Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230441 9.3 危険 ultrashareware - Ultra Shareware Ultra Office Control の Ultra.OfficeControl ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3878 2012-12-20 18:52 2008-09-2 Show GitHub Exploit DB Packet Storm
230442 10 危険 トレンドマイクロ - Trend Micro OfficeScan のサーバにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3862 2012-12-20 18:52 2008-10-22 Show GitHub Exploit DB Packet Storm
230443 7.5 危険 phpmyrealty - phpMyRealty PMR における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3861 2012-12-20 18:52 2008-08-29 Show GitHub Exploit DB Packet Storm
230444 5 警告 Pluck CMS - Windows 上で稼動する Pluck CMS におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3851 2012-12-20 18:52 2008-08-27 Show GitHub Exploit DB Packet Storm
230445 4.9 警告 レッドハット - Fedora 上で稼動している Linux カーネルの utrace サブシステム用の特定の Fedora パッチにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-3832 2012-12-20 18:52 2008-09-30 Show GitHub Exploit DB Packet Storm
230446 5 警告 swfdec - Swfdec におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3796 2012-12-20 18:52 2008-08-27 Show GitHub Exploit DB Packet Storm
230447 6.8 警告 VideoLAN - VLC Media Player の modules/access/mms/mmstu.c 関数における整数符号エラーの脆弱性 CWE-189
数値処理の問題 		CVE-2008-3794 2012-12-20 18:52 2008-08-26 Show GitHub Exploit DB Packet Storm
230448 6.8 警告 PicturesPro - PICTURESPRO Photo Cart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3788 2012-12-20 18:52 2008-08-26 Show GitHub Exploit DB Packet Storm
230449 4.3 警告 PicturesPro - PICTURESPRO Photo Cart の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3786 2012-12-20 18:52 2008-08-26 Show GitHub Exploit DB Packet Storm
230450 7.5 危険 review-script - Five Star Review Script の recommend.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3780 2012-12-20 18:52 2008-08-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196191 9.8 CRITICAL
Network 		wpruby controlled_admin_access An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS set… CWE-425
 Direct Request ('Forced Browsing') 		CVE-2021-24215 2024-11-21 14:52 2021-04-12 Show GitHub Exploit DB Packet Storm
196192 6.1 MEDIUM
Network 		givewp givewp The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET… - CVE-2021-24213 2024-11-21 14:52 2021-04-12 Show GitHub Exploit DB Packet Storm
196193 6.5 MEDIUM
Network 		tms-outsource wpdatatables The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the end… - CVE-2021-24200 2024-11-21 14:52 2021-04-12 Show GitHub Exploit DB Packet Storm
196194 6.5 MEDIUM
Network 		tms-outsource wpdatatables The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the end… - CVE-2021-24199 2024-11-21 14:52 2021-04-12 Show GitHub Exploit DB Packet Storm
196195 8.1 HIGH
Network 		tms-outsource wpdatatables The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can ta… NVD-CWE-Other
CVE-2021-24198 2024-11-21 14:52 2021-04-12 Show GitHub Exploit DB Packet Storm
196196 8.1 HIGH
Network 		tms-outsource wpdatatables The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can ta… NVD-CWE-Other
CVE-2021-24197 2024-11-21 14:52 2021-04-12 Show GitHub Exploit DB Packet Storm
196197 7.5 HIGH
Network 		whatsapp whatsapp_business
whatsapp 		A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read c… NVD-CWE-noinfo
CVE-2021-24027 2024-11-21 14:52 2021-04-7 Show GitHub Exploit DB Packet Storm
196198 9.8 CRITICAL
Network 		whatsapp whatsapp
whatsapp_business 		A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.… CWE-787
 Out-of-bounds Write 		CVE-2021-24026 2024-11-21 14:52 2021-04-7 Show GitHub Exploit DB Packet Storm
196199 9.8 CRITICAL
Network 		woocommerce help_scout The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24212 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196200 5.4 MEDIUM
Network 		wphive wordpress_related_posts The WordPress Related Posts plugin through 3.6.4 contains an authenticated (admin+) stored XSS vulnerability in the title field on the settings page. By exploiting that an attacker will be able to ex… CWE-79
Cross-site Scripting 		CVE-2021-24211 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm