Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 9, 2026, 4:11 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257601	6.4	警告	The PHP Group	-	PHP の sysvshm 拡張における任意のメモリアドレスを書かれる脆弱性	CWE-399 リソース管理の問題	CVE-2010-1861	2010-08-17 17:33	2010-05-5	Show	GitHub Exploit DB Packet Storm

257602	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0654	2010-08-16 18:57	2010-02-18	Show	GitHub Exploit DB Packet Storm

257603	7.6	危険	アップル	-	Apple Safari における window オブジェクトの処理に脆弱性	CWE-399 リソース管理の問題	CVE-2010-1939	2010-08-16 15:08	2010-05-12	Show	GitHub Exploit DB Packet Storm

257604	7.6	危険	IBM	-	IBM Lotus Domino Web Access の ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0919	2010-08-16 15:05	2010-03-3	Show	GitHub Exploit DB Packet Storm

257605	4.3	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品における重要な cross-origin 情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1207	2010-08-13 17:15	2010-07-20	Show	GitHub Exploit DB Packet Storm

257606	6.8	警告	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品におけるクローム特権で任意の JavaScript コードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1215	2010-08-13 17:14	2010-07-20	Show	GitHub Exploit DB Packet Storm

257607	7.8	危険	マイクロソフト	-	Microsoft Windows におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-1892	2010-08-13 14:01	2010-08-13	Show	GitHub Exploit DB Packet Storm

257608	9.3	危険	サイバートラスト株式会社 Mozilla Foundation レッドハット	-	複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1212	2010-08-12 19:03	2010-07-20	Show	GitHub Exploit DB Packet Storm

257609	4.3	警告	アップルサイバートラスト株式会社レッドハットターボリナックス CUPS	-	Apple Mac OS X の CUPS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2820	2010-08-12 17:29	2009-11-9	Show	GitHub Exploit DB Packet Storm

257610	9.3	危険	アップル	-	Apple iTunes におけるバッファーオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1777	2010-08-11 18:31	2010-07-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196551	4.3	MEDIUM Network	ninjaforms	ninja_forms	In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wp_ajax_nf_oauth, and retrieve the connection url needed to es…	CWE-862 Missing Authorization	CVE-2021-24164	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196552	8.8	HIGH Network	ninjaforms	ninja_forms	The AJAX action, wp_ajax_ninja_forms_sendwp_remote_install_handler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such…	CWE-862 Missing Authorization	CVE-2021-24163	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196553	8.8	HIGH Network	expresstech	responsive_menu	In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to in…	CWE-352 Origin Validation Error	CVE-2021-24162	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196554	8.8	HIGH Network	expresstech	responsive_menu	In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attack…	CWE-352 Origin Validation Error	CVE-2021-24161	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196555	8.8	HIGH Network	expresstech	responsive_menu	In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These f…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-24160	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196556	8.8	HIGH Network	rocklobster	contact_form_7	Due to the lack of sanitization and lack of nonce protection on the custom CSS feature, an attacker could craft a request to inject malicious JavaScript on a site using the Contact Form 7 Style WordP…	CWE-352 Origin Validation Error	CVE-2021-24159	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196557	6.5	MEDIUM Network	themeisle	orbit_fox	Orbit Fox by ThemeIsle has a feature to add a registration form to both the Elementor and Beaver Builder page builders functionality. As part of the registration form, administrators can choose which…	NVD-CWE-Other	CVE-2021-24158	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196558	5.4	MEDIUM Network	themeisle	orbit_fox	Orbit Fox by ThemeIsle has a feature to add custom scripts to the header and footer of a page or post. There were no checks to verify that a user had the unfiltered_html capability prior to saving th…	CWE-79 Cross-site Scripting	CVE-2021-24157	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196559	5.4	MEDIUM Network	testimonial_rotator_project	testimonial_rotator	Stored Cross-Site Scripting vulnerabilities in Testimonial Rotator 3.0.3 allow low privileged users (Contributor) to inject arbitrary JavaScript code or HTML without approval. This could lead to priv…	CWE-79 Cross-site Scripting	CVE-2021-24156	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

196560	7.2	HIGH Network	backup-guard	backup_guard	The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+…	-	CVE-2021-24155	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm