Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255621	9.3	危険	SCADA Engine	-	SCADA Engine BACnet OPC Client におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4740	2011-03-3 16:51	2011-02-7	Show	GitHub Exploit DB Packet Storm

255622	5	警告	Majordomo 2	-	Majordomo 2 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2011-0049	2011-03-3 16:47	2011-02-7	Show	GitHub Exploit DB Packet Storm

255623	7.6	危険	Automated Solutions, Inc	-	Automated Solutions Modbus/TCP Master OPC Server におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-4709	2011-03-3 16:32	2011-02-7	Show	GitHub Exploit DB Packet Storm

255624	10	危険	シスコシステムズ	-	Cisco Tandberg E, EX および C Series における root アカウントのデフォルト認証情報の問題	CWE-255 証明書・パスワード管理	CVE-2011-0354	2011-03-3 16:28	2011-02-4	Show	GitHub Exploit DB Packet Storm

255625	4.6	警告	サイバートラスト株式会社 VMware Linux レッドハット	-	Linux kernel の do_gfs2_set_flags 関数におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1641	2011-03-3 13:41	2010-06-1	Show	GitHub Exploit DB Packet Storm

255626	4.9	警告	サイバートラスト株式会社 VMware Linux レッドハット	-	Linux kernel の gfs2 におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-1436	2011-03-3 13:39	2010-05-21	Show	GitHub Exploit DB Packet Storm

255627	4.9	警告	サイバートラスト株式会社 VMware Linux レッドハット	-	Linux kernel の Transparent Inter-Process Communication 機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-1187	2011-03-3 13:38	2010-03-31	Show	GitHub Exploit DB Packet Storm

255628	5.4	警告	サイバートラスト株式会社 VMware Linux レッドハット	-	Linux kernel の fs/nfs/pagelist.c における脆弱性	CWE-noinfo 情報不足	CVE-2010-1088	2011-03-3 13:37	2010-04-6	Show	GitHub Exploit DB Packet Storm

255629	7.8	危険	サイバートラスト株式会社 VMware Linux レッドハット	-	Linux kernel の nfs_wait_on_request 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-1087	2011-03-3 13:36	2010-04-6	Show	GitHub Exploit DB Packet Storm

255630	2.1	注意	サイバートラスト株式会社 VMware Linux レッドハット	-	Linux kernel の wake_futex_pi 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0622	2011-03-3 13:35	2010-02-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195061	3.9	LOW Physics	sophos	intercept_x authenticator	An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and…	CWE-922 Insecure Storage of Sensitive Information	CVE-2021-25266	2024-11-21 14:54	2022-04-28	Show	GitHub Exploit DB Packet Storm

195062	6.1	MEDIUM Network	english_wordpress_admin_project	english_wordpress_admin	The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue	-	CVE-2021-25111	2024-11-21 14:54	2022-04-26	Show	GitHub Exploit DB Packet Storm

195063	8.1	HIGH Network	brandexponents	tatsu	The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By ad…	-	CVE-2021-25094	2024-11-21 14:54	2022-04-26	Show	GitHub Exploit DB Packet Storm

195064	8.8	HIGH Network	advanced_page_visit_counter_project	advanced_page_visit_counter	The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authenti…	-	CVE-2021-24957	2024-11-21 14:54	2022-04-26	Show	GitHub Exploit DB Packet Storm

195065	6.1	MEDIUM Network	easysocialfeed	easy_social_feed	The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in the response, leading to Reflected Cross…	-	CVE-2021-25120	2024-11-21 14:54	2022-04-19	Show	GitHub Exploit DB Packet Storm

195066	5.4	MEDIUM Network	wpsofts	portfolio_gallery\ _product_catalog_-_grid_kit_portfolio	The Portfolio Gallery, Product Catalog WordPress plugin before 2.1.0 does not have authorisation and CSRF checks in various functions related to AJAX actions, allowing any authenticated users, such a…	-	CVE-2021-25090	2024-11-21 14:54	2022-04-12	Show	GitHub Exploit DB Packet Storm

195067	6.1	MEDIUM Network	heateor	super_socializer	The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.30 does not sanitise and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both…	CWE-79 Cross-site Scripting	CVE-2021-24987	2024-11-21 14:54	2022-04-12	Show	GitHub Exploit DB Packet Storm

195068	6.1	MEDIUM Network	pickplugins	post_grid	The Post Grid WordPress plugin before 2.1.16 does not escape the keyword parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in pages containing a Post Gr…	-	CVE-2021-24986	2024-11-21 14:54	2022-04-12	Show	GitHub Exploit DB Packet Storm

195069	5.4	MEDIUM Network	dropdown_menu_widget_project	dropdown_menu_widget	The Dropdown Menu Widget WordPress plugin through 1.9.7 does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to th…	-	CVE-2021-25113	2024-11-21 14:54	2022-04-5	Show	GitHub Exploit DB Packet Storm

195070	5.4	MEDIUM Network	king-theme	kingcomposer	The KingComposer WordPress plugin through 2.9.6 does not have authorisation, CSRF and sanitisation/escaping when creating profile, allowing any authenticated users to create arbitrary ones, with Cros…	-	CVE-2021-25048	2024-11-21 14:54	2022-04-5	Show	GitHub Exploit DB Packet Storm