Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258281 4.6 警告 IBM - IBM DB2 の dasauto における管理者権限を持たないユーザが実行可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4150 2010-01-15 14:10 2009-12-2 Show GitHub Exploit DB Packet Storm
258282 2.1 注意 サン・マイクロシステムズ - Sun Solaris の ldap_cachemgr におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2009-4080 2010-01-15 14:10 2009-11-24 Show GitHub Exploit DB Packet Storm
258283 5 警告 サン・マイクロシステムズ - Sun Solaris の sshd におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2009-4075 2010-01-15 14:09 2009-11-23 Show GitHub Exploit DB Packet Storm
258284 2.6 注意 オラクル - Oracle Application Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		- 2010-01-14 15:01 2010-01-14 Show GitHub Exploit DB Packet Storm
258285 9.3 危険 マイクロソフト - Microsoft Internet Explorer に脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3672 2010-01-14 12:08 2009-11-25 Show GitHub Exploit DB Packet Storm
258286 9.3 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の java.lang パッケージにおける脆弱性 CWE-362
競合状態 		CVE-2009-2724 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
258287 10 危険 サン・マイクロシステムズ
VMware		 - Sun Java SE の Provider クラスにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-2721 2010-01-14 12:08 2009-08-10 Show GitHub Exploit DB Packet Storm
258288 5 警告 有限会社シースリー - WebCalenderC3 におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2010-0348 2010-01-12 15:01 2010-01-12 Show GitHub Exploit DB Packet Storm
258289 4.3 警告 有限会社シースリー - WebCalenderC3 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-0349 2010-01-12 15:00 2010-01-12 Show GitHub Exploit DB Packet Storm
258290 10 危険 サイバートラスト株式会社
XEmacs		 - XEmacs の glyphs-eimage.c における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-2688 2010-01-12 14:48 2009-08-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196091 8.8 HIGH
Network 		cozmoslabs membership_\&_content_restriction_-_paid_member_subscriptions The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement… - CVE-2021-24728 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196092 8.8 HIGH
Network 		stopbadbots block_and_stop_bad_bots The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections - CVE-2021-24727 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196093 8.8 HIGH
Network 		wpsimplebookingcalendar wp_simple_booking_calendar The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to … - CVE-2021-24726 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196094 4.3 MEDIUM
Network 		quantumcloud comment_link_remove_and_other_comment_tools The Comment Link Remove and Other Comment Tools WordPress plugin before 2.1.6 does not have CSRF check in its 'Delete comments easily', which could allow attackers to make logged in admin delete arbi… - CVE-2021-24725 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196095 5.4 MEDIUM
Network 		motopress timetable_and_event_schedule The Timetable and Event Schedule by MotoPress WordPress plugin before 2.3.19 does not sanitise some of its parameters, which could allow low privilege users such as author to perform XSS attacks agai… - CVE-2021-24724 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196096 4.8 MEDIUM
Network 		ticket-system wordpress_advanced_ticket_system The WordPress Advanced Ticket System, Elite Support Helpdesk WordPress plugin before 1.0.64 does not sanitize or escape form values before saving to the database or when outputting, which allows high… - CVE-2021-24623 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196097 4.8 MEDIUM
Network 		stratospheredigital wp_courses_lms The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise its Video Embed Code, allowing malicious code to be injected in it by high privilege users, even when the unfiltered_html capabilit… CWE-79
Cross-site Scripting 		CVE-2021-24621 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196098 8.8 HIGH
Network 		simple-e-commerce-shopping-cart_project simple-e-commerce-shopping-cart The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PH… CWE-352
CWE-434
 Origin Validation Error
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24620 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196099 4.8 MEDIUM
Network 		evona per_page_add_to_head The Per page add to head WordPress plugin through 1.4.4 does not properly sanitise one of its setting, allowing malicious HTML to be inserted by high privilege users even when the unfiltered_html cap… - CVE-2021-24619 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm
196100 4.8 MEDIUM
Network 		oz-plugin book_appointment_online The Book appointment online WordPress plugin before 1.39 does not sanitise or escape Service Prices before outputting it in the List, which could allow high privilege users to perform Cross-Site Scri… - CVE-2021-24614 2024-11-21 14:53 2021-09-14 Show GitHub Exploit DB Packet Storm