Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227881 4.3 警告 PulseCMS - Pulse CMS の view.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1080 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227882 4.3 警告 Sawmill - Sawmill におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1079 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227883 7.5 危険 sphere.xlentprojects - XlentProjects SphereCMSSpey の archive.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1078 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227884 6.8 警告 VBSEO - vBulletin 用の Crawlability vBSEO プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1077 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227885 4.3 警告 sniggabo - Sniggabo CMS の search.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1072 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227886 7.5 危険 phpmdj - phpMDJ の profil.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1071 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227887 7.5 危険 proarcadescript - ProArcadeScript の games/game.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1069 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227888 5 警告 the-ghost - AWCM におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1066 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227889 6.8 警告 PHP工房 - Phpkobo Free Real Estate Contact Form におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1063 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
227890 6.8 警告 PHP工房 - Phpkobo Free Real Estate Contact Form の codelib/sys/common.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1062 2012-12-20 19:29 2010-03-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194971 5.4 MEDIUM
Network 		themify portfolio_post Unvalidated input and lack of output encoding in the Themify Portfolio Post WordPress plugin, versions before 1.1.6, lead to Stored Cross-Site Scripting (XSS) vulnerabilities allowing low-privileged … CWE-79
Cross-site Scripting 		CVE-2021-24129 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194972 5.4 MEDIUM
Network 		wpdarko team_members Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attack… CWE-79
Cross-site Scripting 		CVE-2021-24128 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194973 5.4 MEDIUM
Network 		caseproof thirstyaffiliates_affiliate_link_manager Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS… CWE-79
Cross-site Scripting 		CVE-2021-24127 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194974 5.4 MEDIUM
Network 		enviragallery envira_gallery Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them… CWE-79
Cross-site Scripting 		CVE-2021-24126 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194975 7.2 HIGH
Network 		contact_form_submissions_project contact_form_submissions Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privile… CWE-89
SQL Injection 		CVE-2021-24125 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194976 6.1 MEDIUM
Network 		terryl wp_shieldon Unvalidated input and lack of output encoding in the WP Shieldon WordPress plugin, version 1.6.3 and below, leads to Unauthenticated Reflected Cross-Site Scripting (XSS) when the CAPTCHA page is show… CWE-79
Cross-site Scripting 		CVE-2021-24124 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194977 7.2 HIGH
Network 		blubrry powerpress Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privile… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24123 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194978 7.5 HIGH
Network 		facebook proxygen
mvfst 		A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message sho… CWE-617
 Reachable Assertion 		CVE-2021-24029 2024-11-21 14:52 2021-03-16 Show GitHub Exploit DB Packet Storm
194979 7.8 HIGH
Local 		microsoft high_efficiency_video_coding HEVC Video Extensions Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2021-24110 2024-11-21 14:52 2021-03-12 Show GitHub Exploit DB Packet Storm
194980 7.8 HIGH
Local 		microsoft office
365_apps 		Microsoft Office Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2021-24108 2024-11-21 14:52 2021-03-12 Show GitHub Exploit DB Packet Storm