Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227941	4.3	警告	ViewVC	-	ViewVC の lib/viewvc.py におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0736	2012-12-20 19:28	2010-02-10	Show	GitHub Exploit DB Packet Storm

227942	7.5	危険	systemsoftware	-	Auktionshaus Gelb の news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0721	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

227943	7.5	危険	systemsoftware	-	Erotik Auktionshaus の news.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0720	2012-12-20 19:28	2010-02-26	Show	GitHub Exploit DB Packet Storm

227944	6.8	警告	Zenoss, Inc.	-	Zenoss におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-0713	2012-12-20 19:28	2010-01-15	Show	GitHub Exploit DB Packet Storm

227945	6.5	警告	Zenoss, Inc.	-	Zenoss の zport/dmd/Events/getJSONEventsInfo における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0712	2012-12-20 19:28	2010-01-15	Show	GitHub Exploit DB Packet Storm

227946	5	警告	サン・マイクロシステムズ	-	Sun Directory Server Enterprise Edition などの ns-slapd および slapd.exe におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-0708	2012-12-20 19:28	2010-01-20	Show	GitHub Exploit DB Packet Storm

227947	6.8	警告	timeclock-software	-	Employee Timeclock Software の add_user.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-0707	2012-12-20 19:28	2010-02-25	Show	GitHub Exploit DB Packet Storm

227948	4.3	警告	subexworld	-	Subex Nikira Fraud Management System の login/prompt コンポーネントにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0706	2012-12-20 19:28	2010-02-25	Show	GitHub Exploit DB Packet Storm

227949	4.3	警告	portwise	-	PortWise SSL VPN の wa/auth におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0703	2012-12-20 19:28	2010-02-23	Show	GitHub Exploit DB Packet Storm

227950	4.3	警告	WampServer	-	WampServer の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0700	2012-12-20 19:28	2010-02-23	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194931	4.9	MEDIUM Network	themeeditor	theme_editor	The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before passing it to the download_file() function, allowing administrators to download arbitrary files on the web …	CWE-552 Files or Directories Accessible to External Parties	CVE-2021-24154	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

194932	5.4	MEDIUM Network	yoast	yoast_seo	A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several …	CWE-79 Cross-site Scripting	CVE-2021-24153	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

194933	6.1	MEDIUM Network	sygnoos	popup_builder	The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting.	CWE-79 Cross-site Scripting	CVE-2021-24152	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

194934	7.5	HIGH Network	likebtn-like-button_project	likebtn-like-button	The LikeBtn WordPress Like Button Rating ? LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-24150	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

194935	6.1	MEDIUM Network	devolutions	devolutions_server	An issue was discovered in Devolutions Server before 2020.3. There is a cross-site scripting (XSS) vulnerability in entries of type Document.	CWE-79 Cross-site Scripting	CVE-2021-23925	2024-11-21 14:52	2021-04-2	Show	GitHub Exploit DB Packet Storm

194936	7.5	HIGH Network	devolutions	devolutions_server	An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files.	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2021-23924	2024-11-21 14:52	2021-04-2	Show	GitHub Exploit DB Packet Storm

194937	8.1	HIGH Network	devolutions	devolutions_server	An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users.	CWE-287 Improper Authentication	CVE-2021-23923	2024-11-21 14:52	2021-04-2	Show	GitHub Exploit DB Packet Storm

194938	5.4	MEDIUM Network	devolutions	remote_desktop_manager	An issue was discovered in Devolutions Remote Desktop Manager before 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews.	CWE-79 Cross-site Scripting	CVE-2021-23922	2024-11-21 14:52	2021-04-2	Show	GitHub Exploit DB Packet Storm

194939	9.1	CRITICAL Network	devolutions	devolutions_server	An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements.	NVD-CWE-Other	CVE-2021-23921	2024-11-21 14:52	2021-04-2	Show	GitHub Exploit DB Packet Storm

194940	8.8	HIGH Network	mozilla	firefox	Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl…	CWE-787 Out-of-bounds Write	CVE-2021-23988	2024-11-21 14:52	2021-03-31	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed