Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258281 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0536 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
258282 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime の QuickTime.qts における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0529 2010-04-26 16:59 2010-03-31 Show GitHub Exploit DB Packet Storm
258283 9.3 危険 アップル - Windows 上で稼働する Apple QuickTime における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0528 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
258284 9.3 危険 アップル - Apple QuickTime における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-0527 2010-04-26 16:58 2010-03-31 Show GitHub Exploit DB Packet Storm
258285 5 警告 アップル
サイバートラスト株式会社
Ruby-lang.org
レッドハット		 - Ruby の BigDecimal ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 CWE-189
数値処理の問題 		CVE-2009-1904 2010-04-26 16:46 2009-06-9 Show GitHub Exploit DB Packet Storm
258286 6.9 警告 アップル
Vim		 - Vim の Python インターフェースの src/if_python.c における信頼性のない検索パスの脆弱性 CWE-Other
その他 		CVE-2009-0316 2010-04-26 16:45 2009-01-28 Show GitHub Exploit DB Packet Storm
258287 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim におけるエスケープ文字を適切に処理しないことに関する任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-4101 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
258288 9.3 危険 アップル
サイバートラスト株式会社
Vim
レッドハット		 - Vim における適切に入力をサニタイズしないことに関する任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2712 2010-04-26 16:45 2008-10-9 Show GitHub Exploit DB Packet Storm
258289 4.3 警告 VMware - VMware Server の WebAccess におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1193 2010-04-21 17:54 2010-03-29 Show GitHub Exploit DB Packet Storm
258290 7.5 危険 VMware - 複数の VMware 製品の WebAccess におけるリクエストの発信元を偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0686 2010-04-21 17:53 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197161 8.8 HIGH
Network 		handsome_testimonials_\&_reviews_project handsome_testimonials_\&_reviews The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hnd… CWE-89
SQL Injection 		CVE-2021-24492 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197162 6.1 MEDIUM
Network 		pickplugins post_grid The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross… - CVE-2021-24488 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197163 7.2 HIGH
Network 		ays-pro secure_copy_content_protection_and_content_locking The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL state… - CVE-2021-24484 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197164 7.2 HIGH
Network 		ays-pro poll_maker The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL state… - CVE-2021-24483 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197165 4.8 MEDIUM
Network 		any_hostname_project any_hostname The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS paylo… - CVE-2021-24481 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197166 4.8 MEDIUM
Network 		event_geek_project event_geek The Event Geek WordPress plugin through 2.5.2 does not sanitise or escape its "Use your own " setting before outputting it in the page, leading to an authenticated (admin+) stored Cross-Site Scriptin… - CVE-2021-24480 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197167 4.8 MEDIUM
Network 		drawblog_project drawblog The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue - CVE-2021-24479 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197168 5.4 MEDIUM
Network 		bookshelf_project bookshelf The Bookshelf WordPress plugin through 2.0.4 does not sanitise or escape its "Paypal email address" setting before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting i… CWE-79
Cross-site Scripting 		CVE-2021-24478 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197169 6.1 MEDIUM
Network 		migrate_users_project migrate_users The Migrate Users WordPress plugin through 1.0.1 does not sanitise or escape its Delimiter option before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin … - CVE-2021-24477 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197170 5.4 MEDIUM
Network 		steam_group_viewer_project steam_group_viewer The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its "Steam Group Address" settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scri… - CVE-2021-24476 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm