Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224341 4.3 警告 ikiwiki-hosting Project - ikiwiki-hosting のサイト作成インターフェースにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-6047 2014-02-27 14:38 2013-10-25 Show GitHub Exploit DB Packet Storm
224342 3.6 注意 Linux - Linux Kernel の kernel/signal.c における ASLR 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0914 2014-02-26 16:50 2013-03-20 Show GitHub Exploit DB Packet Storm
224343 9.3 危険 オラクル - Oracle Java SE および Java SE Embedded における Swing に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5806 2014-02-26 12:12 2013-10-15 Show GitHub Exploit DB Packet Storm
224344 9.3 危険 オラクル - Oracle Java SE および Java SE Embedded における Swing に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5805 2014-02-26 12:09 2013-10-15 Show GitHub Exploit DB Packet Storm
224345 7 危険 ヒューレット・パッカード - 複数の HP 製品の OSPF の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-4806 2014-02-26 12:07 2013-08-1 Show GitHub Exploit DB Packet Storm
224346 5.8 警告 Mozilla Foundation - 複数の Mozilla 製品におけるプロセスメモリから重要な情報を取得される脆弱性 CWE-119
バッファエラー 		CVE-2013-0772 2014-02-26 12:05 2013-02-19 Show GitHub Exploit DB Packet Storm
224347 3.2 注意 Linux - Linux Kernel の net/ipv6/addrconf.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-0343 2014-02-26 12:01 2013-02-28 Show GitHub Exploit DB Packet Storm
224348 5 警告 Zimbra - Zimbra の /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-7091 2014-02-26 11:11 2013-12-6 Show GitHub Exploit DB Packet Storm
224349 10 危険 シスコシステムズ - Cisco Prime Data Center Network Manager の DCNM-SAN サーバにおけるディレクトリトラバーサルの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2013-5486 2014-02-26 11:02 2013-09-18 Show GitHub Exploit DB Packet Storm
224350 7.5 危険 ヒューレット・パッカード - HP SiteScope の APISiteScopeImpl SOAP サービスにおける認証を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2013-4835 2014-02-26 10:53 2013-10-30 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197931 8.8 HIGH
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.9 does not enforce nonce checks, which could allow attackers to perform CSRF attacks to 1) make admins export logs to exploit a separate log di… - CVE-2021-24696 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197932 5.4 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.11 could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attack via 1) "color" or "css_class" argument of … CWE-79
Cross-site Scripting 		CVE-2021-24694 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197933 4.8 MEDIUM
Network 		updraftplus updraftplus The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraft_service settings, allowing high privilege users to set malicious JavaScript payload in it and lead… - CVE-2021-24423 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197934 6.1 MEDIUM
Network 		navz acf_photo_gallery_field The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute… - CVE-2021-24909 2024-11-21 14:53 2022-01-17 Show GitHub Exploit DB Packet Storm
197935 6.1 MEDIUM
Network 		bologer anycomment The AnyComment WordPress plugin before 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Red… - CVE-2021-24838 2024-11-21 14:53 2022-01-17 Show GitHub Exploit DB Packet Storm
197936 7.2 HIGH
Network 		metagauss registrationmagic The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could l… - CVE-2021-24862 2024-11-21 14:53 2022-01-11 Show GitHub Exploit DB Packet Storm
197937 7.5 HIGH
Network 		stars_rating_project stars_rating The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment das… CWE-20
 Improper Input Validation  		CVE-2021-24893 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm
197938 7.5 HIGH
Network 		rich-web tab All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such … CWE-425
 Direct Request ('Forced Browsing') 		CVE-2021-24831 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm
197939 5.4 MEDIUM
Network 		mlcalc mortgage_calculator\/loan_calculator The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role… CWE-79
Cross-site Scripting 		CVE-2021-24828 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm
197940 7.2 HIGH
Network 		wpchill download_monitor The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Inject… CWE-89
SQL Injection 		CVE-2021-24786 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm