Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224441 4.3 警告 シスコシステムズ - Cisco Secure Access Control System のポータルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-0668 2014-01-22 16:37 2014-01-21 Show GitHub Exploit DB Packet Storm
224442 2.6 注意 TYPO3 Association - TYPO3 の Extbase Framework の ActionController ベースクラスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-7078 2014-01-22 16:32 2013-12-10 Show GitHub Exploit DB Packet Storm
224443 3.3 注意 libimobiledevice - libimobiledevice の userpref.c における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2013-2142 2014-01-22 16:31 2013-08-14 Show GitHub Exploit DB Packet Storm
224444 2.6 注意 Drupal - Drupal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0244 2014-01-22 16:31 2013-01-16 Show GitHub Exploit DB Packet Storm
224445 2.7 注意 Fabrice Bellard
Xen プロジェクト		 - Xen および QEMU の qemu-xen の qdisk PV ディスクバックエンドにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-4375 2014-01-22 16:22 2013-10-10 Show GitHub Exploit DB Packet Storm
224446 1.9 注意 Linux - Linux Kernel の drivers/net/hamradio/yam.c の yam_ioctl 関数における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-1446 2014-01-22 16:05 2014-01-15 Show GitHub Exploit DB Packet Storm
224447 2.1 注意 Linux - Linux Kernel の drivers/net/wan/wanxl.c の wanxl_ioctl 関数における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-1445 2014-01-22 16:04 2014-01-15 Show GitHub Exploit DB Packet Storm
224448 1.7 注意 Linux - Linux Kernel の drivers/net/wan/farsync.c の fst_get_iface 関数における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2014-1444 2014-01-22 16:04 2014-01-15 Show GitHub Exploit DB Packet Storm
224449 4.7 警告 Linux - AMD K7 および K8 プラットフォーム上で稼働する Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-1438 2014-01-22 16:03 2014-01-15 Show GitHub Exploit DB Packet Storm
224450 9.3 危険 Hexagon - Intergraph ERDAS ER Viewer の ermapper_u.dll におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3483 2014-01-22 14:56 2013-05-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197931 8.8 HIGH
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.9 does not enforce nonce checks, which could allow attackers to perform CSRF attacks to 1) make admins export logs to exploit a separate log di… - CVE-2021-24696 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197932 5.4 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.11 could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attack via 1) "color" or "css_class" argument of … CWE-79
Cross-site Scripting 		CVE-2021-24694 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197933 4.8 MEDIUM
Network 		updraftplus updraftplus The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.6.59 does not sanitise its updraft_service settings, allowing high privilege users to set malicious JavaScript payload in it and lead… - CVE-2021-24423 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197934 6.1 MEDIUM
Network 		navz acf_photo_gallery_field The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute… - CVE-2021-24909 2024-11-21 14:53 2022-01-17 Show GitHub Exploit DB Packet Storm
197935 6.1 MEDIUM
Network 		bologer anycomment The AnyComment WordPress plugin before 0.3.5 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Red… - CVE-2021-24838 2024-11-21 14:53 2022-01-17 Show GitHub Exploit DB Packet Storm
197936 7.2 HIGH
Network 		metagauss registrationmagic The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could l… - CVE-2021-24862 2024-11-21 14:53 2022-01-11 Show GitHub Exploit DB Packet Storm
197937 7.5 HIGH
Network 		stars_rating_project stars_rating The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment das… CWE-20
 Improper Input Validation  		CVE-2021-24893 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm
197938 7.5 HIGH
Network 		rich-web tab All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such … CWE-425
 Direct Request ('Forced Browsing') 		CVE-2021-24831 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm
197939 5.4 MEDIUM
Network 		mlcalc mortgage_calculator\/loan_calculator The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role… CWE-79
Cross-site Scripting 		CVE-2021-24828 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm
197940 7.2 HIGH
Network 		wpchill download_monitor The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Inject… CWE-89
SQL Injection 		CVE-2021-24786 2024-11-21 14:53 2022-01-3 Show GitHub Exploit DB Packet Storm