Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249231 9.3 危険 IBM - IBM Lotus Notes の URL ハンドラにおける任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2174 2012-06-21 15:27 2012-06-15 Show GitHub Exploit DB Packet Storm
249232 5 警告 IBM - IBM Security AppScan Source の ODBC ドライバにおける重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-2173 2012-06-21 15:25 2012-06-20 Show GitHub Exploit DB Packet Storm
249233 4.3 警告 IBM - IBM WebSphere Application Server における重要なクライアント情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2170 2012-06-21 15:22 2012-05-29 Show GitHub Exploit DB Packet Storm
249234 4.3 警告 IBM - IBM WebSphere Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0720 2012-06-21 15:13 2012-05-29 Show GitHub Exploit DB Packet Storm
249235 2.6 注意 IBM - IBM WebSphere Application Server における X.509 クライアント証明書の認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2012-0717 2012-06-21 15:06 2012-05-29 Show GitHub Exploit DB Packet Storm
249236 4.3 警告 IBM - IBM WebSphere Application Server の管理コンソールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0716 2012-06-21 15:01 2012-05-29 Show GitHub Exploit DB Packet Storm
249237 5 警告 Plugin Newsletter - WordPress 用 Plugin Newsletter プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-3588 2012-06-21 14:33 2012-06-19 Show GitHub Exploit DB Packet Storm
249238 2.6 注意 Debian - APT におけるトロイの木馬のパッケージをインストールされる脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3587 2012-06-21 14:21 2012-06-14 Show GitHub Exploit DB Packet Storm
249239 4 警告 Digium - Asterisk Open Source の chan_skinny.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2012-3553 2012-06-21 14:19 2012-06-14 Show GitHub Exploit DB Packet Storm
249240 6.9 警告 チェック・ポイント・ソフトウェア・テクノロジーズ - Check Point の複数の製品における権限を取得される脆弱性 CWE-Other
その他 		CVE-2012-2753 2012-06-21 14:17 2012-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196311 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the heading widget (includes/widgets/heading.php) accepts a ‘header_size’ parameter. Although the element control lists a fixed set of … CWE-79
Cross-site Scripting 		CVE-2021-24202 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196312 5.4 MEDIUM
Network 		elementor website_builder In the Elementor Website Builder WordPress plugin before 3.1.4, the column element (includes/elements/column.php) accepts an ‘html_tag’ parameter. Although the element control lists a fixed set of po… CWE-79
Cross-site Scripting 		CVE-2021-24201 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196313 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_place_rating AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could be exploite… CWE-89
SQL Injection 		CVE-2021-24185 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196314 8.8 HIGH
Network 		themeum tutor_lms Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 were unprotected, allowing students to modify course information and elevate their privile… - CVE-2021-24184 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196315 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_quiz_builder_get_question_form AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be … CWE-89
SQL Injection 		CVE-2021-24183 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196316 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_quiz_builder_get_answers_by_question AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that cou… CWE-89
SQL Injection 		CVE-2021-24182 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196317 6.5 MEDIUM
Network 		themeum tutor_lms The tutor_mark_answer_as_correct AJAX action from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.7.7 was vulnerable to blind and time based SQL injections that could b… CWE-89
SQL Injection 		CVE-2021-24181 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196318 5.4 MEDIUM
Network 		never5 related_posts Unvalidated input and lack of output encoding within the Related Posts for WordPress plugin before 2.0.4 lead to a Reflected Cross-Site Scripting (XSS) vulnerability within the 'lang' GET parameter w… CWE-79
Cross-site Scripting 		CVE-2021-24180 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196319 5.4 MEDIUM
Network 		webdesi9 file_manager In the default configuration of the File Manager WordPress plugin before 7.1, a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wp_file_manager_properties when a payload is submitted… CWE-79
Cross-site Scripting 		CVE-2021-24177 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196320 5.4 MEDIUM
Network 		jh_404_logger_project jh_404_logger The JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the Wor… - CVE-2021-24176 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm