Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249811 6.8 警告 Intuit - Intuit QuickBooks の intu-help-qb ハンドラにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2418 2012-04-27 14:49 2012-04-25 Show GitHub Exploit DB Packet Storm
249812 4.6 警告 サイバートラスト株式会社
Net_SSLeay
Canonical		 - Perl モジュール Net::SSLeay.pm の entropy ソースの扱いに関する脆弱性 - CVE-2005-0106 2012-04-27 14:12 2005-05-3 Show GitHub Exploit DB Packet Storm
249813 4.3 警告 osCommerce - osCommerce におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0312 2012-04-26 16:56 2012-01-20 Show GitHub Exploit DB Packet Storm
249814 2.6 注意 Mozilla Foundation - 複数の Mozilla 製品における IPv6 リテラルのアクセス制御リスト (ACL) を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0475 2012-04-26 16:00 2012-04-24 Show GitHub Exploit DB Packet Storm
249815 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の cairo-dwrite 実装におけるサービス運用妨害 (メモリ破損) の脆弱性 CWE-119
バッファエラー 		CVE-2012-0472 2012-04-26 15:51 2012-04-24 Show GitHub Exploit DB Packet Storm
249816 4.3 警告 OSQA - OSQA におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1245 2012-04-26 12:03 2012-04-26 Show GitHub Exploit DB Packet Storm
249817 4 警告 株式会社NTTドコモ - spモードメールアプリにおける SSL サーバ証明書の検証不備の脆弱性 CWE-Other
その他 		CVE-2012-1244 2012-04-26 12:02 2012-04-26 Show GitHub Exploit DB Packet Storm
249818 10 危険 Bharat Mediratta - Gallery における暗号化の処理に関する脆弱性 CWE-310
暗号の問題 		CVE-2012-2405 2012-04-24 16:30 2012-04-3 Show GitHub Exploit DB Packet Storm
249819 4.3 警告 Cumin - Cumin におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1575 2012-04-24 16:27 2012-04-22 Show GitHub Exploit DB Packet Storm
249820 4.6 警告 NVIDIA - NVIDIA UNIX ドライバにおける任意のメモリ領域にアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-0946 2012-04-24 16:23 2012-04-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196021 4.8 MEDIUM
Network 		wp_youtube_lyte_project wp_youtube_lyte The WP YouTube Lyte WordPress plugin before 1.7.16 did not sanitise or escape its lyte_yt_api_key and lyte_notification settings before outputting them back in the page, allowing high privilege users… - CVE-2021-24419 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
196022 4.8 MEDIUM
Network 		smooth_scroll_page_up\/down_buttons_project smooth_scroll_page_up\/down_buttons The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS pay… - CVE-2021-24418 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
196023 6.1 MEDIUM
Network 		plugin-planet prismatic The Prismatic WordPress plugin before 2.8 does not escape the 'tab' GET parameter before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue which will be executed i… - CVE-2021-24409 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
196024 5.4 MEDIUM
Network 		plugin-planet prismatic The Prismatic WordPress plugin before 2.8 does not sanitise or validate some of its shortcode parameters, allowing users with a role as low as Contributor to set Cross-Site payload in them. A post ma… - CVE-2021-24408 2024-11-21 14:53 2021-07-13 Show GitHub Exploit DB Packet Storm
196025 5.4 MEDIUM
Network 		deliciousbrains wp_offload_ses_lite The WP Offload SES Lite WordPress plugin before 1.4.5 did not escape some of the fields in the Activity page of the admin dashboard, such as the email's id, subject and recipient, which could lead to… - CVE-2021-24494 2024-11-21 14:53 2021-07-6 Show GitHub Exploit DB Packet Storm
196026 7.2 HIGH
Network 		export_users_with_meta_project export_users_with_meta The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to a… - CVE-2021-24451 2024-11-21 14:53 2021-07-6 Show GitHub Exploit DB Packet Storm
196027 6.1 MEDIUM
Network 		tielabs jannah The Jannah WordPress theme before 5.4.5 did not properly sanitize the 'query' POST parameter in its tie_ajax_search AJAX action, leading to a Reflected Cross-site Scripting (XSS) vulnerability. - CVE-2021-24407 2024-11-21 14:53 2021-07-6 Show GitHub Exploit DB Packet Storm
196028 6.1 MEDIUM
Network 		gvectors wpforo_forum The wpForo Forum WordPress plugin before 1.9.7 did not validate the redirect_to parameter in the login form of the forum, leading to an open redirect issue after a successful login. Such issue could … - CVE-2021-24406 2024-11-21 14:53 2021-07-6 Show GitHub Exploit DB Packet Storm
196029 6.5 MEDIUM
Network 		izsoft easy_cookies_policy The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. If user… NVD-CWE-Other
CVE-2021-24405 2024-11-21 14:53 2021-07-6 Show GitHub Exploit DB Packet Storm
196030 7.2 HIGH
Network 		benjaminrojas wp_editor The WP Editor WordPress plugin before 1.2.7 did not sanitise or validate its setting fields leading to an authenticated (admin+) blind SQL injection issue via an arbitrary parameter when making a req… CWE-89
SQL Injection 		CVE-2021-24151 2024-11-21 14:52 2024-01-17 Show GitHub Exploit DB Packet Storm