Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 4:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
248781 4.6 警告 credant - Credant Mobile Guardian Shield における重要な情報を取得される脆弱性 - CVE-2007-2883 2012-06-26 15:46 2007-05-29 Show GitHub Exploit DB Packet Storm
248782 4.3 警告 digiappz - Digirez におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2880 2012-06-26 15:46 2007-05-29 Show GitHub Exploit DB Packet Storm
248783 4.3 警告 gnuturk - GTP GNUTurk Portal System の mods.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2879 2012-06-26 15:46 2007-05-29 Show GitHub Exploit DB Packet Storm
248784 7.5 危険 devellion - CubeCart における SQL インジェクションの脆弱性 - CVE-2007-2862 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
248785 6.5 警告 boastmachine - BoastMachine の user.php における権限を取得される脆弱性 - CVE-2007-2860 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
248786 6.8 警告 Dart Communications - DartZip.dll の Dart Communications PowerTCP ZIP Compression ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2856 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
248787 6.8 警告 Dart Communications - ActiveX 用の Dart ZipLite Compression の特定の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-2855 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
248788 7.5 危険 bti-tracker - BtiTracker の account_change.php における SQL インジェクションの脆弱性 - CVE-2007-2854 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
248789 9.3 危険 ESET - ESET NOD32 Antivirus におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2852 2012-06-26 15:46 2007-05-24 Show GitHub Exploit DB Packet Storm
248790 10 危険 シトリックス・システムズ - Citrix MetaFrame Presentation Server などの製品で使用される XTE におけるネットワークセキュリティポリシーを回避される脆弱性 - CVE-2007-2850 2012-06-26 15:46 2007-05-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196911 6.1 MEDIUM
Network 		berocket advanced_ajax_product_filters The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'term_id' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue. CWE-79
Cross-site Scripting 		CVE-2021-24432 2024-11-21 14:53 2024-01-17 Show GitHub Exploit DB Packet Storm
196912 7.5 HIGH
Network 		passster_project passter The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by … NVD-CWE-Other
CVE-2021-24881 2024-11-21 14:53 2023-01-24 Show GitHub Exploit DB Packet Storm
196913 5.4 MEDIUM
Network 		passster_project passter The Passster WordPress plugin before 3.5.5.8 does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. - CVE-2021-24837 2024-11-21 14:53 2023-01-24 Show GitHub Exploit DB Packet Storm
196914 9.8 CRITICAL
Network 		wedevs wp_user_frontend The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via w… - CVE-2021-24649 2024-11-21 14:53 2022-11-21 Show GitHub Exploit DB Packet Storm
196915 8.8 HIGH
Network 		dplugins scripts_organizer The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not valid… - CVE-2021-24890 2024-11-21 14:53 2022-09-26 Show GitHub Exploit DB Packet Storm
196916 5.4 MEDIUM
Network 		transposh transposh_wordpress_translation The Transposh WordPress Translation WordPress plugin before 1.0.8 does not have CSRF check in its tp_translation AJAX action, which could allow attackers to make authorised users add a translation. G… - CVE-2021-24912 2024-11-21 14:53 2022-08-23 Show GitHub Exploit DB Packet Storm
196917 5.4 MEDIUM
Network 		transposh transposh_wordpress_translation The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the tk0 parameter from the tp_translation AJAX action, leading to Stored Cross-Site Scripting, which wil… - CVE-2021-24911 2024-11-21 14:53 2022-08-23 Show GitHub Exploit DB Packet Storm
196918 6.1 MEDIUM
Network 		transposh transposh_wordpress_translation The Transposh WordPress Translation WordPress plugin before 1.0.8 does not sanitise and escape the a parameter via an AJAX action (available to both unauthenticated and authenticated users when the c… - CVE-2021-24910 2024-11-21 14:53 2022-08-23 Show GitHub Exploit DB Packet Storm
196919 7.5 HIGH
Network 		wpusermanager wp_user_manager The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the passwo… - CVE-2021-24655 2024-11-21 14:53 2022-07-17 Show GitHub Exploit DB Packet Storm
196920 4.3 MEDIUM
Network 		designwall dw_question_\&_answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as upd… - CVE-2021-24805 2024-11-21 14:53 2022-04-26 Show GitHub Exploit DB Packet Storm