Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
257461 6.8 警告 Google - Google Chrome における任意の https サイトになりすまされる脆弱性 CWE-287
不適切な認証 		CVE-2009-2071 2010-10-19 14:49 2009-03-23 Show GitHub Exploit DB Packet Storm
257462 6.4 警告 The PHP Group - PHP の zend_ini.c 内にある zend_restore_ini_entry_cb 関数における重要な情報を取得される脆弱性 CWE-Other
その他 		CVE-2009-2626 2010-10-18 15:22 2009-12-1 Show GitHub Exploit DB Packet Storm
257463 4 警告 オラクル - Oracle iPlanet Web Server におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-3544 2010-10-18 12:03 2010-10-18 Show GitHub Exploit DB Packet Storm
257464 5 警告 ISC, Inc. - BIND の ACL の処理に問題 CWE-264
認可・権限・アクセス制御 		CVE-2010-0218 2010-10-15 13:24 2010-10-1 Show GitHub Exploit DB Packet Storm
257465 5.1 警告 K2 Software - K2Editor における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3156 2010-10-15 11:22 2010-10-15 Show GitHub Exploit DB Packet Storm
257466 6.8 警告 kMonos.NET - XacRett における実行ファイル読み込みに関する脆弱性 CWE-Other
その他 		CVE-2010-3157 2010-10-15 11:22 2010-10-15 Show GitHub Exploit DB Packet Storm
257467 5 警告 The PHP Group - PHP における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2010-2101 2010-10-14 16:20 2010-05-26 Show GitHub Exploit DB Packet Storm
257468 9.3 危険 レッドハット - Winamp および libmikmod の IN_MOD.DLL におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3996 2010-10-14 16:19 2009-12-18 Show GitHub Exploit DB Packet Storm
257469 9.3 危険 レッドハット - Winamp および libmikmod の IN_MOD.DLL におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-3995 2010-10-14 16:19 2009-12-18 Show GitHub Exploit DB Packet Storm
257470 4.3 警告 レッドハット - libmikmod におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2007-6720 2010-10-14 16:19 2009-01-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196891 5.4 MEDIUM
Network 		schiocco support_board The Support Board WordPress plugin before 3.3.5 allows Authenticated (Agent+) users to perform Cross-Site Scripting attacks by placing a payload in the notes field, when an administrator or any authe… CWE-79
Cross-site Scripting 		CVE-2021-24807 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196892 4.3 MEDIUM
Network 		gvectors wpdiscuz The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary c… CWE-352
 Origin Validation Error 		CVE-2021-24806 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196893 4.3 MEDIUM
Network 		wp_survey_plus_project wp_survey_plus The WP Survey Plus WordPress plugin through 1.0 does not have any authorisation and CSRF checks in place in its AJAX actions, allowing any user to call them and add/edit/delete Surveys. Furthermore, … CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2021-24801 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196894 6.1 MEDIUM
Network 		androidbubbles wp_header_images The WP Header Images WordPress plugin before 2.0.1 does not sanitise and escape the t parameter before outputting it back in the plugin's settings page, leading to a Reflected Cross-Site Scripting is… CWE-79
Cross-site Scripting 		CVE-2021-24798 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196895 7.2 HIGH
Network 		draftpress header_footer_code_manager The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets … CWE-89
SQL Injection 		CVE-2021-24791 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196896 6.5 MEDIUM
Network 		batch_cat_project batch_cat The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require authentication but are available for all roles. As a result, any authenticated user (including simple subs… NVD-CWE-Other
CVE-2021-24788 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196897 6.5 MEDIUM
Network 		publishpress post_expirator The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts. CWE-863
 Incorrect Authorization 		CVE-2021-24783 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196898 6.5 MEDIUM
Network 		fullworks redirect_404_error_page_to_homepage_or_custom_page_with_logs The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete … - CVE-2021-24767 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196899 6.5 MEDIUM
Network 		404_to_301_project 404_to_301 The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delet… - CVE-2021-24766 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm
196900 8.8 HIGH
Network 		wclovers frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor p… CWE-89
SQL Injection 		CVE-2021-24835 2024-11-21 14:53 2021-11-9 Show GitHub Exploit DB Packet Storm