Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228981 2.1 注意 サン・マイクロシステムズ - Solaris 上の Sun Lightweight Availability Collection Tool における任意のファイルを上書きされる脆弱性 CWE-362
競合状態 		CVE-2009-2314 2012-12-20 19:10 2009-07-2 Show GitHub Exploit DB Packet Storm
228982 7.5 危険 selbstzweck - WBB3 用の rGallery プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2311 2012-12-20 19:10 2009-07-2 Show GitHub Exploit DB Packet Storm
228983 7.5 危険 punres - PunBB 用の Affiliation モジュールの affiliates.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2308 2012-12-20 19:10 2009-07-2 Show GitHub Exploit DB Packet Storm
228984 7.5 危険 tutorial-share - Optimum Web Design Tutorial Share における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-2293 2012-12-20 19:10 2009-07-1 Show GitHub Exploit DB Packet Storm
228985 4.3 警告 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2284 2012-12-20 19:10 2009-06-30 Show GitHub Exploit DB Packet Storm
228986 10 危険 UMN - MapServer の mapserv におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-2281 2012-12-20 19:10 2009-10-22 Show GitHub Exploit DB Packet Storm
228987 2.6 注意 サン・マイクロシステムズ - Sun Java System Access Manager の CDC servlet におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2268 2012-12-20 19:10 2009-06-29 Show GitHub Exploit DB Packet Storm
228988 5 警告 stardict - stardict における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-2260 2012-12-20 19:10 2009-06-30 Show GitHub Exploit DB Packet Storm
228989 6.8 警告 Zen Cart - Zen Cart における任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2255 2012-12-20 19:10 2009-06-21 Show GitHub Exploit DB Packet Storm
228990 7.5 危険 Zen Cart - Zen Cart における任意の SQL コマンドを実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2009-2254 2012-12-20 19:10 2009-06-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
194851 8.8 HIGH
Network 		pluginus fox_-_currency_switcher_professional_for_woocommerce The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode. NVD-CWE-Other
CVE-2021-24566 2024-11-21 14:53 2024-01-17 Show GitHub Exploit DB Packet Storm
194852 5.4 MEDIUM
Network 		patrickposner qyrr The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the data_uri_to_meta AJ… CWE-79
Cross-site Scripting 		CVE-2021-24559 2024-11-21 14:53 2024-01-17 Show GitHub Exploit DB Packet Storm
194853 5.4 MEDIUM
Network 		yukimichi simple_sort\&search The simple sort&search WordPress plugin through 0.0.3 does not make sure that the indexurl parameter of the shortcodes "category_sims", "order_sims", "orderby_sims", "period_sims", and "tag_sims" use… CWE-79
Cross-site Scripting 		CVE-2021-24433 2024-11-21 14:53 2024-01-17 Show GitHub Exploit DB Packet Storm
194854 6.1 MEDIUM
Network 		berocket advanced_ajax_product_filters The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'term_id' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue. CWE-79
Cross-site Scripting 		CVE-2021-24432 2024-11-21 14:53 2024-01-17 Show GitHub Exploit DB Packet Storm
194855 7.5 HIGH
Network 		passster_project passter The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by … NVD-CWE-Other
CVE-2021-24881 2024-11-21 14:53 2023-01-24 Show GitHub Exploit DB Packet Storm
194856 5.4 MEDIUM
Network 		passster_project passter The Passster WordPress plugin before 3.5.5.8 does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. - CVE-2021-24837 2024-11-21 14:53 2023-01-24 Show GitHub Exploit DB Packet Storm
194857 9.8 CRITICAL
Network 		wedevs wp_user_frontend The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via w… - CVE-2021-24649 2024-11-21 14:53 2022-11-21 Show GitHub Exploit DB Packet Storm
194858 8.8 HIGH
Network 		dplugins scripts_organizer The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not valid… - CVE-2021-24890 2024-11-21 14:53 2022-09-26 Show GitHub Exploit DB Packet Storm
194859 5.4 MEDIUM
Network 		transposh transposh_wordpress_translation The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tp_translation AJAX action, which could allow attackers to make authorised users add a translation. G… - CVE-2021-24912 2024-11-21 14:53 2022-08-23 Show GitHub Exploit DB Packet Storm
194860 5.4 MEDIUM
Network 		transposh transposh_wordpress_translation The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tp_translation AJAX action, leading to Stored Cross-Site Scripting, which wil… - CVE-2021-24911 2024-11-21 14:53 2022-08-23 Show GitHub Exploit DB Packet Storm