Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256031	9.3	危険	Mozilla Foundation オラクル	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-1201	2011-01-5 14:43	2010-06-22	Show	GitHub Exploit DB Packet Storm

256032	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-1200	2011-01-5 14:42	2010-06-22	Show	GitHub Exploit DB Packet Storm

256033	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の XSLT node sorting の実装における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1199	2011-01-5 14:41	2010-06-22	Show	GitHub Exploit DB Packet Storm

256034	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-1198	2011-01-5 14:40	2010-06-22	Show	GitHub Exploit DB Packet Storm

256035	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハットオラクル	-	複数の Mozilla 製品の nsGenericDOMDataNode::SetTextInternal 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1196	2011-01-5 14:39	2010-06-22	Show	GitHub Exploit DB Packet Storm

256036	9.3	危険	Mozilla Foundation オラクル	-	複数の Mozilla 製品の nsCycleCollector::MarkRoots 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0183	2011-01-5 14:19	2010-06-22	Show	GitHub Exploit DB Packet Storm

256037	7.5	危険	レッドハット	-	Red Hat Enterprise MRG の Management Console における任意のジョブを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-4179	2011-01-4 16:28	2010-11-30	Show	GitHub Exploit DB Packet Storm

256038	7.8	危険	シスコシステムズ	-	複数の CIsco 製品上で稼働する remote-access IPSec VPN の実装における有効なグループ名を列挙される脆弱性	CWE-399 リソース管理の問題	CVE-2010-4354	2011-01-4 16:18	2010-09-22	Show	GitHub Exploit DB Packet Storm

256039	4	警告	Pidgin オラクル	-	Pidgin の libpurple 内にある oscar プロトコルプラグインの clientautoresp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-2528	2011-01-4 16:14	2010-07-30	Show	GitHub Exploit DB Packet Storm

256040	7.2	危険	VMware	-	複数の VMware 製品の VMware-Tools アップデート機能における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-4297	2010-12-27 15:40	2010-12-2	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195061	4.8	MEDIUM Network	connections-pro	connections_business_directory	The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting w…	CWE-79 Cross-site Scripting	CVE-2021-24794	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195062	4.8	MEDIUM Network	etruel	wpematico_rss_feed_fetcher	The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 does not escape the Feed URL added to a campaign before outputting it in an attribute, allowing high privilege users to perform Cross-Sit…	CWE-79 Cross-site Scripting	CVE-2021-24793	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195063	4.8	MEDIUM Network	flat_preloader_project	flat_preloader	The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site S…	CWE-79 Cross-site Scripting	CVE-2021-24789	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195064	4.3	MEDIUM Network	imagesourcecontrol	image_source_control	The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to ed…	NVD-CWE-noinfo	CVE-2021-24781	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195065	4.8	MEDIUM Network	wpdownloadmanager	wordpress_download_manager	The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the un…	CWE-79 Cross-site Scripting	CVE-2021-24773	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195066	6.5	MEDIUM Network	stylishpricelist	stylish_price_list	The Stylish Price List WordPress plugin before 6.9.1 does not perform capability checks in its spl_upload_ser_img AJAX action (available to authenticated users), which could allow any authenticated u…	-	CVE-2021-24770	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195067	5.3	MEDIUM Network	stylishpricelist	stylish_price_list	The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spl_upload_ser_img AJAX action (available to both unauthenticated and authenticated users), which could …	-	CVE-2021-24757	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195068	6.5	MEDIUM Network	radiustheme	logo_slider_and_showcase	The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of …	-	CVE-2021-24742	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195069	5.4	MEDIUM Network	wpreactions	wp_reactions_lite	The WP Reactions Lite WordPress plugin before 1.3.6 does not properly sanitize inputs within wp-admin pages, allowing users with sufficient access to inject XSS payloads within /wp-admin/ pages.	CWE-79 Cross-site Scripting	CVE-2021-24723	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm

195070	4.8	MEDIUM Network	motopress	restaurant_menu	The Restaurant Menu by MotoPress WordPress plugin before 2.4.2 does not properly sanitize or escape inputs when creating new menu items, which could allow high privilege users to perform Cross-Site S…	CWE-79 Cross-site Scripting	CVE-2021-24722	2024-11-21 14:53	2021-11-1	Show	GitHub Exploit DB Packet Storm