Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228921 5 警告 xlinesoft - PHPRunner の UserView_list.php における権限を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2009-0964 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
228922 7.5 危険 xlinesoft - PHPRunner における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0963 2012-12-20 19:10 2009-03-19 Show GitHub Exploit DB Packet Storm
228923 10 危険 The Tor Project - Tor における脆弱性 CWE-noinfo
情報不足 		CVE-2009-0939 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
228924 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0938 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
228925 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0937 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
228926 5 警告 The Tor Project - Tor におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-0936 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
228927 4.3 警告 ProcessOne - ejabberd におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0934 2012-12-20 19:10 2009-03-17 Show GitHub Exploit DB Packet Storm
228928 7.5 危険 roman bogorodskiy - nForum における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-0882 2012-12-20 19:10 2009-03-12 Show GitHub Exploit DB Packet Storm
228929 5 警告 wesnoth - Wesnoth の src/terrain_translation.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-0878 2012-12-20 19:10 2009-03-12 Show GitHub Exploit DB Packet Storm
228930 4.3 警告 tangocms - TangoCMS の admincp コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0862 2012-12-20 19:10 2009-02-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194971 5.4 MEDIUM
Network 		themify portfolio_post Unvalidated input and lack of output encoding in the Themify Portfolio Post WordPress plugin, versions before 1.1.6, lead to Stored Cross-Site Scripting (XSS) vulnerabilities allowing low-privileged … CWE-79
Cross-site Scripting 		CVE-2021-24129 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194972 5.4 MEDIUM
Network 		wpdarko team_members Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attack… CWE-79
Cross-site Scripting 		CVE-2021-24128 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194973 5.4 MEDIUM
Network 		caseproof thirstyaffiliates_affiliate_link_manager Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS… CWE-79
Cross-site Scripting 		CVE-2021-24127 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194974 5.4 MEDIUM
Network 		enviragallery envira_gallery Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them… CWE-79
Cross-site Scripting 		CVE-2021-24126 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194975 7.2 HIGH
Network 		contact_form_submissions_project contact_form_submissions Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privile… CWE-89
SQL Injection 		CVE-2021-24125 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194976 6.1 MEDIUM
Network 		terryl wp_shieldon Unvalidated input and lack of output encoding in the WP Shieldon WordPress plugin, version 1.6.3 and below, leads to Unauthenticated Reflected Cross-Site Scripting (XSS) when the CAPTCHA page is show… CWE-79
Cross-site Scripting 		CVE-2021-24124 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194977 7.2 HIGH
Network 		blubrry powerpress Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privile… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24123 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
194978 7.5 HIGH
Network 		facebook proxygen
mvfst 		A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message sho… CWE-617
 Reachable Assertion 		CVE-2021-24029 2024-11-21 14:52 2021-03-16 Show GitHub Exploit DB Packet Storm
194979 7.8 HIGH
Local 		microsoft high_efficiency_video_coding HEVC Video Extensions Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2021-24110 2024-11-21 14:52 2021-03-12 Show GitHub Exploit DB Packet Storm
194980 7.8 HIGH
Local 		microsoft office
365_apps 		Microsoft Office Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2021-24108 2024-11-21 14:52 2021-03-12 Show GitHub Exploit DB Packet Storm