Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228891	4	警告	株式会社マインド	-	MosP勤怠管理システムにおけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-4020	2012-11-2 12:00	2012-11-2	Show	GitHub Exploit DB Packet Storm

228892	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-4261	2012-11-1 17:42	2011-11-18	Show	GitHub Exploit DB Packet Storm

228893	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4258	2012-11-1 17:39	2011-11-18	Show	GitHub Exploit DB Packet Storm

228894	10	危険	リアルネットワークス	-	RealNetworks RealPlayer および Mac RealPlayer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4256	2012-11-1 17:37	2011-11-18	Show	GitHub Exploit DB Packet Storm

228895	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の RV10 コーデックにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4252	2012-11-1 17:34	2011-11-18	Show	GitHub Exploit DB Packet Storm

228896	10	危険	リアルネットワークス	-	RealNetworks RealPlayer の ATRC コーデックにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2011-4250	2012-11-1 17:21	2011-11-18	Show	GitHub Exploit DB Packet Storm

228897	10	危険	リアルネットワークス	-	RealNetworks RealPlayer の RV30 コーデックにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-4249	2012-11-1 17:18	2011-11-18	Show	GitHub Exploit DB Packet Storm

228898	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4247	2012-11-1 17:16	2011-11-18	Show	GitHub Exploit DB Packet Storm

228899	10	危険	リアルネットワークス	-	RealNetworks RealPlayer の AAC コーデックにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-4246	2012-11-1 17:13	2011-11-18	Show	GitHub Exploit DB Packet Storm

228900	10	危険	リアルネットワークス	-	RealNetworks RealPlayer の RealVideo レンダラにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-4245	2012-11-1 17:11	2011-11-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
249331	5.4	MEDIUM Network	umbraco	umbraco_cms	A vulnerability was found in Umbraco CMS 12.3.6. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frame?id{} of the component Dashboard. The manipul…	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-10761	2024-11-13 20:15	2024-11-4	Show	GitHub Exploit DB Packet Storm

249332	-		-	-	CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The-Middle attack…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2024-8938	2024-11-13 14:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249333	-		-	-	CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a potential arbitrary code execution after a successful Man-In-The Middle attack…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2024-8937	2024-11-13 14:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249334	-		-	-	CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory after a successful Man-In-The-Middle attack followed by sending a crafted Modbus…	CWE-20 Improper Input Validation	CVE-2024-8936	2024-11-13 14:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249335	-		-	-	CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attac…	CWE-290 Authentication Bypass by Spoofing	CVE-2024-8935	2024-11-13 14:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249336	-		-	-	CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause retrieval of password hash that could lead to denial of service…	-	CVE-2024-8933	2024-11-13 13:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249337	7.5	HIGH Network	-	-	The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. This makes it possible for unauthenticat…	-	CVE-2024-10816	2024-11-13 13:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249338	5.3	MEDIUM Network	-	-	The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and …	CWE-862 Missing Authorization	CVE-2024-10802	2024-11-13 13:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249339	4.3	MEDIUM Network	-	-	The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.6 via the 'bhf' shortcode due to insufficient res…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-10794	2024-11-13 13:15	2024-11-13	Show	GitHub Exploit DB Packet Storm

249340	7.3	HIGH Network	-	-	The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-10174	2024-11-13 13:15	2024-11-13	Show	GitHub Exploit DB Packet Storm