Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258251	5	警告	日立	-	JP1/AJS の組み込みDB利用製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-08-26 16:55	2010-07-30	Show	GitHub Exploit DB Packet Storm

258252	5	警告	日立	-	JP1/ServerConductor/Control Manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-08-26 16:55	2010-07-30	Show	GitHub Exploit DB Packet Storm

258253	7.8	危険	日立	-	Cosminexus 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-08-26 16:55	2010-07-30	Show	GitHub Exploit DB Packet Storm

258254	4.3	警告	サイバートラスト株式会社レッドハット	-	Apache Tomcat のサンプル用 calendar アプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2696	2010-08-25 17:05	2010-08-2	Show	GitHub Exploit DB Packet Storm

258255	4.3	警告	インターネットイニシアティブ	-	SEIL/X シリーズおよび SEIL/B1 における IPv6 Unicast RPF 機能に関する脆弱性	CWE-Other その他	CVE-2010-2363	2010-08-25 12:01	2010-08-25	Show	GitHub Exploit DB Packet Storm

258256	4.6	警告	レッドハット	-	LVM2 のクラスタ論理ボリュームマネージャデーモンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-287 不適切な認証	CVE-2010-2526	2010-08-24 18:42	2010-07-28	Show	GitHub Exploit DB Packet Storm

258257	9.3	危険	シマンテック IBM	-	Autonomy KeyView の WordPerfect 5.x reader (wosr.dll) におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0135	2010-08-24 18:42	2010-08-4	Show	GitHub Exploit DB Packet Storm

258258	9.3	危険	シマンテック IBM	-	Autonomy KeyView の library におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0126	2010-08-24 18:41	2010-08-4	Show	GitHub Exploit DB Packet Storm

258259	9.3	危険	シマンテック IBM	-	Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1524	2010-08-24 18:41	2010-08-4	Show	GitHub Exploit DB Packet Storm

258260	9.3	危険	シマンテック IBM	-	Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-1525	2010-08-24 18:41	2010-08-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196541	6.1	MEDIUM Network	webp_converter_for_media_project	webp_converter_for_media	The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue	-	CVE-2021-25074	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196542	8.8	HIGH Network	webmaster-source	wp125	The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack	-	CVE-2021-25073	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196543	6.1	MEDIUM Network	villatheme	orders_tracking_for_woocommerce	The Orders Tracking for WooCommerce WordPress plugin before 1.1.10 does not sanitise and escape the file_url before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25062	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196544	4.8	MEDIUM Network	mobileeventsmanager	mobile_events_manager	The Mobile Events Manager WordPress plugin before 1.4.4 does not sanitise and escape various of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfil…	-	CVE-2021-25049	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196545	7.2	HIGH Network	asgaros	asgaros_forum	The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id parameter before using it in a SQL statement when editing a forum, leading to an SQL injection issue	-	CVE-2021-25045	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196546	6.1	MEDIUM Network	revmakx	backup_and_staging_by_wp_time_capsule	The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site…	-	CVE-2021-25035	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196547	6.1	MEDIUM Network	oxilab	image_hover_effects_ultimate	The Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) WordPress plugin before 9.7.1 does not escape the effects parameter before outputting it back in an attrib…	CWE-79 Cross-site Scripting	CVE-2021-25031	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196548	6.1	MEDIUM Network	tri	event_tickets	The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue	-	CVE-2021-25028	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196549	6.1	MEDIUM Network	themeum	tutor_lms	The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25017	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196550	6.1	MEDIUM Network	mycred	mycred	The myCred WordPress plugin before 2.4 does not sanitise and escape the search query before outputting it back in the history dashboard page, leading to a Reflected Cross-Site Scripting issue	-	CVE-2021-25015	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm