Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227431	7.5	危険	アドビシステムズ	-	Adobe ColdFusion におけるユーザになりすまされる脆弱性	CWE-noinfo 情報不足	CVE-2013-1387	2013-04-11 11:57	2013-04-9	Show	GitHub Exploit DB Packet Storm

227432	7.5	危険	アドビシステムズ	-	Adobe ColdFusion における ColdFusion Administrator コンソールへアクセスされる脆弱性	CWE-noinfo 情報不足	CVE-2013-1388	2013-04-11 11:53	2013-04-9	Show	GitHub Exploit DB Packet Storm

227433	10	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-1386	2013-04-11 11:21	2013-04-9	Show	GitHub Exploit DB Packet Storm

227434	10	危険	アドビシステムズ	-	Adobe Shockwave Player における ASLR 保護メカニズムを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1385	2013-04-11 11:20	2013-04-9	Show	GitHub Exploit DB Packet Storm

227435	10	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2013-1384	2013-04-11 11:20	2013-04-9	Show	GitHub Exploit DB Packet Storm

227436	10	危険	アドビシステムズ	-	Adobe Shockwave Player におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-1383	2013-04-11 11:19	2013-04-9	Show	GitHub Exploit DB Packet Storm

227437	7.1	危険	シスコシステムズ	-	Cisco Prime Central for HCS Assurance におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1135	2013-04-10 16:47	2012-02-27	Show	GitHub Exploit DB Packet Storm

227438	4.3	警告	SAND STUDIO	-	AirDroid にクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0134	2013-04-10 16:33	2013-04-9	Show	GitHub Exploit DB Packet Storm

227439	6.8	警告	NVIDIA	-	Windows 上で稼働する NVIDIA ドライバにおける権限を取得される脆弱性	CWE-DesignError	CVE-2013-0111	2013-04-10 14:32	2013-02-15	Show	GitHub Exploit DB Packet Storm

227440	6.8	警告	NVIDIA	-	Windows 上で稼働する NVIDIA ドライバにおける権限を取得される脆弱性	CWE-DesignError	CVE-2013-0110	2013-04-10 14:32	2013-02-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196001	6.5	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts v…	-	CVE-2021-25072	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196002	6.1	MEDIUM Network	cf7skins	contact_form_7_skins	The Skins for Contact Form 7 WordPress plugin before 2.5.1 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25063	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196003	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and escape POSted parameters sent to the wpassetcleanup_fetch_active_plugins_icons AJAX action (available to ad…	CWE-79 Cross-site Scripting	CVE-2021-24983	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196004	6.1	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthent…	-	CVE-2021-24975	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196005	4.8	MEDIUM Network	cusmin	absolutely_glamorous_custom_admin	The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_ht…	-	CVE-2021-24944	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196006	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacu_selected_sub_tab_area parameter before outputting it back in an attribute in an admin page, leading to …	-	CVE-2021-24937	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196007	6.1	MEDIUM Network	yellowpencil	visual_css_style_editor	The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Script…	-	CVE-2021-24934	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196008	6.1	MEDIUM Network	domaincheckplugin	domain_check	The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue	CWE-79 Cross-site Scripting	CVE-2021-24926	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196009	8.8	HIGH Network	wickedplugins	wicked_folders	The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id parameter before using it in a SQL statement in the wicked_folders_save_sort_order AJAX action, available …	CWE-89 SQL Injection	CVE-2021-24919	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

196010	6.1	MEDIUM Network	roundupwp	registrations_for_the_events_calendar	The Registrations for the Events Calendar WordPress plugin before 2.7.10 does not escape the qtype parameter before outputting it back in an attribute in the settings page, leading to a Reflected Cro…	-	CVE-2021-25083	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm