEDIUM
Network 		mediawiki mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt. CWE-200
Information Exposure 		CVE-2012-4382 2024-11-21 10:42 2017-10-20 Show GitHub Exploit DB Packet Storm
297205 7.5 HIGH
Network 		mediawiki mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors. CWE-284
Improper Access Control 		CVE-2012-4380 2024-11-21 10:42 2017-10-20 Show GitHub Exploit DB Packet Storm
297206 6.5 MEDIUM
Network 		mediawiki mediawiki MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response i… CWE-284
Improper Access Control 		CVE-2012-4379 2024-11-21 10:42 2017-10-20 Show GitHub Exploit DB Packet Storm
297207 - group-office groupoffice SQL injection vulnerability in modules/calendar/json.php in Group-Office community before 4.0.90 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter. CWE-89
SQL Injection 		CVE-2012-4240 2024-11-21 10:42 2014-09-11 Show GitHub Exploit DB Packet Storm
297208 - phorum phorum Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via … CWE-79
Cross-site Scripting 		CVE-2012-4234 2024-11-21 10:42 2014-09-4 Show GitHub Exploit DB Packet Storm
297209 - qpw.famvanakkeren quick_post_widget Multiple cross-site scripting (XSS) vulnerabilities in Quick Post Widget plugin 1.9.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Title, (2) Content, or (3… CWE-79
Cross-site Scripting 		CVE-2012-4226 2024-11-21 10:42 2014-09-3 Show GitHub Exploit DB Packet Storm
297210 - microcart_project microcart Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or (2) query string to _admin/index.php or (3)… CWE-79
Cross-site Scripting 		CVE-2012-4241 2024-11-21 10:42 2014-08-13 Show GitHub Exploit DB Packet Storm