Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256311	10	危険	VMware	-	複数の VMware 製品のデフォルト設定における脆弱性	CWE-16 環境設定	CVE-2008-1392	2010-09-13 15:57	2008-03-20	Show	GitHub Exploit DB Packet Storm

256312	10	危険	VMware	-	複数の VMware 製品の ActiveX コントロールにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-3892	2010-09-13 15:57	2008-09-3	Show	GitHub Exploit DB Packet Storm

256313	7.2	危険	VMware	-	複数の VMware 製品の VIX API におけるバッファオーバーフローの脆弱性	CWE-119 CWE-noinfo	CVE-2008-2100	2010-09-13 15:56	2008-06-4	Show	GitHub Exploit DB Packet Storm

256314	7.8	危険	VMware	-	複数の VMware 製品の DHCP サービスにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 CWE-noinfo	CVE-2008-1364	2010-09-13 15:56	2008-03-17	Show	GitHub Exploit DB Packet Storm

256315	6.8	警告	VMware	-	複数の VMware 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1363	2010-09-13 15:56	2008-03-17	Show	GitHub Exploit DB Packet Storm

256316	7.2	危険	VMware	-	複数の VMware 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1362	2010-09-13 15:55	2008-03-17	Show	GitHub Exploit DB Packet Storm

256317	6.8	警告	VMware	-	複数の VMware 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2008-1361	2010-09-13 15:55	2008-03-17	Show	GitHub Exploit DB Packet Storm

256318	7.1	危険	VMware	-	複数の VMware 製品の Virtual Machine Communication Interface (VMCI) におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-1340	2010-09-13 15:55	2008-03-17	Show	GitHub Exploit DB Packet Storm

256319	6.9	警告	VMware	-	複数の VMware 製品におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0923	2010-09-13 15:54	2008-02-26	Show	GitHub Exploit DB Packet Storm

256320	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPI.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2882	2010-09-13 15:46	2010-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
194921	5.4	MEDIUM Network	themeum	tutor_lms	The Tutor LMS – eLearning and online course solution WordPress plugin before 1.9.2 did not escape the Summary field of Announcements (when outputting it in an attribute), which can be created by user…	-	CVE-2021-24455	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194922	4.8	MEDIUM Network	properfraction	profilepress	The User Registration, User Profiles, Login & Membership – ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.1.8 did not sanitise or escape some of its settings before saving them and …	-	CVE-2021-24450	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194923	4.8	MEDIUM Network	cozmoslabs	profile_builder	The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.8 does not sanitise or escape its 'Modify default Redirect Delay timer' setting, allowing high privilege users to us…	-	CVE-2021-24448	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194924	4.8	MEDIUM Network	taxopress	taxopress	The TaxoPress – Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payloa…	-	CVE-2021-24444	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194925	7.2	HIGH Network	optimocha	speed_booster_pack	The Speed Booster Pack ? PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PH…	CWE-94 Code Injection	CVE-2021-24430	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194926	4.8	MEDIUM Network	yandex	yandex_turbo	The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cro…	CWE-79 Cross-site Scripting	CVE-2021-24428	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194927	5.4	MEDIUM Network	kainelabs	youzify	The About Me widget of the Youzify – BuddyPress Community, User Profile, Social Network & Membership WordPress plugin before 1.0.7 does not properly sanitise its Biography field, allowing any authent…	-	CVE-2021-24443	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194928	4.8	MEDIUM Network	premio	mystickymenu	The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight pr…	-	CVE-2021-24425	2024-11-21 14:53	2021-08-2	Show	GitHub Exploit DB Packet Storm

194929	4.8	MEDIUM Network	never5	related_posts	The Related Posts for WordPress plugin through 2.0.4 does not sanitise its heading_text and CSS settings, allowing high privilege users (admin) to set XSS payloads in them, leading to Stored Cross-Si…	-	CVE-2021-24482	2024-11-21 14:53	2021-07-19	Show	GitHub Exploit DB Packet Storm

194930	8.8	HIGH Network	include_me_project	include_me	The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore po…	-	CVE-2021-24453	2024-11-21 14:53	2021-07-19	Show	GitHub Exploit DB Packet Storm