Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258251	5	警告	日立	-	JP1/AJS の組み込みDB利用製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-08-26 16:55	2010-07-30	Show	GitHub Exploit DB Packet Storm

258252	5	警告	日立	-	JP1/ServerConductor/Control Manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-08-26 16:55	2010-07-30	Show	GitHub Exploit DB Packet Storm

258253	7.8	危険	日立	-	Cosminexus 製品におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	-	2010-08-26 16:55	2010-07-30	Show	GitHub Exploit DB Packet Storm

258254	4.3	警告	サイバートラスト株式会社レッドハット	-	Apache Tomcat のサンプル用 calendar アプリケーションにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-2696	2010-08-25 17:05	2010-08-2	Show	GitHub Exploit DB Packet Storm

258255	4.3	警告	インターネットイニシアティブ	-	SEIL/X シリーズおよび SEIL/B1 における IPv6 Unicast RPF 機能に関する脆弱性	CWE-Other その他	CVE-2010-2363	2010-08-25 12:01	2010-08-25	Show	GitHub Exploit DB Packet Storm

258256	4.6	警告	レッドハット	-	LVM2 のクラスタ論理ボリュームマネージャデーモンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-287 不適切な認証	CVE-2010-2526	2010-08-24 18:42	2010-07-28	Show	GitHub Exploit DB Packet Storm

258257	9.3	危険	シマンテック IBM	-	Autonomy KeyView の WordPerfect 5.x reader (wosr.dll) におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0135	2010-08-24 18:42	2010-08-4	Show	GitHub Exploit DB Packet Storm

258258	9.3	危険	シマンテック IBM	-	Autonomy KeyView の library におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0126	2010-08-24 18:41	2010-08-4	Show	GitHub Exploit DB Packet Storm

258259	9.3	危険	シマンテック IBM	-	Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-1524	2010-08-24 18:41	2010-08-4	Show	GitHub Exploit DB Packet Storm

258260	9.3	危険	シマンテック IBM	-	Lotus 1-2-3 reader (wkssr.dll) の SpreadSheet における任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2010-1525	2010-08-24 18:41	2010-08-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196811	6.1	MEDIUM Network	revmakx	backup_and_staging_by_wp_time_capsule	The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site…	-	CVE-2021-25035	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196812	6.1	MEDIUM Network	oxilab	image_hover_effects_ultimate	The Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) WordPress plugin before 9.7.1 does not escape the effects parameter before outputting it back in an attrib…	CWE-79 Cross-site Scripting	CVE-2021-25031	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196813	6.1	MEDIUM Network	tri	event_tickets	The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue	-	CVE-2021-25028	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196814	6.1	MEDIUM Network	themeum	tutor_lms	The Tutor LMS WordPress plugin before 1.9.12 does not escape the search parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting	-	CVE-2021-25017	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196815	6.1	MEDIUM Network	mycred	mycred	The myCred WordPress plugin before 2.4 does not sanitise and escape the search query before outputting it back in the history dashboard page, leading to a Reflected Cross-Site Scripting issue	-	CVE-2021-25015	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196816	6.5	MEDIUM Network	themeum	qubely	The Qubely WordPress plugin before 1.7.8 does not have authorisation and CSRF check on the qubely_delete_saved_block AJAX action, and does not ensure that the block to be deleted belong to the plugin…	CWE-352 Origin Validation Error	CVE-2021-25013	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196817	6.1	MEDIUM Network	codesnippets	code_snippets	The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue	-	CVE-2021-25008	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196818	6.5	MEDIUM Network	wpplugin	accept_donations_with_paypal	The Accept Donations with PayPal WordPress plugin before 1.3.4 does not have CSRF check in place and does not ensure that the post to be deleted belongs to the plugin, allowing attackers to make a lo…	-	CVE-2021-24989	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196819	6.1	MEDIUM Network	yikesinc	easy_forms_for_mailchimp	The Easy Forms for Mailchimp WordPress plugin before 6.8.6 does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-…	-	CVE-2021-24985	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm

196820	6.1	MEDIUM Network	wbolt	smart_seo_tool	The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a…	-	CVE-2021-24976	2024-11-21 14:54	2022-01-24	Show	GitHub Exploit DB Packet Storm