Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
224901 1.9 注意 アップル - Apple iOS の写真バックエンドにおける重要な画像データを取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-1281 2014-03-17 16:13 2014-03-10 Show GitHub Exploit DB Packet Storm
224902 7.1 危険 アップル - Apple iOS および Apple TV のビデオドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2014-1280 2014-03-17 16:12 2014-03-10 Show GitHub Exploit DB Packet Storm
224903 2.1 注意 アップル - Apple TV における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-1279 2014-03-17 16:12 2014-03-10 Show GitHub Exploit DB Packet Storm
224904 7.2 危険 アップル - Apple iOS および Apple TV の ARM カーネルの ptmx_get_ioctl 関数における権限を取得される脆弱性 CWE-119
バッファエラー
CVE-2014-1278 2014-03-17 16:11 2014-03-10 Show GitHub Exploit DB Packet Storm
224905 5 警告 アップル - Apple iOS における任意のアプリに対するユーザ操作を監視される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2014-1276 2014-03-17 16:11 2014-03-10 Show GitHub Exploit DB Packet Storm
224906 6.8 警告 アップル - Apple iOS および Apple TV の ImageIO におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2014-1275 2014-03-17 16:10 2014-03-10 Show GitHub Exploit DB Packet Storm
224907 2.1 注意 アップル - Apple iOS の FaceTime における重要な FaceTime 連絡先情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2014-1274 2014-03-17 16:10 2014-03-10 Show GitHub Exploit DB Packet Storm
224908 5.8 警告 アップル - Apple iOS および Apple TV の dyld におけるコード署名の要件を回避される脆弱性 CWE-20
不適切な入力確認
CVE-2014-1273 2014-03-17 16:10 2014-03-10 Show GitHub Exploit DB Packet Storm
224909 6.3 警告 アップル - Apple iOS および Apple TV のクラッシュレポートの CrashHouseKeeping における任意のファイルのアクセス権を変更される脆弱性 CWE-59
リンク解釈の問題
CVE-2014-1272 2014-03-17 16:09 2014-03-10 Show GitHub Exploit DB Packet Storm
224910 7.8 危険 アップル - Apple iOS および Apple TV の CoreCapture におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認
CVE-2014-1271 2014-03-17 16:09 2014-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200531 4.3 MEDIUM
Network
custom_content_shortcode_project custom_content_shortcode The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This c… CWE-863
 Incorrect Authorization
CVE-2021-24824 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
200532 5.4 MEDIUM
Network
nicdark cost_calculator The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator > Price S… CWE-79
Cross-site Scripting
CVE-2021-24821 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
200533 4.8 MEDIUM
Network
wp-eventmanager wp_event_manager The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even … CWE-79
Cross-site Scripting
CVE-2021-24810 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
200534 7.2 HIGH
Network
wpaffiliatefeed tradetracker-store The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. CWE-89
SQL Injection
CVE-2021-24778 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
200535 7.2 HIGH
Network
hotscot contact_form The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a… CWE-89
SQL Injection
CVE-2021-24777 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
200536 4.8 MEDIUM
Network
codeasily grand_flagallery The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when… - CVE-2021-24903 2024-11-21 14:53 2022-02-28 Show GitHub Exploit DB Packet Storm
200537 4.8 MEDIUM
Network
securemoz security_audit The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilt… - CVE-2021-24901 2024-11-21 14:53 2022-02-28 Show GitHub Exploit DB Packet Storm
200538 4.8 MEDIUM
Network
editable-table_project editable_table The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even w… - CVE-2021-24898 2024-11-21 14:53 2022-02-28 Show GitHub Exploit DB Packet Storm
200539 8.8 HIGH
Network
wpscan wp_cloudy The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter before using it in a SQL statement in the admin dashboard, leading to a SQL Injection issue - CVE-2021-24864 2024-11-21 14:53 2022-02-28 Show GitHub Exploit DB Packet Storm
200540 8.1 HIGH
Network
schiocco support_board The Support Board WordPress plugin before 3.3.6 does not have any CSRF checks in actions handled by the include/ajax.php file, which could allow attackers to make logged in users do unwanted actions.… - CVE-2021-24823 2024-11-21 14:53 2022-02-28 Show GitHub Exploit DB Packet Storm