Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226501 5 警告 Zend Technologies Ltd. - Zend Framework の Zend_Feed における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2012-5657 2013-05-8 12:12 2013-05-2 Show GitHub Exploit DB Packet Storm
226502 6.8 警告 GNU Project - glibc の stdio-common/vfprintf.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2012-0864 2013-05-8 12:11 2012-02-17 Show GitHub Exploit DB Packet Storm
226503 5 警告 GNU Project - glibc の RPC の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4609 2013-05-8 12:09 2011-12-13 Show GitHub Exploit DB Packet Storm
226504 6.8 警告 GNU Project - glibc の __tzfile_read 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-5029 2013-05-8 12:08 2009-06-1 Show GitHub Exploit DB Packet Storm
226505 5 警告 NextApp, Inc. - Echo の Java XML パーサにおける任意のファイルを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2009-5135 2013-05-8 10:51 2009-02-24 Show GitHub Exploit DB Packet Storm
226506 4.3 警告 IBM - IBM Tivoli Federated Identity Manager および Tivoli Federated Identity Manager Business Gateway におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0582 2013-05-7 21:19 2013-04-23 Show GitHub Exploit DB Packet Storm
226507 3.5 注意 IBM - IBM Sametime の Classic Meeting Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0535 2013-05-7 21:18 2013-04-29 Show GitHub Exploit DB Packet Storm
226508 4.6 警告 シスコシステムズ - Cisco Unified Communications Manager における任意のファイルを読まれる脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1240 2013-05-7 19:51 2013-05-6 Show GitHub Exploit DB Packet Storm
226509 5 警告 シスコシステムズ - Cisco Wireless LAN Controller デバイスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2013-1235 2013-05-7 19:51 2013-05-6 Show GitHub Exploit DB Packet Storm
226510 4 警告 シスコシステムズ - Cisco IOS XR の SNMP モジュールにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-1234 2013-05-7 19:50 2013-05-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195581 4.3 MEDIUM
Network 		bplugins document_embedder The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could allow any authenticated user, such as subscriber to enumerate the title of arbitrary private and draft… CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2021-24868 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195582 5.3 MEDIUM
Network 		bplugins document_embedder The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow unauthenticated users to enumerate the title of arbitrary private and draft posts. CWE-668
 Exposure of Resource to Wrong Sphere 		CVE-2021-24775 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195583 6.1 MEDIUM
Network 		getperfectsurvey perfect_survey The Perfect Survey WordPress plugin through 1.5.2 does not validate and escape the X-Forwarded-For header value before outputting it in the statistic page when the Anonymize IP setting of a survey is… CWE-79
Cross-site Scripting 		CVE-2021-24765 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195584 9.6 CRITICAL
Network 		welaunch wordpress_gdpr\&ccpa The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application… CWE-79
Cross-site Scripting 		CVE-2021-24814 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195585 6.1 MEDIUM
Network 		getperfectsurvey perfect_survey The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and escape multiple parameters (id and filters[session_id] of single_statistics page, type and message of importexport page) before … CWE-79
Cross-site Scripting 		CVE-2021-24764 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195586 8.8 HIGH
Network 		getperfectsurvey perfect_survey The Perfect Survey WordPress plugin before 1.5.2 does not have proper authorisation nor CSRF checks in the save_global_setting AJAX action, allowing unauthenticated users to edit surveys and modify s… CWE-352
 Origin Validation Error 		CVE-2021-24763 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195587 9.8 CRITICAL
Network 		getperfectsurvey perfect_survey The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticate… - CVE-2021-24762 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195588 6.5 MEDIUM
Network 		bestwebsoft error_log_viewer The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in a… - CVE-2021-24761 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195589 4.8 MEDIUM
Network 		nd-learning_project nd-learning The Learning Courses WordPress plugin before 5.0 does not sanitise and escape the Email PDT identity token settings, which could allow high privilege users to perform cross-Site Scripting attacks eve… CWE-79
Cross-site Scripting 		CVE-2021-24707 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
195590 4.8 MEDIUM
Network 		benbodhi svg_support The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scr… CWE-79
Cross-site Scripting 		CVE-2021-24686 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm