Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257431	6.8	警告	オラクル	-	Oracle VM VirtualBox の拡張モジュールにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-4414	2011-02-16 14:13	2011-01-18	Show	GitHub Exploit DB Packet Storm

257432	7.8	危険	オラクル	-	Oracle Solaris 11 Express の SMB および CIFS における脆弱性	CWE-noinfo 情報不足	CVE-2010-4457	2011-02-16 14:11	2011-01-18	Show	GitHub Exploit DB Packet Storm

257433	10	危険	ヒューレット・パッカード IBM オラクル	-	Oracle Solaris の CDE Calendar Manager Service Daemon および RPC における脆弱性	CWE-noinfo 情報不足	CVE-2010-4435	2011-02-16 14:07	2011-01-18	Show	GitHub Exploit DB Packet Storm

257434	2.1	注意	Apache Software Foundation オラクル	-	Apache Derby の BUILTIN 認証機能であるパスワードハッシュ生成アルゴリズムにおけるパスワードを解読される脆弱性	CWE-310 暗号の問題	CVE-2009-4269	2011-02-16 14:00	2011-01-18	Show	GitHub Exploit DB Packet Storm

257435	7.5	危険	オラクル	-	Oracle Industry Applications の Health Sciences - Oracle Argus Safety コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-3593	2011-02-16 13:57	2011-01-18	Show	GitHub Exploit DB Packet Storm

257436	4	警告	オラクル	-	Oracle PeopleSoft and JDEdwards Suite の PeopleSoft Enterprise PeopleTools コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-4434	2011-02-16 13:55	2011-01-18	Show	GitHub Exploit DB Packet Storm

257437	4	警告	オラクル	-	Oracle PeopleSoft and JDEdwards Suite の PeopleSoft Enterprise HRMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-4445	2011-02-16 13:52	2011-01-18	Show	GitHub Exploit DB Packet Storm

257438	4	警告	オラクル	-	Oracle PeopleSoft and JDEdwards Suite の PeopleSoft Enterprise HRMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-4439	2011-02-16 13:49	2011-01-18	Show	GitHub Exploit DB Packet Storm

257439	4	警告	オラクル	-	Oracle PeopleSoft and JDEdwards Suite の PeopleSoft Enterprise HRMS コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-4430	2011-02-16 13:45	2011-01-18	Show	GitHub Exploit DB Packet Storm

257440	5	警告	エフ・セキュア	-	F-Secure アンチウイルス Linux ゲートウェイにおける認証不備の脆弱性	CWE-287 不適切な認証	CVE-2011-0453	2011-02-16 12:02	2011-02-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197011	6.1	MEDIUM Network	wpvivid	migration\ _backup\ _staging	The Migration, Backup, Staging WordPress plugin before 0.9.69 does not have authorisation when adding remote storages, and does not sanitise as well as escape a parameter from such unauthenticated re…	-	CVE-2021-24994	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm

197012	6.1	MEDIUM Network	use_any_font_project	use_any_font	The Use Any Font \| Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will the…	CWE-862 Missing Authorization	CVE-2021-24977	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm

197013	5.4	MEDIUM Network	magnigenie	wp_responsive_menu	The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wpr_live_update AJAX action, as well as do not sanitise and escape some of the data submitted. A…	-	CVE-2021-24971	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm

197014	5.4	MEDIUM Network	bootstrapped	dynamic_widgets	The Dynamic Widgets WordPress plugin through 1.5.16 does not escape the prefix parameter before outputting it back in an attribute when using the term_tree AJAX action (available to any authenticated…	CWE-79 Cross-site Scripting	CVE-2021-24933	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm

197015	4.8	MEDIUM Network	statcounter	statcounter	The StatCounter WordPress plugin before 2.0.7 does not sanitise and escape the Project ID and Secure Code settings, which could allow high privilege users to perform Cross-Site Scripting attacks even…	-	CVE-2021-24920	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm

197016	4.3	MEDIUM Network	infornweb	logo_showcase_with_slick_slider	The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the lswss_save_attachment_data AJAX action, allowing attackers to make a logged in high privilege user, c…	-	CVE-2021-24913	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm

197017	4.8	MEDIUM Network	anti-malware_security_and_brute-force_firewall_project	anti-malware_security_and_brute-force_firewall	The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.94 does not sanitise and escape the POST data before outputting it back in attributes of an admin page, leading to a Re…	-	CVE-2021-25101	2024-11-21 14:54	2022-02-21	Show	GitHub Exploit DB Packet Storm

197018	6.1	MEDIUM Network	givewp	givewp	The GiveWP WordPress plugin before 2.17.3 does not escape the s parameter before outputting it back in an attribute in the Donation Forms dashboard, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25100	2024-11-21 14:54	2022-02-21	Show	GitHub Exploit DB Packet Storm

197019	6.1	MEDIUM Network	givewp	givewp	The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX a…	-	CVE-2021-25099	2024-11-21 14:54	2022-02-21	Show	GitHub Exploit DB Packet Storm

197020	8.8	HIGH Network	sygnoos	popup_builder	The Popup Builder WordPress plugin before 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, si…	-	CVE-2021-25082	2024-11-21 14:54	2022-02-21	Show	GitHub Exploit DB Packet Storm