Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258221 5 警告 アップル - Apple Mac OS X の AFP Server における共有名を列挙される脆弱性 CWE-DesignError
CVE-2010-1830 2010-11-25 15:17 2010-11-15 Show GitHub Exploit DB Packet Storm
258222 6 警告 アップル - Apple Mac OS X の AFP Server におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-1829 2010-11-25 15:17 2010-11-15 Show GitHub Exploit DB Packet Storm
258223 5 警告 アップル - Apple Mac OS X の AFP Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-1828 2010-11-25 15:17 2010-11-15 Show GitHub Exploit DB Packet Storm
258224 4.3 警告 アップル - Apple Mac OS X の Time Machine における重要な情報を取得される脆弱性 CWE-DesignError
CVE-2010-1803 2010-11-25 15:16 2010-11-15 Show GitHub Exploit DB Packet Storm
258225 7.5 危険 アップル - Apple Mac OS X の OpenSSL における X.509 証明書の認証を回避される脆弱性 CWE-310
暗号の問題 		CVE-2010-1378 2010-11-25 15:15 2010-11-12 Show GitHub Exploit DB Packet Storm
258226 4.9 警告 アップル - Apple Mac OS X の hfs 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2010-0105 2010-11-25 15:15 2010-04-27 Show GitHub Exploit DB Packet Storm
258227 9.3 危険 アップル
アドビシステムズ
レッドハット		 - Adobe Flash の ActionScript の処理に脆弱性 CWE-94
コード・インジェクション 		CVE-2010-0209 2010-11-25 15:14 2010-08-11 Show GitHub Exploit DB Packet Storm
258228 9.3 危険 アップル
アドビシステムズ
ターボリナックス
レッドハット		 - Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性 CWE-399
CWE-noinfo
CVE-2009-3793 2010-11-25 15:13 2010-06-10 Show GitHub Exploit DB Packet Storm
258229 6.8 警告 アップル
GNU Project
ターボリナックス
サイバートラスト株式会社
レッドハット		 - GNU gzip における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2010-0001 2010-11-25 15:12 2010-01-29 Show GitHub Exploit DB Packet Storm
258230 2.6 注意 アップル
サン・マイクロシステムズ
Apache Software Foundation		 - Apache HTTP Server 用 mod_perl の Status.pm におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-0796 2010-11-25 15:12 2009-04-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197471 4.8 MEDIUM
Network 		ivorysearch ivory_search The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html … CWE-79
Cross-site Scripting 		CVE-2021-25105 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197472 4.7 MEDIUM
Network 		gtranslate translate_wordpress_with_gtranslate The Translate WordPress with GTranslate WordPress plugin before 2.9.7 does not sanitise and escape the body parameter in the url_addon/gtranslate-email.php file before outputting it back in the page,… CWE-79
Cross-site Scripting 		CVE-2021-25103 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197473 6.5 MEDIUM
Network 		ip2location country_blocker The IP2Location Country Blocker WordPress plugin before 2.26.5 bans can be bypassed by using a specific parameter in the URL CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-25096 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197474 7.1 HIGH
Network 		ip2location country_blocker The IP2Location Country Blocker WordPress plugin before 2.26.5 does not have authorisation and CSRF checks in the ip2location_country_blocker_save_rules AJAX action, allowing any authenticated users,… - CVE-2021-25095 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197475 4.3 MEDIUM
Network 		bracketspace advanced_cron_manager The Advanced Cron Manager WordPress plugin before 2.4.2 and Advanced Cron Manager Pro WordPress plugin before 2.5.3 do not have authorisation checks in some of their AJAX actions, allowing any authen… - CVE-2021-25084 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197476 6.1 MEDIUM
Network 		visser store_toolkit_for_woocommerce The Store Toolkit for WooCommerce WordPress plugin before 2.3.2 does not sanitise and escape the tab parameter before outputting it back in an admin page in an error message, leading to a Reflected C… CWE-79
Cross-site Scripting 		CVE-2021-25077 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197477 4.8 MEDIUM
Network 		cluevo learning_management_system The CLUEVO LMS, E-Learning Platform WordPress plugin before 1.8.1 does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even whe… CWE-79
Cross-site Scripting 		CVE-2021-25029 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197478 4.9 MEDIUM
Network 		seur_oficial_project seur_oficial The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when installed, even though it is used for support purposes, it allows to download any file from the web server wi… CWE-552
 Files or Directories Accessible to External Parties 		CVE-2021-25004 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197479 6.5 MEDIUM
Network 		etoilewebdesign ultimate_product_catalog The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF checks in some AJAX actions, which could allow any authenticated users, such as subscriber to call the… CWE-352
 Origin Validation Error 		CVE-2021-24993 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm
197480 6.5 MEDIUM
Network 		thinkupthemes responsive_vector_maps The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any … CWE-352
CWE-434
 Origin Validation Error
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24947 2024-11-21 14:54 2022-02-8 Show GitHub Exploit DB Packet Storm