Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251871	4.3	警告	Antisocial Media LLC	-	WordPress 用 Antisnews テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3857	2012-03-5 11:05	2011-09-28	Show	GitHub Exploit DB Packet Storm

251872	4.3	警告	A Tasty Pixel	-	WordPress 用 Elegant Grunge テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3856	2012-03-5 11:05	2011-09-28	Show	GitHub Exploit DB Packet Storm

251873	4.3	警告	Graph Paper Press	-	WordPress 用 F8 Lite テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3855	2012-03-5 11:04	2011-09-28	Show	GitHub Exploit DB Packet Storm

251874	4.3	警告	Quirm	-	WordPress 用 ZenLite テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3854	2012-03-5 11:04	2011-09-28	Show	GitHub Exploit DB Packet Storm

251875	4.3	警告	ThemeHybrid	-	WordPress 用 Hybrid テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3853	2012-03-5 11:04	2011-09-28	Show	GitHub Exploit DB Packet Storm

251876	4.3	警告	Theme4Press	-	WordPress 用 EvoLve テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3852	2012-03-5 11:03	2011-09-28	Show	GitHub Exploit DB Packet Storm

251877	4.3	警告	DevPress	-	WordPress 用 News テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3851	2012-03-5 11:03	2011-09-28	Show	GitHub Exploit DB Packet Storm

251878	4.3	警告	Bytes For All	-	WordPress 用 Atahualpa テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3850	2012-03-5 11:02	2011-09-28	Show	GitHub Exploit DB Packet Storm

251879	5.1	警告	Mozilla Foundation	-	Bugzilla の xmlrpc.cgi におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-0453	2012-03-2 15:18	2012-02-9	Show	GitHub Exploit DB Packet Storm

251880	9.3	危険	シスコシステムズ	-	Cisco Wireless LAN Controller デバイスにおける設定を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0371	2012-03-2 15:04	2012-02-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276081	-	newphoria_corporation	koritore	The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5635	2024-11-21 11:33	2015-09-21	Show	GitHub Exploit DB Packet Storm

276082	-	newphoria_corporation	megaphone_music	The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5634	2024-11-21 11:33	2015-09-21	Show	GitHub Exploit DB Packet Storm

276083	-	newphoria_corporation	auction_camera	The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5633	2024-11-21 11:33	2015-09-21	Show	GitHub Exploit DB Packet Storm

276084	-	newphoria_corporation	applican	The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 for iOS allows attackers to bypass a whitelist.xml URL whitelist protection mechanism and obtain API…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-5632	2024-11-21 11:33	2015-09-21	Show	GitHub Exploit DB Packet Storm

276085	-	dena	h20	Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL.	CWE-22 Path Traversal	CVE-2015-5638	2024-11-21 11:33	2015-09-20	Show	GitHub Exploit DB Packet Storm

276086	-	apple	watchos iphone_os	Apple iOS before 9 allows attackers to discover the e-mail address of a player via a crafted Game Center app.	CWE-200 Information Exposure	CVE-2015-5855	2024-11-21 11:33	2015-09-18	Show	GitHub Exploit DB Packet Storm

276087	-	apple	mac_os_x iphone_os	The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an enc…	CWE-200 Information Exposure	CVE-2015-5851	2024-11-21 11:33	2015-09-18	Show	GitHub Exploit DB Packet Storm

276088	-	apple	iphone_os	AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.	CWE-254 7PK - Security Features	CVE-2015-5850	2024-11-21 11:33	2015-09-18	Show	GitHub Exploit DB Packet Storm

276089	-	apple	iphone_os watchos	IOAcceleratorFamily in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-5848	2024-11-21 11:33	2015-09-18	Show	GitHub Exploit DB Packet Storm

276090	-	apple	mac_os_x watchos iphone_os	The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2015-5847	2024-11-21 11:33	2015-09-18	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed