Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224301 5 警告 varnish-cache.org - Varnish におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-4484 2014-01-9 19:20 2013-10-29 Show GitHub Exploit DB Packet Storm
224302 7.5 危険 Google - Google Chrome で使用される Google V8 におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-2919 2014-01-9 18:27 2013-10-1 Show GitHub Exploit DB Packet Storm
224303 7.5 危険 Google - Google Chrome で使用される Blink の DOM の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2918 2014-01-9 18:25 2013-10-1 Show GitHub Exploit DB Packet Storm
224304 5 警告 Google - Google Chrome で使用される Blink の Web Audio の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-2917 2014-01-9 18:23 2013-10-1 Show GitHub Exploit DB Packet Storm
224305 6.8 警告 feep.net
レッドハット		 - libtar の lib/block.c の th_read 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2013-4397 2014-01-9 18:22 2013-10-1 Show GitHub Exploit DB Packet Storm
224306 6.9 警告 Linux - Linux Kernel の drivers/net/tun.c における権限を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4343 2014-01-9 18:20 2013-09-11 Show GitHub Exploit DB Packet Storm
224307 6 警告 Linux - Linux Kernel の drivers/md/dm-snap-persistent.c における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-4299 2014-01-9 18:17 2013-10-16 Show GitHub Exploit DB Packet Storm
224308 4.3 警告 Google - Google Chrome で使用される Blink におけるアドレスバーを偽装される脆弱性 CWE-noinfo
情報不足 		CVE-2013-2916 2014-01-9 18:16 2013-10-1 Show GitHub Exploit DB Packet Storm
224309 4.3 警告 Google - Google Chrome におけるアドレスバーを偽装される脆弱性 CWE-Other
その他 		CVE-2013-2915 2014-01-9 18:15 2013-10-1 Show GitHub Exploit DB Packet Storm
224310 6.8 警告 Google - Windows 上で稼働する Google Chrome の色選択 (color-chooser) ダイアログにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2914 2014-01-9 18:13 2013-10-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197711 6.1 MEDIUM
Network 		sharethis dashboard_for_google_analytics The ShareThis Dashboard for Google Analytics WordPress plugin before 2.5.2 does not sanitise or escape the 'ga_action' parameter in the stats view before outputting it back in an attribute when the p… CWE-79
Cross-site Scripting 		CVE-2021-24438 2024-11-21 14:53 2021-08-31 Show GitHub Exploit DB Packet Storm
197712 6.1 MEDIUM
Network 		realfavicongenerator favicon_by_realfavicongenerator The Favicon by RealFaviconGenerator WordPress plugin through 1.3.20 does not sanitise or escape one of its parameter before outputting it back in the response, leading to a Reflected Cross-Site Scrip… - CVE-2021-24437 2024-11-21 14:53 2021-08-31 Show GitHub Exploit DB Packet Storm
197713 4.8 MEDIUM
Network 		erident_custom_login_and_dashboard_project erident_custom_login_and_dashboard The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them (even when the unfileted_html is… CWE-79
Cross-site Scripting 		CVE-2021-24658 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197714 8.8 HIGH
Network 		hmplugin hm_multiple_roles The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page CWE-669
 Incorrect Resource Transfer Between Spheres 		CVE-2021-24602 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197715 4.8 MEDIUM
Network 		simple_banner_project simple_banner The Simple Banner WordPress plugin before 2.10.4 does not sanitise and escape one of its settings, allowing high privilege users such as admin to use Cross-Site Scripting payload even when the unfilt… CWE-79
Cross-site Scripting 		CVE-2021-24574 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197716 5.4 MEDIUM
Network 		harmonicdesign hd_quiz The HD Quiz WordPress plugin before 1.8.4 does not escape some of its Answers before outputting them in attribute when generating the Quiz, which could lead to Stored Cross-Site Scripting issues CWE-79
Cross-site Scripting 		CVE-2021-24571 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197717 8.8 HIGH
Network 		contact_form_7_captcha_project contact_form_7_captcha The Contact Form 7 Captcha WordPress plugin before 0.0.9 does not have any CSRF check in place when saving its settings, allowing attacker to make a logged in user with the manage_options change them… CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2021-24565 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197718 5.4 MEDIUM
Network 		wpfront scroll_top The WPFront Scroll Top WordPress plugin before 2.0.6.07225 does not sanitise or escape its Image ALT setting before outputting it attributes, leading to an Authenticated Stored Cross-Site Scripting i… CWE-79
Cross-site Scripting 		CVE-2021-24564 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197719 7.5 HIGH
Network 		lifterlms lifterlms The LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2 was affected by an IDOR issue, allowing students to see other student answers a… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-24562 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm
197720 5.4 MEDIUM
Network 		veronalabs wp_sms The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_group_name" parameter before outputting it back in the "Groups" page, leading to an Authenticated Stored Cross-Site Scripting issue - CVE-2021-24561 2024-11-21 14:53 2021-08-23 Show GitHub Exploit DB Packet Storm