Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 23, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252311 9 危険 マイクロソフト - Microsoft Windows におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-3406 2011-12-16 11:38 2011-12-13 Show GitHub Exploit DB Packet Storm
252312 9.3 危険 マイクロソフト - 複数の Microsoft PowerPoint 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3413 2011-12-16 11:37 2011-12-13 Show GitHub Exploit DB Packet Storm
252313 9.3 危険 マイクロソフト - Microsoft PowerPoint 2007 および 2010 における権限昇格の脆弱性 CWE-Other
その他 		CVE-2011-3396 2011-12-16 11:36 2011-12-13 Show GitHub Exploit DB Packet Storm
252314 9.3 危険 マイクロソフト - Microsoft Windows XP および Windows Server 2003 における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3400 2011-12-16 11:35 2011-12-13 Show GitHub Exploit DB Packet Storm
252315 9.3 危険 マイクロソフト - 複数の Microsoft Windows 製品の ENCDEC.DLL における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3401 2011-12-16 11:34 2011-12-13 Show GitHub Exploit DB Packet Storm
252316 9.3 危険 マイクロソフト - Microsoft Publisher における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3412 2011-12-16 11:32 2011-12-13 Show GitHub Exploit DB Packet Storm
252317 9.3 危険 マイクロソフト - Microsoft Publisher における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3411 2011-12-16 11:31 2011-12-13 Show GitHub Exploit DB Packet Storm
252318 9.3 危険 マイクロソフト - Microsoft Publisher における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3410 2011-12-16 11:25 2011-12-13 Show GitHub Exploit DB Packet Storm
252319 9.3 危険 マイクロソフト - Microsoft Publisher 2003 および 2007 における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-1508 2011-12-16 11:19 2011-12-13 Show GitHub Exploit DB Packet Storm
252320 9.3 危険 マイクロソフト - Microsoft Windows XP および Windows Server 2003 における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2011-3397 2011-12-16 11:16 2011-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311771 6.3 MEDIUM
Network 		- - The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes i… CWE-862
 Missing Authorization 		CVE-2021-4446 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311772 - - - The Product Filter by WooBeWoo plugin for WordPress is vulnerable to authorization bypass in versions up to, and including 1.4.9 due to missing authorization checks on various functions. This makes i… CWE-862
 Missing Authorization 		CVE-2021-4444 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311773 9.8 CRITICAL
Network 		- - The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compiler_save AJAX action. This makes it possible for unauthentic… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-4443 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311774 8.3 HIGH
Network 		- - The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.99. This is due to missing or incorrect nonce validation on several functions. … CWE-352
 Origin Validation Error 		CVE-2020-36839 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311775 7.4 HIGH
Network 		- - The Facebook Chat Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wp_ajax_update_options function in versions up to, and including, 1.5. This flaw … CWE-284
Improper Access Control 		CVE-2020-36838 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311776 9.9 CRITICAL
Network 		- - The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the reset_wizard_actions function in versions 1.3.4 through 1.6.1. This m… CWE-862
 Missing Authorization 		CVE-2020-36837 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311777 6.3 MEDIUM
Network 		- - The Discount Rules for WooCommerce plugin for WordPress is vulnerable to missing authorization via several AJAX actions in versions up to, and including, 2.0.2 due to missing capability checks on var… CWE-862
 Missing Authorization 		CVE-2020-36834 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311778 6.3 MEDIUM
Network 		- - The Indeed Membership Pro plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on various AJAX actions in versions 7.3 - 8.6. This makes it possible for authent… CWE-862
 Missing Authorization 		CVE-2020-36833 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311779 9.8 CRITICAL
Network 		- - The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in versions between, and including, 7.3 to 8.6. This makes it possible for unauthenticated attackers to login a… CWE-287
Improper Authentication 		CVE-2020-36832 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm
311780 5.0 MEDIUM
Network 		- - The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on multiple user privilege/security functions provided in vers… CWE-284
Improper Access Control 		CVE-2020-36831 2024-10-16 16:15 2024-10-16 Show GitHub Exploit DB Packet Storm