Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258251	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat の custom heap management system におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1241	2010-04-30 10:26	2010-04-5	Show	GitHub Exploit DB Packet Storm

258252	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0204	2010-04-30 10:26	2010-04-13	Show	GitHub Exploit DB Packet Storm

258253	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0203	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

258254	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0202	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

258255	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0201	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

258256	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0199	2010-04-30 10:25	2010-04-13	Show	GitHub Exploit DB Packet Storm

258257	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0198	2010-04-30 10:24	2010-04-13	Show	GitHub Exploit DB Packet Storm

258258	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-0197	2010-04-28 15:58	2010-04-13	Show	GitHub Exploit DB Packet Storm

258259	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-0196	2010-04-28 15:57	2010-04-13	Show	GitHub Exploit DB Packet Storm

258260	9.3	危険	アドビシステムズレッドハット	-	Adobe Reader および Acrobat における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0195	2010-04-28 15:57	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196281	6.5	MEDIUM Network	fatcatapps	easy_pricing_tables	The Pricing Tables WordPress Plugin WordPress plugin before 3.1.3 does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog…	CWE-352 Origin Validation Error	CVE-2021-25098	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196282	7.5	HIGH Network	wpdownloadmanager	wordpress_download_manager	The Download Manager WordPress plugin before 3.2.35 does not have any authorisation checks in some of the REST API endpoints, allowing unauthenticated attackers to call them, which could lead to sens…	-	CVE-2021-25087	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196283	6.1	MEDIUM Network	obtaininfotech	multisite_content_copier\/updater	The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.0 does not sanitise and escape the wmcc_content_type, wmcc_source_blog and wmcc_record_per_page parameters before outputting…	CWE-79 Cross-site Scripting	CVE-2021-25039	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196284	6.1	MEDIUM Network	obtaininfotech	multisite_user_sync\/unsync	The WordPress Multisite User Sync/Unsync WordPress plugin before 2.1.2 does not sanitise and escape the wmus_source_blog and wmus_record_per_page parameters before outputting them back in attributes,…	CWE-79 Cross-site Scripting	CVE-2021-25038	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196285	5.3	MEDIUM Network	correosexpress_project	correosexpress	The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email…	-	CVE-2021-25009	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196286	5.4	MEDIUM Network	iptanus	wordpress_file_upload_pro wordpress_file_upload	The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role …	CWE-79 Cross-site Scripting	CVE-2021-24961	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196287	5.4	MEDIUM Network	iptanus	wordpress_file_upload_pro wordpress_file_upload	The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-24960	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196288	6.1	MEDIUM Network	tinywebgallery	advanced_iframe	The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue	CWE-79 Cross-site Scripting	CVE-2021-24953	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196289	8.8	HIGH Network	tatvic	conversios.io	The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the sync_progressive_data parameter for the tvcajax_product_sync_bantch_wise AJAX action before using it in a SQ…	CWE-89 SQL Injection	CVE-2021-24952	2024-11-21 14:54	2022-03-7	Show	GitHub Exploit DB Packet Storm

196290	5.3	MEDIUM Network	yoast	yoast_seo	The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify ot…	-	CVE-2021-25118	2024-11-21 14:54	2022-02-28	Show	GitHub Exploit DB Packet Storm