Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
251821 5 警告 netsupportsoftware - NSM における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-4184 2012-03-27 18:42 2010-10-8 Show GitHub Exploit DB Packet Storm
251822 4.3 警告 htmlpurifier
マイクロソフト		 - HTML Purifier におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4183 2012-03-27 18:42 2010-09-5 Show GitHub Exploit DB Packet Storm
251823 5 警告 Yaws - Yaws におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4181 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
251824 4 警告 dracut Project
kernel.org		 - dracut におけるローカルユーザの tty0 からターナミルデータを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4176 2012-03-27 18:42 2010-12-7 Show GitHub Exploit DB Packet Storm
251825 3.3 注意 OpenFabrics Alliance - libsdp の libsdp.conf のディフォルト設定における任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-4173 2012-03-27 18:42 2010-11-22 Show GitHub Exploit DB Packet Storm
251826 5 警告 OpenTTD - OpenTTD におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4168 2012-03-27 18:42 2010-11-17 Show GitHub Exploit DB Packet Storm
251827 7.5 危険 Joomla! - Joomla! における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4166 2012-03-27 18:42 2010-11-4 Show GitHub Exploit DB Packet Storm
251828 6.9 警告 Mono Project - Mono の metadata/loader.c における権限を取得される脆弱性 CWE-Other
その他 		CVE-2010-4159 2012-03-27 18:42 2010-09-26 Show GitHub Exploit DB Packet Storm
251829 4.3 警告 exv2 - eXV2 CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4155 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
251830 9.3 危険 rhinosoft - Rhino の FTP Voyager におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-4154 2012-03-27 18:42 2010-11-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
195341 5.4 MEDIUM
Network 		translationexchange translation_exchange The Translation Exchange WordPress plugin through 1.0.14 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS) within the Project Key text field found in the plugin's settings. - CVE-2021-25057 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
195342 6.1 MEDIUM
Network 		feedwordpress_project feedwordpress The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter. CWE-79
Cross-site Scripting 		CVE-2021-25055 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
195343 6.1 MEDIUM
Network 		sigmaplugin advanced_database_cleaner The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting iss… - CVE-2021-24921 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
195344 6.4 MEDIUM
Network 		wp_photo_album_plus_project wp_photo_album_plus The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could c… - CVE-2021-25115 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
195345 4.3 MEDIUM
Network 		futuriowp futurio_extra The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address. - CVE-2021-25110 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
195346 2.7 LOW
Network 		futuriowp futurio_extra The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cr… CWE-89
SQL Injection 		CVE-2021-25109 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
195347 6.1 MEDIUM
Network 		accesspressthemes form_store_to_db The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site … - CVE-2021-25107 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
195348 4.8 MEDIUM
Network 		wpchill remove_footer_credit The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is dis… - CVE-2021-25050 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
195349 6.1 MEDIUM
Network 		noptin noptin The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue - CVE-2021-25033 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
195350 5.4 MEDIUM
Network 		najeebmedia ppom_for_woocommerce The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrar… - CVE-2021-25018 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm