Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223461 4.3 警告 レッドハット - Spacewalk および Red Hat Network Satellite におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4415 2014-02-17 15:11 2013-06-28 Show GitHub Exploit DB Packet Storm
223462 3.5 注意 レッドハット - Spacewalk および Red Hat Network Satellite の account/EditAddress.do におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1871 2014-02-17 15:10 2013-03-19 Show GitHub Exploit DB Packet Storm
223463 3.5 注意 レッドハット - Spacewalk および Red Hat Network Satellite の systems/sdc/notes.jsp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6149 2014-02-17 15:10 2012-11-29 Show GitHub Exploit DB Packet Storm
223464 4.7 警告 アップル - Apple Boot Camp の AppleMNT.sys におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-1253 2014-02-17 14:45 2014-02-12 Show GitHub Exploit DB Packet Storm
223465 5.1 警告 CA Technologies - CA 2E Web Option におけるセッションをハイジャックされる脆弱性 CWE-20
不適切な入力確認 		CVE-2014-1219 2014-02-17 14:44 2014-02-11 Show GitHub Exploit DB Packet Storm
223466 5.8 警告 レッドハット - Red Hat JBoss Operations Network における LDAP ベースのアカウントにログインされる脆弱性 CWE-287
不適切な認証 		CVE-2012-1100 2014-02-17 14:42 2012-03-19 Show GitHub Exploit DB Packet Storm
223467 5.8 警告 レッドハット - Red Hat JBoss Operations Network におけるエージェントのセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2012-0062 2014-02-17 14:42 2012-02-1 Show GitHub Exploit DB Packet Storm
223468 5.8 警告 レッドハット - Red Hat JBoss Operations Network における任意のエージェントの識別情報を偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0052 2014-02-17 14:41 2012-02-1 Show GitHub Exploit DB Packet Storm
223469 7.1 危険 MatrikonOPC - MatrikonOPC SCADA DNP3 OPC Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2829 2014-02-17 14:39 2013-04-11 Show GitHub Exploit DB Packet Storm
223470 6.9 警告 Bandisoft - Bandisoft Bandizip における権限を取得される脆弱性 CWE-Other
その他 		CVE-2014-1680 2014-02-17 14:39 2014-01-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313911 4.3 MEDIUM
Network 		- - The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.2 via the 'attesa-template' shortcode due to insufficient restrictions on which p… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10688 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313912 6.1 MEDIUM
Network 		- - The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the… CWE-79
Cross-site Scripting 		CVE-2024-10683 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313913 9.8 CRITICAL
Network 		- - The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks… CWE-22
Path Traversal 		CVE-2024-10470 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313914 5.3 MEDIUM
Network 		- - The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes i… CWE-200
Information Exposure 		CVE-2024-8756 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313915 6.4 MEDIUM
Network 		- - The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5 via the ce_get_file() function. This makes it possible for authenticated att… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-10814 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313916 4.3 MEDIUM
Network 		- - The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.3 via the 'elementor-template' shortcode due to insufficient restrictions on which … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10770 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313917 4.3 MEDIUM
Network 		- - The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the [ctb] shortcode … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10669 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313918 - - - The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1.5 via the [csb] shortcode due to insufficient restrictions on which posts… - CVE-2024-10667 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313919 6.1 MEDIUM
Network 		- - The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate esca… CWE-79
Cross-site Scripting 		CVE-2024-9226 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
313920 8.8 HIGH
Network 		- - The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the th_shop_mania_install_and_activate_callback() function in al… CWE-862
 Missing Authorization 		CVE-2024-10674 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm