Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
224261 3 注意 TOSHIBA Global Commerce Solutions, Inc. - Toshiba 4690 Operating System に脆弱性 CWE-Other
その他
CVE-2014-0361 2014-04-28 18:21 2014-04-21 Show GitHub Exploit DB Packet Storm
224262 6.8 警告 DDSN Interactive - DDSN Interactive cm3 Acora CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2013-4726 2014-04-28 18:15 2013-08-26 Show GitHub Exploit DB Packet Storm
224263 5.8 警告 DDSN Interactive - DDSN Interactive cm3 Acora CMS におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認
CVE-2013-4723 2014-04-28 18:14 2013-08-26 Show GitHub Exploit DB Packet Storm
224264 4.3 警告 DDSN Interactive - DDSN Interactive cm3 Acora CMS の Admin/login/default.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-4722 2014-04-28 18:14 2013-08-26 Show GitHub Exploit DB Packet Storm
224265 4 警告 東芝テック - 東芝テック製 e-Studio シリーズにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2014-1990 2014-04-28 18:07 2014-04-18 Show GitHub Exploit DB Packet Storm
224266 4.3 警告 LYSESOFT - AndExplorer におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2014-1974 2014-04-28 18:05 2014-04-18 Show GitHub Exploit DB Packet Storm
224267 7.1 危険 サイボウズ - サイボウズ リモートサービスマネージャーにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2014-1983 2014-04-28 17:59 2014-04-18 Show GitHub Exploit DB Packet Storm
224268 5.8 警告 サイボウズ - サイボウズ リモートサービスマネージャーにおけるセッション固定の脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-1984 2014-04-28 17:58 2014-04-18 Show GitHub Exploit DB Packet Storm
224269 4.3 警告 Ushahidi - Ushahidi Platform におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2013-2025 2014-04-28 17:51 2013-05-1 Show GitHub Exploit DB Packet Storm
224270 3.5 注意 Episerver - Ektron CMS の content.aspx におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2014-2729 2014-04-28 17:42 2014-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277611 9.8 CRITICAL
Network
visser store_exporter_for_woocommerce The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-10935 2024-11-21 11:45 2019-08-27 Show GitHub Exploit DB Packet Storm
277612 6.1 MEDIUM
Network
check_email_project check_email The check-email plugin before 0.5.2 for WordPress has XSS. CWE-79
Cross-site Scripting
CVE-2016-10934 2024-11-21 11:45 2019-08-27 Show GitHub Exploit DB Packet Storm
277613 5.9 MEDIUM
Network
portaudio_project portaudio An issue was discovered in the portaudio crate through 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP. CWE-254
 7PK - Security Features
CVE-2016-10933 2024-11-21 11:45 2019-08-26 Show GitHub Exploit DB Packet Storm
277614 4.8 MEDIUM
Network
hyper hyper An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-middle vulnerability because hostname verification was omitted. CWE-254
 7PK - Security Features
CVE-2016-10932 2024-11-21 11:45 2019-08-26 Show GitHub Exploit DB Packet Storm
277615 8.1 HIGH
Network
rust-openssl_project rust-openssl An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for host… CWE-295
Improper Certificate Validation 
CVE-2016-10931 2024-11-21 11:45 2019-08-26 Show GitHub Exploit DB Packet Storm
277616 5.3 MEDIUM
Network
advanced_ajax_page_loader_project advanced_ajax_page_loader The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in. CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-10929 2024-11-21 11:45 2019-08-23 Show GitHub Exploit DB Packet Storm
277617 7.5 HIGH
Network
onelogin onelogin_saml_sso The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users. CWE-798
 Use of Hard-coded Credentials
CVE-2016-10928 2024-11-21 11:45 2019-08-23 Show GitHub Exploit DB Packet Storm
277618 9.8 CRITICAL
Network
wpsupportplus wp_support_plus_responsive_ticket_system The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number. CWE-20
 Improper Input Validation 
CVE-2016-10930 2024-11-21 11:45 2019-08-23 Show GitHub Exploit DB Packet Storm
277619 10.0 CRITICAL
Network
neliosoftware nelio_ab_testing The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2016-10927 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm
277620 10.0 CRITICAL
Network
neliosoftware nelio_ab_testing The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2016-10926 2024-11-21 11:45 2019-08-22 Show GitHub Exploit DB Packet Storm