Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223331	10	危険	アップル	-	Apple OS X の WindowServer におけるサンドボックス保護メカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2014-1314	2014-04-24 15:52	2014-04-22	Show	GitHub Exploit DB Packet Storm

223332	6.8	警告	アップル	-	複数の Apple 製品の Secure Transport における重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2014-1295	2014-04-24 15:51	2014-04-22	Show	GitHub Exploit DB Packet Storm

223333	6.8	警告	CubeCart Limited	-	CubeCar における Web セッションをハイジャックされる脆弱性	CWE-287 不適切な認証	CVE-2014-2341	2014-04-24 11:42	2014-04-10	Show	GitHub Exploit DB Packet Storm

223334	6.4	警告	pimcore	-	pimcore の Pimcore_Tool_Newsletter モジュールにおける PHP オブジェクトインジェクション攻撃を実行される脆弱性	CWE-20 不適切な入力確認	CVE-2014-2922	2014-04-24 10:22	2014-04-11	Show	GitHub Exploit DB Packet Storm

223335	7.5	危険	pimcore	-	pimcore の Pimcore_Tool_Newsletter モジュールにおける PHP オブジェクトインジェクション攻撃を実行される脆弱性	CWE-94 コード・インジェクション	CVE-2014-2921	2014-04-24 10:21	2014-04-11	Show	GitHub Exploit DB Packet Storm

223336	4	警告	MediaWiki	-	MediaWiki の includes/specials/SpecialChangePassword.php における重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2014-2665	2014-04-23 20:02	2014-03-28	Show	GitHub Exploit DB Packet Storm

223337	4	警告	Mozilla Foundation	-	Bugzilla のログインフォームにおける重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2014-1517	2014-04-23 20:00	2014-04-17	Show	GitHub Exploit DB Packet Storm

223338	5	警告	シーメンス	-	Siemens SINEMA サーバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-2733	2014-04-23 19:56	2014-04-15	Show	GitHub Exploit DB Packet Storm

223339	5	警告	シーメンス	-	Siemens SINEMA サーバにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-2732	2014-04-23 19:55	2014-04-15	Show	GitHub Exploit DB Packet Storm

223340	9.3	危険	シーメンス	-	Siemens SINEMA サーバの統合 Web サーバにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2014-2731	2014-04-23 19:55	2014-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
277141	6.5	MEDIUM Network	slidervilla	testimonial_slider	The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS.	CWE-352 Origin Validation Error	CVE-2015-9417	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277142	6.1	MEDIUM Network	onthegosystems	sitepress-multilingual-cms	The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.	CWE-79 Cross-site Scripting	CVE-2015-9416	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277143	7.5	HIGH Network	angrycreative	bj_lazy_load	The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion.	CWE-20 Improper Input Validation	CVE-2015-9415	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277144	6.1	MEDIUM Network	wpsymposiumpro	wp-symposium	The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter.	CWE-79 Cross-site Scripting	CVE-2015-9414	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277145	6.5	MEDIUM Network	eshop_project	eshop	The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php?page=eshop-downloads.php title parameter.	CWE-352 Origin Validation Error	CVE-2015-9413	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277146	6.1	MEDIUM Network	royal-slider_project	royal-slider	The Royal-Slider plugin before 3.2.7 for WordPress has XSS via the rstype parameter.	CWE-79 Cross-site Scripting	CVE-2015-9412	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277147	6.1	MEDIUM Network	gopostmatic	replyable	The Postmatic plugin before 1.4.6 for WordPress has XSS.	CWE-79 Cross-site Scripting	CVE-2015-9411	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277148	5.4	MEDIUM Network	blubrry	powerpress	The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter.	CWE-79 Cross-site Scripting	CVE-2015-9410	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277149	6.5	MEDIUM Network	alo-easymail_project	alo-easymail	The alo-easymail plugin before 2.6.01 for WordPress has CSRF with resultant XSS in pages/alo-easymail-admin-options.php.	CWE-352 Origin Validation Error	CVE-2015-9409	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

277150	7.5	HIGH Network	mtheme-unus_project	mtheme-unus	Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. (dot dot) in the files parameter to css/css.php.	CWE-22 Path Traversal	CVE-2015-9406	2024-11-21 11:40	2019-09-21	Show	GitHub Exploit DB Packet Storm