Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249811	6.8	警告	Intuit	-	Intuit QuickBooks の intu-help-qb ハンドラにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2418	2012-04-27 14:49	2012-04-25	Show	GitHub Exploit DB Packet Storm

249812	4.6	警告	サイバートラスト株式会社 Net_SSLeay Canonical	-	Perl モジュール Net::SSLeay.pm の entropy ソースの扱いに関する脆弱性	-	CVE-2005-0106	2012-04-27 14:12	2005-05-3	Show	GitHub Exploit DB Packet Storm

249813	4.3	警告	osCommerce	-	osCommerce におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-0312	2012-04-26 16:56	2012-01-20	Show	GitHub Exploit DB Packet Storm

249814	2.6	注意	Mozilla Foundation	-	複数の Mozilla 製品における IPv6 リテラルのアクセス制御リスト (ACL) を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0475	2012-04-26 16:00	2012-04-24	Show	GitHub Exploit DB Packet Storm

249815	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の cairo-dwrite 実装におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-119 バッファエラー	CVE-2012-0472	2012-04-26 15:51	2012-04-24	Show	GitHub Exploit DB Packet Storm

249816	4.3	警告	OSQA	-	OSQA におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1245	2012-04-26 12:03	2012-04-26	Show	GitHub Exploit DB Packet Storm

249817	4	警告	株式会社NTTドコモ	-	spモードメールアプリにおける SSL サーバ証明書の検証不備の脆弱性	CWE-Other その他	CVE-2012-1244	2012-04-26 12:02	2012-04-26	Show	GitHub Exploit DB Packet Storm

249818	10	危険	Bharat Mediratta	-	Gallery における暗号化の処理に関する脆弱性	CWE-310 暗号の問題	CVE-2012-2405	2012-04-24 16:30	2012-04-3	Show	GitHub Exploit DB Packet Storm

249819	4.3	警告	Cumin	-	Cumin におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1575	2012-04-24 16:27	2012-04-22	Show	GitHub Exploit DB Packet Storm

249820	4.6	警告	NVIDIA	-	NVIDIA UNIX ドライバにおける任意のメモリ領域にアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0946	2012-04-24 16:23	2012-04-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195971	6.1	MEDIUM Network	community_events_project	community_events	The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leadin…	-	CVE-2021-24496	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195972	8.8	HIGH Network	handsome_testimonials_\&_reviews_project	handsome_testimonials_\&_reviews	The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hnd…	CWE-89 SQL Injection	CVE-2021-24492	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195973	6.1	MEDIUM Network	pickplugins	post_grid	The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross…	-	CVE-2021-24488	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195974	7.2	HIGH Network	ays-pro	secure_copy_content_protection_and_content_locking	The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL state…	-	CVE-2021-24484	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195975	7.2	HIGH Network	ays-pro	poll_maker	The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL state…	-	CVE-2021-24483	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195976	4.8	MEDIUM Network	any_hostname_project	any_hostname	The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS paylo…	-	CVE-2021-24481	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195977	4.8	MEDIUM Network	event_geek_project	event_geek	The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scriptin…	-	CVE-2021-24480	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195978	4.8	MEDIUM Network	drawblog_project	drawblog	The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue	-	CVE-2021-24479	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195979	5.4	MEDIUM Network	bookshelf_project	bookshelf	The Bookshelf WordPress plugin through 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting i…	CWE-79 Cross-site Scripting	CVE-2021-24478	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

195980	6.1	MEDIUM Network	migrate_users_project	migrate_users	The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin …	-	CVE-2021-24477	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm