Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249351 5 警告 Igor Sysoev - nginx における重要な情報を取得される脆弱性 CWE-399
リソース管理の問題 		CVE-2012-1180 2012-06-12 15:48 2012-04-17 Show GitHub Exploit DB Packet Storm
249352 6.8 警告 Bloxx - Bloxx Web Filtering で使用される Microdasys におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-3343 2012-06-12 15:23 2011-06-9 Show GitHub Exploit DB Packet Storm
249353 5 警告 Bloxx - Bloxx Web Filtering における IP アドレスとドメインの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2566 2012-06-12 15:19 2011-06-9 Show GitHub Exploit DB Packet Storm
249354 5.8 警告 Bloxx - Bloxx Web Filtering における平文パスワードを容易に推測される脆弱 CWE-264
認可・権限・アクセス制御 		CVE-2012-2565 2012-06-12 15:17 2011-06-9 Show GitHub Exploit DB Packet Storm
249355 6.8 警告 Bloxx - Bloxx Web Filtering の管理インターフェースにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2564 2012-06-12 15:14 2011-06-9 Show GitHub Exploit DB Packet Storm
249356 4.3 警告 Bloxx - Bloxx Web Filtering におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2563 2012-06-12 15:10 2011-06-9 Show GitHub Exploit DB Packet Storm
249357 5.8 警告 シーメンス - Siemens WinCC の Web アプリケーションにおけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3003 2012-06-12 14:31 2012-06-5 Show GitHub Exploit DB Packet Storm
249358 4.3 警告 シーメンス - Siemens WinCC の DiagAgent Web サーバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2598 2012-06-12 14:27 2012-06-5 Show GitHub Exploit DB Packet Storm
249359 4 警告 シーメンス - Siemens WinCC におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2012-2597 2012-06-12 14:26 2012-06-5 Show GitHub Exploit DB Packet Storm
249360 5.5 警告 シーメンス - Siemens WinCC の Web アプリケーションの XPath 機能における設定を読まれる脆弱性 CWE-94
コード・インジェクション 		CVE-2012-2596 2012-06-12 14:22 2012-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196231 5.4 MEDIUM
Network 		ninjaforms ninja_forms The wp_ajax_nf_oauth_disconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attacker… CWE-352
 Origin Validation Error 		CVE-2021-24166 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196232 6.1 MEDIUM
Network 		ninjaforms ninja_forms In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no pr… CWE-601
Open Redirect 		CVE-2021-24165 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196233 4.3 MEDIUM
Network 		ninjaforms ninja_forms In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to es… CWE-862
 Missing Authorization 		CVE-2021-24164 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196234 8.8 HIGH
Network 		ninjaforms ninja_forms The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such… CWE-862
 Missing Authorization 		CVE-2021-24163 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196235 8.8 HIGH
Network 		expresstech responsive_menu In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to in… CWE-352
 Origin Validation Error 		CVE-2021-24162 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196236 8.8 HIGH
Network 		expresstech responsive_menu In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attack… CWE-352
 Origin Validation Error 		CVE-2021-24161 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196237 8.8 HIGH
Network 		expresstech responsive_menu In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These f… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24160 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196238 8.8 HIGH
Network 		rocklobster contact_form_7 Due to the lack of sanitization and lack of nonce protection on the custom CSS feature, an attacker could craft a request to inject malicious JavaScript on a site using the Contact Form 7 Style WordP… CWE-352
 Origin Validation Error 		CVE-2021-24159 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196239 6.5 MEDIUM
Network 		themeisle orbit_fox Orbit Fox by ThemeIsle has a feature to add a registration form to both the Elementor and Beaver Builder page builders functionality. As part of the registration form, administrators can choose which… NVD-CWE-Other
CVE-2021-24158 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm
196240 5.4 MEDIUM
Network 		themeisle orbit_fox Orbit Fox by ThemeIsle has a feature to add custom scripts to the header and footer of a page or post. There were no checks to verify that a user had the unfiltered_html capability prior to saving th… CWE-79
Cross-site Scripting 		CVE-2021-24157 2024-11-21 14:52 2021-04-6 Show GitHub Exploit DB Packet Storm