Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258231	10	危険	マイクロソフト	-	Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0270	2010-05-10 19:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

258232	10	危険	マイクロソフト	-	Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0269	2010-05-10 19:09	2010-04-13	Show	GitHub Exploit DB Packet Storm

258233	9.3	危険	マイクロソフト	-	Microsoft Windows の Cabinet File Viewer Shell Extension における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0487	2010-05-10 19:09	2010-04-13	Show	GitHub Exploit DB Packet Storm

258234	9.3	危険	マイクロソフト	-	Microsoft Windows の Authenticode Signature Verification における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0486	2010-05-10 19:09	2010-04-13	Show	GitHub Exploit DB Packet Storm

258235	4.7	警告	サイバートラスト株式会社 Linux レッドハット	-	x86_64 および amd64 プラットフォーム上 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-4271	2010-05-10 18:25	2010-03-16	Show	GitHub Exploit DB Packet Storm

258236	5	警告	VMware	-	VMware Authorization Service の VMware Authentication Daemon におけるサービス運用妨害 (DoS) の脆弱性	CWE-134 書式文字列の問題	CVE-2009-3707	2010-05-7 17:26	2009-10-16	Show	GitHub Exploit DB Packet Storm

258237	9.3	危険	VMware	-	VMnc メディアコーデックおよびムービーデコーダにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-1565	2010-05-7 17:26	2010-04-9	Show	GitHub Exploit DB Packet Storm

258238	9.3	危険	VMware	-	VMnc メディアコーデックおよびムービーデコーダにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-1564	2010-05-7 17:25	2010-04-9	Show	GitHub Exploit DB Packet Storm

258239	10	危険	VMware	-	VMware Remote Console の vmware-vmrc.exe build 158248 における任意のコードを実行される脆弱性	CWE-134 書式文字列の問題	CVE-2009-3732	2010-05-7 17:25	2010-04-9	Show	GitHub Exploit DB Packet Storm

258240	7.2	危険	VMware	-	複数の VMware 製品の vmrun における権限昇格の脆弱性	CWE-134 書式文字列の問題	CVE-2010-1139	2010-05-7 17:25	2010-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197011	8.8	HIGH Network	extendify	editorskit	The Gutenberg Block Editor Toolkit – EditorsKit WordPress plugin before 1.31.6 does not sanitise and validate the Conditional Logic of the Custom Visibility settings, allowing users with a role as lo…	-	CVE-2021-24546	2024-11-21 14:53	2021-10-11	Show	GitHub Exploit DB Packet Storm

197012	5.4	MEDIUM Network	wp_html_author_bio_project	wp_html_author_bio	The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit …	-	CVE-2021-24545	2024-11-21 14:53	2021-10-11	Show	GitHub Exploit DB Packet Storm

197013	4.8	MEDIUM Network	webnus	modern_events_calendar_lite	The Modern Events Calendar Lite WordPress plugin before 5.22.2 does not escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting…	CWE-79 Cross-site Scripting	CVE-2021-24687	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197014	6.1	MEDIUM Network	coinmarketstats	bitcoin_\/_altcoin_payment_gateway_for_woocommerce	The Bitcoin / AltCoin Payment Gateway for WooCommerce WordPress plugin before 1.6.1 does not escape the 's' GET parameter before outputting back in the All Masking Rules page, leading to a Reflected …	CWE-79 Cross-site Scripting	CVE-2021-24679	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197015	5.4	MEDIUM Network	cminds	tooltip_glossary	The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Sc…	CWE-79 Cross-site Scripting	CVE-2021-24678	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197016	6.1	MEDIUM Network	codesolz	better_find_and_replace	The Better Find and Replace WordPress plugin before 1.2.9 does not escape the 's' GET parameter before outputting back in the All Masking Rules page, leading to a Reflected Cross-Site Scripting issue	-	CVE-2021-24676	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197017	4.8	MEDIUM Network	dwbooster	appointment_hour_booking	The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when …	-	CVE-2021-24673	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197018	5.4	MEDIUM Network	wpeverest	user_registration	The User Registration WordPress plugin before 2.0.2 does not properly sanitise the user_registration_profile_pic_url value when submitted directly via the user_registration_update_profile_details AJA…	CWE-79 Cross-site Scripting	CVE-2021-24654	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197019	8.1	HIGH Network	meowapps	meow_gallery	The Meow Gallery WordPress plugin before 4.1.9 does not sanitise, validate or escape the ids attribute of its gallery shortcode (available for users as low as Contributor) before using it in an SQL s…	CWE-89 SQL Injection	CVE-2021-24465	2024-11-21 14:53	2021-10-4	Show	GitHub Exploit DB Packet Storm

197020	5.4	MEDIUM Network	mx_time_zone_clocks_project	mx_time_zone_clocks	The MX Time Zone Clocks WordPress plugin before 3.4.1 does not escape the time_zone attribute of the mxmtzc_time_zone_clocks shortcode, allowing users with a role as low as Contributor to perform Sto…	-	CVE-2021-24671	2024-11-21 14:53	2021-09-28	Show	GitHub Exploit DB Packet Storm