Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230611 4.3 警告 vBulletin Solutions, Inc. - vBulletin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3184 2012-12-20 18:52 2008-07-7 Show GitHub Exploit DB Packet Storm
230612 9.3 危険 speedbit - DAP の DAP.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-3182 2012-12-20 18:52 2008-07-15 Show GitHub Exploit DB Packet Storm
230613 7.5 危険 w2b - W2B phpDatingClub の website.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3179 2012-12-20 18:52 2008-07-15 Show GitHub Exploit DB Packet Storm
230614 7.5 危険 webxell - WebXell Editor の upload_pictures.php における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3178 2012-12-20 18:52 2008-07-15 Show GitHub Exploit DB Packet Storm
230615 5 警告 ソフォス - Linux および Unix 上で稼動している Sophos ウィルス検出エンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2008-3177 2012-12-20 18:52 2008-07-15 Show GitHub Exploit DB Packet Storm
230616 6.8 警告 regretless - DodosMail の dodosmail.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-3163 2012-12-20 18:52 2008-07-14 Show GitHub Exploit DB Packet Storm
230617 7.5 危険 webblizzard - WebBlizzard CMS の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3154 2012-12-20 18:52 2008-07-11 Show GitHub Exploit DB Packet Storm
230618 7.5 危険 tritoncms - Triton CMS Pro における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3153 2012-12-20 18:52 2008-07-11 Show GitHub Exploit DB Packet Storm
230619 7.5 危険 warpspeed
PHPNUKE		 - PHP-Nuke 用の 4ndvddb モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3151 2012-12-20 18:52 2008-07-11 Show GitHub Exploit DB Packet Storm
230620 4.7 警告 wefi - WeFi における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2008-3147 2012-12-20 18:52 2008-07-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196281 7.2 HIGH
Network 		cleantalk anti-spam Unvalidated input in the Anti-Spam by CleanTalk WordPress plugin, versions before 5.149, lead to multiple authenticated SQL injection vulnerabilities, however, it requires high privilege user (admin+… CWE-89
SQL Injection 		CVE-2021-24131 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196282 7.2 HIGH
Network 		flippercode wp_google_map Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privilege… CWE-89
SQL Injection 		CVE-2021-24130 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196283 5.4 MEDIUM
Network 		themify portfolio_post Unvalidated input and lack of output encoding in the Themify Portfolio Post WordPress plugin, versions before 1.1.6, lead to Stored Cross-Site Scripting (XSS) vulnerabilities allowing low-privileged … CWE-79
Cross-site Scripting 		CVE-2021-24129 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196284 5.4 MEDIUM
Network 		wpdarko team_members Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attack… CWE-79
Cross-site Scripting 		CVE-2021-24128 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196285 5.4 MEDIUM
Network 		caseproof thirstyaffiliates_affiliate_link_manager Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions before 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS… CWE-79
Cross-site Scripting 		CVE-2021-24127 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196286 5.4 MEDIUM
Network 		enviragallery envira_gallery Unvalidated input and lack of output encoding in the Envira Gallery Lite WordPress plugin, versions before 1.8.3.3, did not properly sanitise the images metadata (namely title) before outputting them… CWE-79
Cross-site Scripting 		CVE-2021-24126 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196287 7.2 HIGH
Network 		contact_form_submissions_project contact_form_submissions Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high privile… CWE-89
SQL Injection 		CVE-2021-24125 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196288 6.1 MEDIUM
Network 		terryl wp_shieldon Unvalidated input and lack of output encoding in the WP Shieldon WordPress plugin, version 1.6.3 and below, leads to Unauthenticated Reflected Cross-Site Scripting (XSS) when the CAPTCHA page is show… CWE-79
Cross-site Scripting 		CVE-2021-24124 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196289 7.2 HIGH
Network 		blubrry powerpress Arbitrary file upload in the PowerPress WordPress plugin, versions before 8.3.8, did not verify some of the uploaded feed images (such as the ones from Podcast Artwork section), allowing high privile… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24123 2024-11-21 14:52 2021-03-19 Show GitHub Exploit DB Packet Storm
196290 7.5 HIGH
Network 		facebook proxygen
mvfst 		A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message sho… CWE-617
 Reachable Assertion 		CVE-2021-24029 2024-11-21 14:52 2021-03-16 Show GitHub Exploit DB Packet Storm