Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258171 5.8 警告 アップル - Apple iOS の設定アプリケーションにおけるユーザを追跡可能な脆弱性 CWE-DesignError
CVE-2010-1756 2010-07-14 17:26 2010-06-22 Show GitHub Exploit DB Packet Storm
258172 4.3 警告 アップル - Apple iOS の Safari におけるリモートの Web サーバがユーザを追跡可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1755 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258173 1.9 注意 アップル - Apple iOS の パスコードロックにおける任意のデータにアクセスされる脆弱性 CWE-362
競合状態 		CVE-2010-1775 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258174 6.9 警告 アップル - Apple iOS の パスコードロックにおけるパスコード要求を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1754 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258175 6.8 警告 アップル - Apple iOS の ImageIO における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1753 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258176 5 警告 アップル - Apple iOS の Application Sandbox におけるロケーション情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1751 2010-07-14 17:24 2010-06-22 Show GitHub Exploit DB Packet Storm
258177 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1774 2010-07-14 16:44 2010-06-10 Show GitHub Exploit DB Packet Storm
258178 4.3 警告 アップル - Apple Safari の WebKit におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1762 2010-07-14 16:44 2010-06-10 Show GitHub Exploit DB Packet Storm
258179 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1761 2010-07-14 16:44 2010-06-10 Show GitHub Exploit DB Packet Storm
258180 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1759 2010-07-14 16:42 2010-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196931 6.1 MEDIUM
Network 		wordplus better_messages The BP Better Messages WordPress plugin before 1.9.9.41 sanitise (with sanitize_text_field) but does not escape the 'subject' parameter before outputting it back in an attribute, leading to a Reflect… CWE-79
Cross-site Scripting 		CVE-2021-24808 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196932 4.3 MEDIUM
Network 		tipsandtricks-hq far_future_expiry_header The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. CWE-352
 Origin Validation Error 		CVE-2021-24799 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196933 4.8 MEDIUM
Network 		connections-pro connections_business_directory The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting w… CWE-79
Cross-site Scripting 		CVE-2021-24794 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196934 4.8 MEDIUM
Network 		etruel wpematico_rss_feed_fetcher The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 does not escape the Feed URL added to a campaign before outputting it in an attribute, allowing high privilege users to perform Cross-Sit… CWE-79
Cross-site Scripting 		CVE-2021-24793 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196935 4.8 MEDIUM
Network 		flat_preloader_project flat_preloader The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site S… CWE-79
Cross-site Scripting 		CVE-2021-24789 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196936 4.3 MEDIUM
Network 		imagesourcecontrol image_source_control The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to ed… NVD-CWE-noinfo
CVE-2021-24781 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196937 4.8 MEDIUM
Network 		wpdownloadmanager wordpress_download_manager The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the un… CWE-79
Cross-site Scripting 		CVE-2021-24773 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196938 6.5 MEDIUM
Network 		stylishpricelist stylish_price_list The Stylish Price List WordPress plugin before 6.9.1 does not perform capability checks in its spl_upload_ser_img AJAX action (available to authenticated users), which could allow any authenticated u… - CVE-2021-24770 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196939 5.3 MEDIUM
Network 		stylishpricelist stylish_price_list The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spl_upload_ser_img AJAX action (available to both unauthenticated and authenticated users), which could … - CVE-2021-24757 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm
196940 6.5 MEDIUM
Network 		radiustheme logo_slider_and_showcase The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of … - CVE-2021-24742 2024-11-21 14:53 2021-11-1 Show GitHub Exploit DB Packet Storm