Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258321	6.9	警告	Mozilla Foundation	-	Windows 上で稼働する複数の Mozilla 製品における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3181	2010-11-11 15:07	2010-10-19	Show	GitHub Exploit DB Packet Storm

258322	9.3	危険	アドビシステムズ	-	複数の Adobe 製品における任意のコードを実行される脆弱性	CWE-Other その他	CVE-2010-3153	2010-11-10 15:34	2010-10-18	Show	GitHub Exploit DB Packet Storm

258323	4.3	警告	アドビシステムズ	-	Adobe RoboHelp および RoboHelp Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2886	2010-11-10 15:34	2010-10-18	Show	GitHub Exploit DB Packet Storm

258324	4.3	警告	アドビシステムズ	-	Adobe RoboHelp および RoboHelp Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-2885	2010-11-10 15:33	2010-10-18	Show	GitHub Exploit DB Packet Storm

258325	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の browser-plugin 実装における任意のプログラムを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-3749	2010-11-10 15:33	2010-10-15	Show	GitHub Exploit DB Packet Storm

258326	10	危険	リアルネットワークス	-	RealNetworks RealPlayer の RichFX コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3748	2010-11-10 15:32	2010-10-15	Show	GitHub Exploit DB Packet Storm

258327	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の ActiveX コントロールにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3751	2010-11-10 15:32	2010-10-15	Show	GitHub Exploit DB Packet Storm

258328	10	危険	SAP	-	SAP BusinessObjects Axis2 におけるデフォルトパスワードの問題	CWE-255 証明書・パスワード管理	CVE-2010-0219	2010-11-10 15:32	2010-10-14	Show	GitHub Exploit DB Packet Storm

258329	4	警告	IBM	-	IBM WebSphere Application Server の管理コンソールにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-0781	2010-11-9 15:30	2010-09-13	Show	GitHub Exploit DB Packet Storm

258330	10	危険	IBM	-	IBM WebSphere Application Server における脆弱性	CWE-20 不適切な入力確認	CVE-2010-3186	2010-11-9 15:30	2010-08-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197461	4.3	MEDIUM Network	futuriowp	futurio_extra	The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address.	-	CVE-2021-25110	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197462	2.7	LOW Network	futuriowp	futurio_extra	The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cr…	CWE-89 SQL Injection	CVE-2021-25109	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197463	6.1	MEDIUM Network	accesspressthemes	form_store_to_db	The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site …	-	CVE-2021-25107	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197464	4.8	MEDIUM Network	wpchill	remove_footer_credit	The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is dis…	-	CVE-2021-25050	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197465	6.1	MEDIUM Network	noptin	noptin	The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue	-	CVE-2021-25033	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197466	5.4	MEDIUM Network	najeebmedia	ppom_for_woocommerce	The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrar…	-	CVE-2021-25018	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197467	3.5	LOW Network	vowelweb	ibtana	The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action, allowing any authenticated users, such as subscriber to call it an…	-	CVE-2021-25014	2024-11-21 14:54	2022-02-14	Show	GitHub Exploit DB Packet Storm

197468	9.8	CRITICAL Network	strangerstudios	paid_memberships_pro	The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one of its REST route (available to unauthenticated users) before using it in a SQL statement, leading to a…	CWE-89 SQL Injection	CVE-2021-25114	2024-11-21 14:54	2022-02-8	Show	GitHub Exploit DB Packet Storm

197469	7.1	HIGH Network	ip2location	country_blocker	The IP2Location Country Blocker WordPress plugin before 2.26.6 does not have CSRF check in the ip2location_country_blocker_save_rules AJAX action, allowing attackers to make a logged in admin block a…	CWE-352 Origin Validation Error	CVE-2021-25108	2024-11-21 14:54	2022-02-8	Show	GitHub Exploit DB Packet Storm

197470	5.4	MEDIUM Network	wpeka	wplegalpages	The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WPLegalPages WordPress plugin before 2.7.1 does not check for authorisation and has a flawed CSRF logic when saving its s…	CWE-79 Cross-site Scripting	CVE-2021-25106	2024-11-21 14:54	2022-02-8	Show	GitHub Exploit DB Packet Storm