Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 8, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249741 7.2 危険 IBM - IBM AIX および VIOS における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0745 2012-05-8 15:23 2012-04-5 Show GitHub Exploit DB Packet Storm
249742 10 危険 IBM - IBM Cognos TM1 の Admin Server 内の tm1admsd.exe におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-0202 2012-05-8 15:14 2012-05-4 Show GitHub Exploit DB Packet Storm
249743 4.6 警告 シスコシステムズ - Cisco Unified IP Phones 9900 シリーズのファームウェアにおける権限を取得される脆弱性 CWE-94
コード・インジェクション 		CVE-2012-1328 2012-05-8 13:59 2012-05-3 Show GitHub Exploit DB Packet Storm
249744 6.1 警告 シスコシステムズ - Cisco IOS の dot11t/t_if_dot11_hal_ath.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-16
環境設定 		CVE-2012-1327 2012-05-8 13:58 2012-05-3 Show GitHub Exploit DB Packet Storm
249745 7.1 危険 シスコシステムズ - Cisco IOS の Zone-Based Firewall におけるサービス運用妨害 (デバイスクラッシュ) の脆弱性 CWE-362
競合状態 		CVE-2012-1324 2012-05-8 13:56 2012-05-3 Show GitHub Exploit DB Packet Storm
249746 4.3 警告 シスコシステムズ - Cisco CiscoWorks Common Services の autologin.jsp における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2011-4237 2012-05-8 13:49 2012-05-3 Show GitHub Exploit DB Packet Storm
249747 5 警告 シスコシステムズ - Cisco Unified MeetingPlace の Web サーバにおけるディレクトリ名を列挙される脆弱性 CWE-200
情報漏えい 		CVE-2011-4232 2012-05-8 13:48 2012-05-3 Show GitHub Exploit DB Packet Storm
249748 6.3 警告 シスコシステムズ - Cisco IOS および IOS XE におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4231 2012-05-8 13:40 2012-05-3 Show GitHub Exploit DB Packet Storm
249749 7.8 危険 シスコシステムズ - Nexus スイッチ上で稼働する Cisco NX-OS の libcmd におけるサービス運用妨害 (メモリ消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2011-4023 2012-05-8 11:54 2012-05-3 Show GitHub Exploit DB Packet Storm
249750 5 警告 シスコシステムズ - Cisco Intrusion Prevention System のセンサにおけるサービス運用妨害 (DoS) の脆弱性 CWE-287
不適切な認証 		CVE-2011-4022 2012-05-8 11:53 2012-05-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 8, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195991 4.8 MEDIUM
Network 		any_hostname_project any_hostname The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS paylo… - CVE-2021-24481 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195992 4.8 MEDIUM
Network 		event_geek_project event_geek The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scriptin… - CVE-2021-24480 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195993 4.8 MEDIUM
Network 		drawblog_project drawblog The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue - CVE-2021-24479 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195994 5.4 MEDIUM
Network 		bookshelf_project bookshelf The Bookshelf WordPress plugin through 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting i… CWE-79
Cross-site Scripting 		CVE-2021-24478 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195995 6.1 MEDIUM
Network 		migrate_users_project migrate_users The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin … - CVE-2021-24477 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195996 5.4 MEDIUM
Network 		steam_group_viewer_project steam_group_viewer The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its "Steam Group Address" settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scri… - CVE-2021-24476 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195997 6.1 MEDIUM
Network 		awesome_weather_widget_project awesome_weather_widget The Awesome Weather Widget WordPress plugin through 3.0.2 does not sanitize the id parameter of its awesome_weather_refresh AJAX action, leading to an unauthenticated Reflected Cross-Site Scripting (… CWE-79
Cross-site Scripting 		CVE-2021-24474 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195998 5.4 MEDIUM
Network 		cozmoslabs user_profile_picture The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing users with the upload_image capability (by default author and above) to change and delete the profile pi… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-24473 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
195999 9.8 CRITICAL
Network 		qantumthemes kentharadio
onair2 		The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will… - CVE-2021-24472 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
196000 5.4 MEDIUM
Network 		yada_wiki_project yada_wiki The Yada Wiki WordPress plugin before 3.4.1 did not sanitise, validate or escape the anchor attribute of its shortcode, leading to a Stored Cross-Site Scripting issue CWE-79
Cross-site Scripting 		CVE-2021-24470 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm