Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249111 6.6 警告 GNU Project
レッドハット		 - Fedora Core の libltdl.so における任意のコードを実行される脆弱性 - CVE-2006-7151 2012-06-26 15:38 2006-10-8 Show GitHub Exploit DB Packet Storm
249112 5.5 警告 Drupal - Drupal の IMCE モジュールの delete 関数におけるディレクトリトラバーサルの脆弱性 - CVE-2006-7110 2012-06-26 15:38 2006-10-2 Show GitHub Exploit DB Packet Storm
249113 6.5 警告 Drupal - Drupal の IMCE モジュールにおける任意の PHP コードをアップロードされる脆弱性 - CVE-2006-7109 2012-06-26 15:38 2006-10-2 Show GitHub Exploit DB Packet Storm
249114 6.6 警告 Debian - Apache HTTP Server における tty 端末への権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2006-7098 2012-06-26 15:38 2006-03-18 Show GitHub Exploit DB Packet Storm
249115 8.5 危険 Gentoo Linux
Debian		 - Gentoo などで使用される ftpd における gid 0 の権限を持つ任意のディレクトリを一覧にされる脆弱性 - CVE-2006-7094 2012-06-26 15:38 2006-11-15 Show GitHub Exploit DB Packet Storm
249116 7.5 危険 cliserv - CliServ Web Community における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7068 2012-06-26 15:38 2007-03-2 Show GitHub Exploit DB Packet Storm
249117 6.8 警告 dreamcost - DreamCost HostAdmin における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7056 2012-06-26 15:38 2007-02-23 Show GitHub Exploit DB Packet Storm
249118 7.5 危険 Claroline Consortium - Claroline における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7048 2012-06-26 15:38 2007-02-23 Show GitHub Exploit DB Packet Storm
249119 9.3 危険 clan manager pro - CMPRO 用 cmpro.intern/login.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-7046 2012-06-26 15:38 2007-02-23 Show GitHub Exploit DB Packet Storm
249120 7.5 危険 cmpro team - CMPRO における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7045 2012-06-26 15:38 2007-02-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196381 8.8 HIGH
Network 		aioseo all_in_one_seo The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access… CWE-178
 Improper Handling of Case Sensitivity 		CVE-2021-25036 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196382 4.3 MEDIUM
Network 		theeventscalendar eventcalendar The EventCalendar WordPress plugin before 1.1.51 does not have proper authorisation and CSRF checks in the add_calendar_event AJAX actions, allowing users with a role as low as subscriber to create e… - CVE-2021-25025 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196383 6.1 MEDIUM
Network 		theeventscalendar eventcalendar The EventCalendar WordPress plugin before 1.1.51 does not escape some user input before outputting it back in attributes, leading to Reflected Cross-SIte Scripting issues - CVE-2021-25024 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196384 4.8 MEDIUM
Network 		seur_oficial_project seur_oficial The SEUR Oficial WordPress plugin before 1.7.0 does not sanitize and escape some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html ca… CWE-79
Cross-site Scripting 		CVE-2021-25005 2024-11-21 14:54 2022-01-17 Show GitHub Exploit DB Packet Storm
196385 8.8 HIGH
Network 		wow-company wpcalc The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability. - CVE-2021-25054 2024-11-21 14:54 2022-01-11 Show GitHub Exploit DB Packet Storm
196386 8.8 HIGH
Network 		wow-company wp_coder The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to… - CVE-2021-25053 2024-11-21 14:54 2022-01-11 Show GitHub Exploit DB Packet Storm
196387 8.8 HIGH
Network 		wow-company button_generator The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus le… - CVE-2021-25052 2024-11-21 14:54 2022-01-11 Show GitHub Exploit DB Packet Storm
196388 8.8 HIGH
Network 		wow-company modal_window The Modal Window WordPress plugin before 5.2.2 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leadin… CWE-352
 Origin Validation Error 		CVE-2021-25051 2024-11-21 14:54 2022-01-11 Show GitHub Exploit DB Packet Storm
196389 6.1 MEDIUM
Network 		10web 10websocial The 10Web Social Photo Feed WordPress plugin before 1.4.29 was affected by a reflected Cross-Site Scripting (XSS) vulnerability in the wdi_apply_changes admin page, allowing an attacker to perform su… - CVE-2021-25047 2024-11-21 14:54 2022-01-11 Show GitHub Exploit DB Packet Storm
196390 6.1 MEDIUM
Network 		pluginus woocommerce_currency_switcher The WOOCS WordPress plugin before 1.3.7.3 does not sanitise and escape the custom_prices parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue - CVE-2021-25043 2024-11-21 14:54 2022-01-11 Show GitHub Exploit DB Packet Storm