Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228481 5 警告 Ruby-lang.org - Ruby の file.c におけるファイルを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4522 2012-11-27 16:56 2012-10-12 Show GitHub Exploit DB Packet Storm
228482 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6037 2012-11-27 16:55 2012-10-10 Show GitHub Exploit DB Packet Storm
228483 4.3 警告 Mahara - Mahara の group/members.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2253 2012-11-27 16:54 2012-11-23 Show GitHub Exploit DB Packet Storm
228484 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2247 2012-11-27 16:53 2012-10-10 Show GitHub Exploit DB Packet Storm
228485 6.8 警告 Mahara - Mahara における任意のユーザを削除されるおよび CSRF 保護を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2246 2012-11-27 16:53 2012-10-10 Show GitHub Exploit DB Packet Storm
228486 6 警告 Mahara - Mahara における任意のプログラムを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2244 2012-11-27 16:52 2012-10-9 Show GitHub Exploit DB Packet Storm
228487 4.3 警告 Mahara - Mahara におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2243 2012-11-27 16:52 2012-10-9 Show GitHub Exploit DB Packet Storm
228488 6.4 警告 Mahara - Mahara おける任意のファイルを読まれる脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2239 2012-11-27 16:51 2012-09-13 Show GitHub Exploit DB Packet Storm
228489 7.5 危険 PS Project Management Team - Firefox 用 Unity integration 拡張機能におけるサービス運用妨害 (Firefox クラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-0960 2012-11-27 16:50 2012-11-8 Show GitHub Exploit DB Packet Storm
228490 2.1 注意 Remote Login Service Hackers - Remote Login Service におけるログイン認証を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-0959 2012-11-27 16:50 2012-10-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211181 9.8 CRITICAL
Network 		dash10 oauth_server The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers. CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2015-9435 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211182 6.5 MEDIUM
Network 		kiwi-logo-carousel_project kiwi-logo-carousel The kiwi-logo-carousel plugin before 1.7.2 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=kwlogos&page=kwlogos_settings tab or tab_flags_order parameter. CWE-352
 Origin Validation Error 		CVE-2015-9434 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211183 6.5 MEDIUM
Network 		wp_social_bookmarking_light_project wp_social_bookmarking_light The wp-social-bookmarking-light plugin before 1.7.10 for WordPress has CSRF with resultant XSS via configuration parameters for Tumblr, Twitter, Facebook, etc. in wp-admin/options-general.php?page=wp… CWE-352
 Origin Validation Error 		CVE-2015-9433 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211184 6.5 MEDIUM
Network 		thealpinepress alpine-photo-tile-for-instagram The alpine-photo-tile-for-instagram plugin before 1.2.7.6 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=alpine-photo-tile-for-instagram-settings tab parameter. CWE-352
 Origin Validation Error 		CVE-2015-9432 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211185 6.5 MEDIUM
Network 		qtranslate_x_project qtranslate_x The qtranslate-x plugin before 3.4.4 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=qtranslate-x json_config_files or json_custom_i18n_config parameter. CWE-352
 Origin Validation Error 		CVE-2015-9431 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211186 7.2 HIGH
Network 		efficientscripts microblog_poster The microblog-poster plugin before 1.6.2 for WordPress has SQL Injection via the wp-admin/options-general.php?page=microblogposter.php account_id parameter. CWE-89
SQL Injection 		CVE-2015-9449 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211187 6.1 MEDIUM
Network 		crazy_bone_project crazy_bone The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header. CWE-79
Cross-site Scripting 		CVE-2015-9430 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211188 6.5 MEDIUM
Network 		yithemes yith_maintenance_mode The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter. CWE-352
 Origin Validation Error 		CVE-2015-9429 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211189 6.5 MEDIUM
Network 		wplegalpages wp_legal_pages The wplegalpages plugin before 1.1 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=legal-pages lp-domain-name, lp-business-name, lp-phone, lp-street, lp-city-state, lp-country, … CWE-352
 Origin Validation Error 		CVE-2015-9428 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm
211190 6.5 MEDIUM
Network 		googmonify_project googmonify The googmonify plugin through 0.5.1 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=googmonify.php PID or AID parameter. CWE-352
 Origin Validation Error 		CVE-2015-9427 2024-11-21 11:40 2019-09-26 Show GitHub Exploit DB Packet Storm