Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252281 3.6 注意 オラクル - Oracle Solaris 9 の XScreenSaver における脆弱性 CWE-noinfo
情報不足 		CVE-2010-3586 2011-02-18 14:28 2011-01-18 Show GitHub Exploit DB Packet Storm
252282 3.6 注意 オラクル - Oracle Solaris 10 の Fault Manager Daemon における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4460 2011-02-18 14:11 2011-01-18 Show GitHub Exploit DB Packet Storm
252283 4.1 警告 オラクル - Oracle Solaris 11 Express の ZFS における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4458 2011-02-18 14:08 2011-01-18 Show GitHub Exploit DB Packet Storm
252284 4.1 警告 オラクル - Oracle Solaris の libc における脆弱性 CWE-noinfo
情報不足 		CVE-2010-4415 2011-02-18 14:06 2011-01-18 Show GitHub Exploit DB Packet Storm
252285 4.3 警告 サン・マイクロシステムズ - Oracle Sun Java System Communications Express の Web メールにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-4456 2011-02-18 14:03 2011-01-18 Show GitHub Exploit DB Packet Storm
252286 4.3 警告 サン・マイクロシステムズ - Sun Java System Communications Express におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1227 2011-02-18 14:00 2010-04-1 Show GitHub Exploit DB Packet Storm
252287 10 危険 IBM - IBM DB2 UDB の Administration Server コンポーネントにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3731 2011-02-17 18:09 2010-10-5 Show GitHub Exploit DB Packet Storm
252288 5 警告 IBM - IBM DB2 の SYSIBMADM スキーマにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3197 2011-02-17 18:08 2010-08-31 Show GitHub Exploit DB Packet Storm
252289 3.5 注意 IBM - IBM DB2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-3196 2011-02-17 18:07 2010-03-9 Show GitHub Exploit DB Packet Storm
252290 5 警告 IBM - Windows Server 2008 上で稼働する IBM DB2 におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2010-3195 2011-02-17 18:06 2010-02-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
223111 4.9 MEDIUM
Network 		10web photo_gallery The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authenticated Local File Inclusion via directory traversal in the wp-admin/admin-ajax.php?action=shortcode_bwg tagtext parameter. CWE-22
Path Traversal 		CVE-2019-14798 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223112 5.4 MEDIUM
Network 		10web photo_gallery The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authenticated stored XSS. CWE-79
Cross-site Scripting 		CVE-2019-14797 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223113 5.4 MEDIUM
Network 		mq-woocommerce-products-price-bulk-edit_project mq-woocommerce-products-price-bulk-edit The mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=update_options show_products_page_lim… CWE-79
Cross-site Scripting 		CVE-2019-14796 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223114 7.5 HIGH
Network 		metabox meta_box The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. CWE-19
 Data Processing Errors 		CVE-2019-14794 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223115 6.1 MEDIUM
Network 		codepeople appointment_booking_calendar The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XSS via the wp-admin/admin-post.php editionarea parameter. CWE-79
Cross-site Scripting 		CVE-2019-14791 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223116 6.1 MEDIUM
Network 		foliovision fv_flowplayer_video_player The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS. CWE-79
Cross-site Scripting 		CVE-2019-14799 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223117 6.5 MEDIUM
Network 		metabox meta_box The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. CWE-862
 Missing Authorization 		CVE-2019-14793 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223118 5.4 MEDIUM
Network 		codecabin wp_go_maps The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter. CWE-79
Cross-site Scripting 		CVE-2019-14792 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223119 5.4 MEDIUM
Network 		tribulant newsletters The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. CWE-79
Cross-site Scripting 		CVE-2019-14787 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm
223120 5.4 MEDIUM
Network 		codepeople cp_contact_form_with_paypal The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id paramete… CWE-79
Cross-site Scripting 		CVE-2019-14785 2024-11-21 13:27 2019-08-9 Show GitHub Exploit DB Packet Storm