Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224041 7.5 危険 Git project - GIT におけるバッファオーバーフローの脆弱性 - CVE-2006-0477 2014-03-11 17:43 2006-01-31 Show GitHub Exploit DB Packet Storm
224042 7.5 危険 Stalker Software, Inc. - CommuniGate Pro Core Server におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-0468 2014-03-11 17:43 2006-01-30 Show GitHub Exploit DB Packet Storm
224043 4.3 警告 pmachine - ExpressionEngine におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0461 2014-03-11 17:43 2006-01-27 Show GitHub Exploit DB Packet Storm
224044 4.3 警告 cheesyblog - CheesyBlog におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0443 2014-03-11 17:43 2006-01-26 Show GitHub Exploit DB Packet Storm
224045 5 警告 phpBB - phpBB におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2006-0438 2014-03-11 17:43 2006-02-6 Show GitHub Exploit DB Packet Storm
224046 4.3 警告 phpBB - phpBB におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-0437 2014-03-11 17:43 2006-02-6 Show GitHub Exploit DB Packet Storm
224047 10 危険 Claroline Consortium - Claroline におけるセッションをハイジャックされるおよび管理者権限を取得される脆弱性 - CVE-2006-0411 2014-03-11 17:43 2006-01-25 Show GitHub Exploit DB Packet Storm
224048 7.5 危険 アップル - Apple Mac OS X における同一生成元ポリシーを回避される脆弱性 - CVE-2006-0400 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
224049 5.1 警告 アップル - Apple Mac OS X におけるバッファオーバーフローの脆弱性 - CVE-2006-0396 2014-03-11 17:43 2006-03-14 Show GitHub Exploit DB Packet Storm
224050 7.8 危険 シスコシステムズ - Cisco CallManager におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-0368 2014-03-11 17:43 2006-01-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197881 4.3 MEDIUM
Network 		designwall dw_question_\&_answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as upd… - CVE-2021-24805 2024-11-21 14:53 2022-04-26 Show GitHub Exploit DB Packet Storm
197882 4.3 MEDIUM
Network 		designwall dw_question_\&_answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-24800 2024-11-21 14:53 2022-04-26 Show GitHub Exploit DB Packet Storm
197883 6.1 MEDIUM
Network 		heateor sassy_social_share The Social Sharing Plugin WordPress plugin before 3.3.40 does not escape the viewed post URL before outputting it back in onclick attributes when the "Enable 'More' icon" option is enabled (which is … - CVE-2021-24746 2024-11-21 14:53 2022-03-29 Show GitHub Exploit DB Packet Storm
197884 8.0 HIGH
Network 		vsourz advanced_cf7_db The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted,… CWE-352
 Origin Validation Error 		CVE-2021-24905 2024-11-21 14:53 2022-03-22 Show GitHub Exploit DB Packet Storm
197885 5.4 MEDIUM
Network 		viitorcloud add_subtitle The Add Subtitle WordPress plugin through 1.1.0 does not sanitise or escape the sub-title field (available only with classic editor) when output in the page, which could allow users with a role as lo… - CVE-2021-24897 2024-11-21 14:53 2022-03-15 Show GitHub Exploit DB Packet Storm
197886 4.8 MEDIUM
Network 		webbigt cybersoldier The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and escape the URL settings before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripti… CWE-79
Cross-site Scripting 		CVE-2021-24895 2024-11-21 14:53 2022-03-15 Show GitHub Exploit DB Packet Storm
197887 6.5 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector. - CVE-2021-24692 2024-11-21 14:53 2022-03-15 Show GitHub Exploit DB Packet Storm
197888 5.4 MEDIUM
Network 		custom_content_shortcode_project custom_content_shortcode The Custom Content Shortcode WordPress plugin before 4.0.2 does not escape custom fields before outputting them, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to perform Cros… CWE-79
Cross-site Scripting 		CVE-2021-24826 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
197889 4.3 MEDIUM
Network 		custom_content_shortcode_project custom_content_shortcode The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display a… - CVE-2021-24825 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
197890 4.3 MEDIUM
Network 		custom_content_shortcode_project custom_content_shortcode The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This c… CWE-863
 Incorrect Authorization 		CVE-2021-24824 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm