Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224511	6.8	警告	Crunchify	-	WordPress 用 FourSquare Checkins プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2709	2013-04-30 17:54	2013-04-22	Show	GitHub Exploit DB Packet Storm

224512	6.8	警告	Crunchify	-	WordPress 用 All in One Webmaster プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-2696	2013-04-30 17:52	2013-04-22	Show	GitHub Exploit DB Packet Storm

224513	5	警告	Blink Web Effects	-	WordPress 用 Social Media Widget プラグインにおける任意のファイルのアップロードを強制される脆弱性	CWE-noinfo 情報不足	CVE-2013-1949	2013-04-30 17:51	2013-04-9	Show	GitHub Exploit DB Packet Storm

224514	10	危険	Rob Westgeest	-	Ruby 用 md2pdf gem の converter.rb における任意のコマンドを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-1948	2013-04-30 17:51	2013-04-10	Show	GitHub Exploit DB Packet Storm

224515	9.3	危険	Kelly D. Redding	-	Ruby 用 kelredd-pruview gem における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2013-1947	2013-04-30 17:50	2013-04-4	Show	GitHub Exploit DB Packet Storm

224516	9.3	危険	karteek-docsplit	-	Ruby 用 Karteek Docsplit gem における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2013-1933	2013-04-30 17:49	2013-04-1	Show	GitHub Exploit DB Packet Storm

224517	6.8	警告	Novell plataformatec	-	Ruby 用 Devise gem における不正な結果が返される脆弱性	CWE-399 リソース管理の問題	CVE-2013-0233	2013-04-30 17:48	2013-01-28	Show	GitHub Exploit DB Packet Storm

224518	7.5	危険	Grape Erik Michaels-Ober	-	Grape などの製品で使用される Ruby 用 multi_xml gem におけるオブジェクトインジェクション攻撃を誘発される脆弱性	CWE-20 不適切な入力確認	CVE-2013-0175	2013-04-30 17:43	2013-01-10	Show	GitHub Exploit DB Packet Storm

224519	5	警告	Ruby-lang.org	-	Ruby における safe-level の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4466	2013-04-30 17:29	2012-10-3	Show	GitHub Exploit DB Packet Storm

224520	5	警告	Ruby-lang.org	-	Ruby における safe-level の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4464	2013-04-30 17:25	2012-10-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 16, 2026, 4 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278641	-	tapatalk	tapatalk	Open redirect vulnerability in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin before 1.1.2 for Woltlab Burning Board 4.0 allows remote attackers to redirect users to arbit…	NVD-CWE-Other	CVE-2014-8870	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278642	-	tapatalk	tapatalk	Multiple cross-site scripting (XSS) vulnerabilities in mobiquo/smartbanner/welcome.php in the Tapatalk (com.tapatalk.wbb4) plugin 1.x before 1.1.2 for Woltlab Burning Board 4.0 allow remote attackers…	CWE-79 Cross-site Scripting	CVE-2014-8869	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278643	-	fedoraproject debian gnu canonical	fedora debian_linux binutils ubuntu_linux	The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-8738	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278644	-	corel	fastflick	Multiple untrusted search path vulnerabilities in Corel FastFlick allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) igfxcmrt32.dll, (2) ipl.dll, (3)…	NVD-CWE-Other	CVE-2014-8398	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278645	-	corel	videostudio_pro fastflick	Untrusted search path vulnerability in Corel VideoStudio PRO X7 or FastFlick allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse u32ZLib.dll file that is…	NVD-CWE-Other	CVE-2014-8397	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278646	-	corel	pdf_fusion	Untrusted search path vulnerability in Corel PDF Fusion allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll file that is located in the same …	NVD-CWE-Other	CVE-2014-8396	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278647	-	corel	painter	Untrusted search path vulnerability in Corel Painter 2015 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wacommt.dll file that is located in the sam…	NVD-CWE-Other	CVE-2014-8395	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278648	-	corel	corelcad	Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2…	NVD-CWE-Other	CVE-2014-8394	2024-11-21 11:19	2015-01-16	Show	GitHub Exploit DB Packet Storm

278649	-	opensuse mozilla	opensuse firefox	Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the Open…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2014-8643	2024-11-21 11:19	2015-01-14	Show	GitHub Exploit DB Packet Storm

278650	-	mozilla opensuse	seamonkey opensuse firefox	Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to …	CWE-310 Cryptographic Issues	CVE-2014-8642	2024-11-21 11:19	2015-01-14	Show	GitHub Exploit DB Packet Storm