Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257961	5	警告	Zabbix	-	Zabbix における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2011-3264	2011-09-14 10:50	2011-08-19	Show	GitHub Exploit DB Packet Storm

257962	5	警告	Zabbix	-	Zabbix の zabbix_agentd におけるサービス運用妨害 (CPU 資源の消費) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-3263	2011-09-14 10:49	2011-08-19	Show	GitHub Exploit DB Packet Storm

257963	4.3	警告	Zabbix	-	Zabbix の acknow.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-2904	2011-09-14 10:48	2011-08-19	Show	GitHub Exploit DB Packet Storm

257964	5.4	警告	Squid-cache.org インターネットイニシアティブ	-	透過型プロキシサーバが HTTP の Host ヘッダに依存して接続を行う問題	CWE-264 認可・権限・アクセス制御	CVE-2009-0801	2011-09-14 10:47	2009-02-24	Show	GitHub Exploit DB Packet Storm

257965	6.8	警告	レッドハット Pango.org オラクル	-	HarfBuzz の hb-buffer.c 内にある hb_buffer_ensure 関数における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2011-0064	2011-09-14 10:45	2011-03-1	Show	GitHub Exploit DB Packet Storm

257966	6.5	警告	ヒューレット・パッカードシマンテック日立	-	Symantec Backup Exec における NDMP コマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2011-0546	2011-09-14 10:44	2011-05-26	Show	GitHub Exploit DB Packet Storm

257967	5	警告	The PHP Group	-	PHP で使用される crypt_blowfish におけるクリアテキストのパスワードを容易に推測される脆弱性	CWE-310 暗号の問題	CVE-2011-2483	2011-09-13 10:43	2011-08-25	Show	GitHub Exploit DB Packet Storm

257968	6.4	警告	The PHP Group	-	PHP の main/rfc1867.c 内にある rfc1867_post_handler 関数における任意のファイルを作成される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-2202	2011-09-13 10:42	2011-06-16	Show	GitHub Exploit DB Packet Storm

257969	7.5	危険	The PHP Group	-	PHP の socket_connect 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-1938	2011-09-13 10:41	2011-05-31	Show	GitHub Exploit DB Packet Storm

257970	7.5	危険	The PHP Group	-	PHP の substr_replace 関数におけるサービス運用妨害 (メモリ破損) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1148	2011-09-13 10:39	2011-03-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199921	6.1	MEDIUM Network	nextscripts	social_networks_auto_poster	The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthent…	-	CVE-2021-24975	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

199922	4.8	MEDIUM Network	cusmin	absolutely_glamorous_custom_admin	The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_ht…	-	CVE-2021-24944	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

199923	6.1	MEDIUM Network	asset_cleanup\	_page_speed_booster_project	The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the wpacu_selected_sub_tab_area parameter before outputting it back in an attribute in an admin page, leading to …	-	CVE-2021-24937	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

199924	6.1	MEDIUM Network	yellowpencil	visual_css_style_editor	The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the wyp_page_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Script…	-	CVE-2021-24934	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

199925	6.1	MEDIUM Network	domaincheckplugin	domain_check	The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue	CWE-79 Cross-site Scripting	CVE-2021-24926	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

199926	8.8	HIGH Network	wickedplugins	wicked_folders	The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id parameter before using it in a SQL statement in the wicked_folders_save_sort_order AJAX action, available …	CWE-89 SQL Injection	CVE-2021-24919	2024-11-21 14:54	2022-02-1	Show	GitHub Exploit DB Packet Storm

199927	6.1	MEDIUM Network	roundupwp	registrations_for_the_events_calendar	The Registrations for the Events Calendar WordPress plugin before 2.7.10 does not escape the qtype parameter before outputting it back in an attribute in the settings page, leading to a Reflected Cro…	-	CVE-2021-25083	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

199928	6.1	MEDIUM Network	crmperks	contact_form_entries	The Contact Form Entries WordPress plugin before 1.1.7 does not validate, sanitise and escape the IP address retrieved via headers such as CLIENT-IP and X-FORWARDED-FOR, allowing unauthenticated atta…	-	CVE-2021-25080	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

199929	6.1	MEDIUM Network	crmperks	contact_form_entries	The Contact Form Entries WordPress plugin before 1.2.4 does not sanitise and escape various parameters, such as form_id, status, end_date, order, orderby and search before outputting them back in the…	-	CVE-2021-25079	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

199930	6.1	MEDIUM Network	wpaffiliatemanager	affiliates_manager	The Affiliates Manager WordPress plugin before 2.9.0 does not validate, sanitise and escape the IP address of requests logged by the click tracking feature, allowing unauthenticated attackers to perf…	CWE-79 Cross-site Scripting	CVE-2021-25078	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm