Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 19, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251241 5.8 警告 AnGuanJia - Android 用 AnGuanJia における SMS/MMS メッセージおよび連絡先リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4773 2012-01-27 15:07 2012-01-25 Show GitHub Exploit DB Packet Storm
251242 5.8 警告 Qihoo 360 Technology - Android 用 360 KouXin における SMS メッセージおよび連絡先リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4772 2012-01-27 15:06 2012-01-25 Show GitHub Exploit DB Packet Storm
251243 5.8 警告 Lucion Technologies - Android 用 Scan to PDF Free におけるスキャンされたファイルおよび Google アカウントを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4771 2012-01-27 15:05 2012-01-25 Show GitHub Exploit DB Packet Storm
251244 5.8 警告 QIWI Wallet - Android 用 QIWI Wallet における金銭に関する情報を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4770 2012-01-27 15:03 2012-01-25 Show GitHub Exploit DB Packet Storm
251245 5.8 警告 Qihoo 360 Technology - Android 用 360 MobileSafe における SMS メッセージおよび連絡先リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4769 2012-01-27 14:56 2012-01-25 Show GitHub Exploit DB Packet Storm
251246 5.8 警告 Ming Software - Android 用 Ming Blacklist Free におけるブラックリストおよび連絡先リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4705 2012-01-27 14:56 2012-01-25 Show GitHub Exploit DB Packet Storm
251247 5.8 警告 Voxofon LLC - Android 用 Voxofon における SMS 情報を読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4704 2012-01-27 14:54 2012-01-25 Show GitHub Exploit DB Packet Storm
251248 5.8 警告 Nathaniel Kh - Android 用 Limit My Call における通話履歴および連絡先リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4703 2012-01-27 14:52 2012-01-25 Show GitHub Exploit DB Packet Storm
251249 5.8 警告 Nimbuzz - Android 用 Nimbuzz における連絡先リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4702 2012-01-27 14:46 2012-01-25 Show GitHub Exploit DB Packet Storm
251250 5.8 警告 fa - Android 用 CallConfirm における allow/block リストを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4701 2012-01-27 14:45 2012-01-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
268611 8.1 HIGH
Network 		cnpmjs operadriver operadriver is a Opera Driver for Selenium. operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code e… CWE-310
Cryptographic Issues 		CVE-2016-10565 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268612 8.1 HIGH
Network 		apk-parser_project apk-parser apk-parser is a tool to extract Android Manifest info from an APK file. apk-parser versions below 0.1.6 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be poss… CWE-310
Cryptographic Issues 		CVE-2016-10564 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268613 8.1 HIGH
Network 		ipfs go-ipfs-dep During the installation process, the go-ipfs-deps module before 0.4.4 insecurely downloads resources over HTTP. This allows for a MITM attack to compromise the integrity of the resources used by this… CWE-310
Cryptographic Issues 		CVE-2016-10563 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268614 8.1 HIGH
Network 		iedriver_project iedriver iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions below 3.0.0 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause re… CWE-310
Cryptographic Issues 		CVE-2016-10562 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268615 5.3 MEDIUM
Network 		bitty_project bitty Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`. Version 0.2.10 has a directory traversal vulnerability that is exploitable via the URL path in GET reque… CWE-22
Path Traversal 		CVE-2016-10561 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268616 8.1 HIGH
Network 		galenframework galenframework-cli galenframework-cli is the node wrapper for the Galen Framework. galenframework-cli below 2.3.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to c… CWE-310
Cryptographic Issues 		CVE-2016-10560 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268617 8.1 HIGH
Network 		appium appium-chromedriver appium-chromedriver is a Node.js wrapper around Chromedriver. Versions below 2.9.4 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause… CWE-310
Cryptographic Issues 		CVE-2016-10557 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268618 6.5 MEDIUM
Network 		jwt-simple_project jwt-simple Since "algorithm" isn't enforced in jwt.decode()in jwt-simple 0.3.0 and earlier, a malicious user could choose what algorithm is sent sent to the server. If the server is expecting RSA but is sent HM… CWE-310
Cryptographic Issues 		CVE-2016-10555 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268619 9.8 CRITICAL
Network 		sequelizejs sequelize sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, se… CWE-89
SQL Injection 		CVE-2016-10554 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm
268620 9.8 CRITICAL
Network 		sequelizejs sequelize sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed… CWE-89
SQL Injection 		CVE-2016-10553 2024-11-21 11:44 2018-06-1 Show GitHub Exploit DB Packet Storm