Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256131	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2128	2011-07-1 15:32	2011-06-14	Show	GitHub Exploit DB Packet Storm

256132	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2127	2011-07-1 15:31	2011-06-14	Show	GitHub Exploit DB Packet Storm

256133	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2126	2011-07-1 15:30	2011-06-14	Show	GitHub Exploit DB Packet Storm

256134	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Dirapix.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-2125	2011-07-1 10:19	2011-06-14	Show	GitHub Exploit DB Packet Storm

256135	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2124	2011-07-1 10:17	2011-06-14	Show	GitHub Exploit DB Packet Storm

256136	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Shockwave 3D Asset x32 コンポーネントにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2123	2011-07-1 10:15	2011-06-14	Show	GitHub Exploit DB Packet Storm

256137	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Dirapi.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2122	2011-07-1 10:14	2011-06-14	Show	GitHub Exploit DB Packet Storm

256138	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2121	2011-06-30 10:59	2011-06-14	Show	GitHub Exploit DB Packet Storm

256139	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の CursorAsset x32 コンポーネントにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-2120	2011-06-30 10:58	2011-06-14	Show	GitHub Exploit DB Packet Storm

256140	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の Dirapi.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2011-2119	2011-06-30 10:57	2011-06-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197341	5.4	MEDIUM Network	custom_content_shortcode_project	custom_content_shortcode	The Custom Content Shortcode WordPress plugin before 4.0.2 does not escape custom fields before outputting them, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to perform Cros…	CWE-79 Cross-site Scripting	CVE-2021-24826	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197342	4.3	MEDIUM Network	custom_content_shortcode_project	custom_content_shortcode	The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display a…	-	CVE-2021-24825	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197343	4.3	MEDIUM Network	custom_content_shortcode_project	custom_content_shortcode	The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This c…	CWE-863 Incorrect Authorization	CVE-2021-24824	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197344	5.4	MEDIUM Network	nicdark	cost_calculator	The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator > Price S…	CWE-79 Cross-site Scripting	CVE-2021-24821	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197345	4.8	MEDIUM Network	wp-eventmanager	wp_event_manager	The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even …	CWE-79 Cross-site Scripting	CVE-2021-24810	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197346	7.2	HIGH Network	wpaffiliatefeed	tradetracker-store	The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.	CWE-89 SQL Injection	CVE-2021-24778	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197347	7.2	HIGH Network	hotscot	contact_form	The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a…	CWE-89 SQL Injection	CVE-2021-24777	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

197348	4.8	MEDIUM Network	codeasily	grand_flagallery	The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when…	-	CVE-2021-24903	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

197349	4.8	MEDIUM Network	securemoz	security_audit	The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilt…	-	CVE-2021-24901	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

197350	4.8	MEDIUM Network	editable-table_project	editable_table	The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even w…	-	CVE-2021-24898	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm