Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228011 5 警告 tuxfamily - Chrony の chronyd におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0292 2012-12-20 19:28 2010-02-8 Show GitHub Exploit DB Packet Storm
228012 5.1 警告 TYPO3 Association - TYPO3 用の OpenID Identity Authentication エクステンションにおける認証を回避される脆弱性 CWE-noinfo
情報不足 		CVE-2010-0286 2012-12-20 19:28 2010-02-22 Show GitHub Exploit DB Packet Storm
228013 4.6 警告 サン・マイクロシステムズ - Sun OpenSolaris の hald における HAL 仕様をサポートする接続デバイスへの変更の検出を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0271 2012-12-20 19:28 2010-01-4 Show GitHub Exploit DB Packet Storm
228014 7.5 危険 SUSE - SUSE Linux Enterprise および openSUSE におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0230 2012-12-20 19:28 2010-01-22 Show GitHub Exploit DB Packet Storm
228015 4.6 警告 verbatim - Verbatim Corporate Secure および Corporate Secure FIPS Edition USB フラッシュドライブにおける平文のデータコンテンツにアクセスされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-0229 2012-12-20 19:28 2010-01-7 Show GitHub Exploit DB Packet Storm
228016 4.6 警告 verbatim - Verbatim Corporate Secure および Corporate Secure FIPS Edition USB フラッシュドライブにおけるデータを変更される脆弱性 CWE-310
暗号の問題 		CVE-2010-0228 2012-12-20 19:28 2010-01-7 Show GitHub Exploit DB Packet Storm
228017 4.6 警告 verbatim - Verbatim Corporate Secure および Corporate Secure FIPS Edition USB フラッシュドライブにおける平文のドライブコンテンツにアクセスされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-0227 2012-12-20 19:28 2010-01-7 Show GitHub Exploit DB Packet Storm
228018 4.6 警告 SanDisk - SanDisk Cruzer Enterprise USB フラッシュドライブにおける平文のドライブコンテンツへアクセスされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-0226 2012-12-20 19:28 2010-01-7 Show GitHub Exploit DB Packet Storm
228019 4.6 警告 scandisk - SanDisk Cruzer Enterprise USB フラッシュドライブにおけるデータを読み込まれる脆弱性 CWE-310
暗号の問題 		CVE-2010-0225 2012-12-20 19:28 2010-01-7 Show GitHub Exploit DB Packet Storm
228020 4.6 警告 SanDisk - SanDisk Cruzer Enterprise USB フラッシュドライブにおける平文のドライブコンテンツをアクセスされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-0224 2012-12-20 19:28 2010-01-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194781 5.4 MEDIUM
Network 		wedevs happy_addons_for_elementor The Happy Addons for Elementor WordPress plugin before 2.24.0, Happy Addons Pro for Elementor WordPress plugin before 1.17.0 have a number of widgets that are vulnerable to stored Cross-Site Scriptin… - CVE-2021-24292 2024-11-21 14:52 2021-05-18 Show GitHub Exploit DB Packet Storm
194782 6.1 MEDIUM
Network 		10web photo_gallery The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.69 was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and _id GET p… - CVE-2021-24291 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194783 6.1 MEDIUM
Network 		mooveagency select_all_categories_and_taxonomies\
_change_checkbox_to_radio_buttons 		The settings page of the Select All Categories and Taxonomies, Change Checkbox to Radio Buttons WordPress plugin before 1.3.2 did not properly sanitise the tab parameter before outputting it back, le… - CVE-2021-24287 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194784 6.1 MEDIUM
Network 		mooveagency redirect_404_to_parent The settings page of the Redirect 404 to parent WordPress plugin before 1.3.1 did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue - CVE-2021-24286 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194785 9.8 CRITICAL
Network 		cars-seller-auto-classifieds-script_project cars-seller-auto-classifieds-script The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate o… - CVE-2021-24285 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194786 9.8 CRITICAL
Network 		kaswara_project kaswara The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/up… - CVE-2021-24284 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194787 5.4 MEDIUM
Network 		pickplugins accordion The tab GET parameter of the settings page is not sanitised or escaped when being output back in an HTML attribute, leading to a reflected XSS issue. - CVE-2021-24283 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194788 6.3 MEDIUM
Network 		querysol redirection_for_contact_form_7 In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the various AJAX actions in the plugin to do a variety of things. For exam… - CVE-2021-24282 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194789 4.3 MEDIUM
Network 		querysol redirection_for_contact_form_7 In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the delete_action_post AJAX action to delete any post on a target site. - CVE-2021-24281 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm
194790 8.8 HIGH
Network 		querysol redirection_for_contact_form_7 In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the import_from_debug AJAX action to inject PHP objects. CWE-502
 Deserialization of Untrusted Data 		CVE-2021-24280 2024-11-21 14:52 2021-05-14 Show GitHub Exploit DB Packet Storm