Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258391 9.3 危険 マイクロソフト - Microsoft Excel における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3234 2010-10-27 15:17 2010-10-12 Show GitHub Exploit DB Packet Storm
258392 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2010-3231 2010-10-27 15:16 2010-10-12 Show GitHub Exploit DB Packet Storm
258393 9.3 危険 マイクロソフト - Microsoft Excel における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-3230 2010-10-27 15:16 2010-10-12 Show GitHub Exploit DB Packet Storm
258394 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3221 2010-10-27 15:16 2010-10-12 Show GitHub Exploit DB Packet Storm
258395 9.3 危険 マイクロソフト - 複数の Microsoft 製品におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-3214 2010-10-27 15:15 2010-10-12 Show GitHub Exploit DB Packet Storm
258396 9.3 危険 マイクロソフト - Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3220 2010-10-27 15:15 2010-10-12 Show GitHub Exploit DB Packet Storm
258397 9.3 危険 マイクロソフト - Microsoft Word における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3219 2010-10-27 15:14 2010-10-12 Show GitHub Exploit DB Packet Storm
258398 9.3 危険 マイクロソフト - Microsoft Word におけるヒープベースのバッファオーバーフローの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3218 2010-10-27 15:14 2010-10-12 Show GitHub Exploit DB Packet Storm
258399 9.3 危険 マイクロソフト - Microsoft Word における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-3217 2010-10-27 15:14 2010-10-12 Show GitHub Exploit DB Packet Storm
258400 5 警告 レッドハット
Pidgin
Adium
オラクル		 - Pidgin および Adium の MSN プロトコルプラグインにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0277 2010-10-27 14:33 2010-01-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197451 6.1 MEDIUM
Network 		givewp givewp The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape the form_id parameter before outputting it back in the response of an unauthenticated request via the give_checkout_login AJAX a… - CVE-2021-25099 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197452 8.8 HIGH
Network 		sygnoos popup_builder The Popup Builder WordPress plugin before 4.0.7 does not validate and sanitise the sgpb_type parameter before using it in a require statement, leading to a Local File Inclusion issue. Furthermore, si… - CVE-2021-25082 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197453 3.5 LOW
Network 		wpdevart duplicate_page_or_post The Duplicate Page or Post WordPress plugin before 1.5.1 does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing any auth… - CVE-2021-25075 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197454 8.8 HIGH
Network 		wpdownloadmanager download_manager The Download Manager WordPress plugin before 3.2.34 does not sanitise and escape the package_ids parameter before using it in a SQL statement, leading to a SQL injection, which can also be exploited … - CVE-2021-25069 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197455 5.4 MEDIUM
Network 		fivestarplugins five_star_business_profile_and_schema The Five Star Business Profile and Schema WordPress plugin before 2.1.7 does not have any authorisation and CSRF in its bpfwp_welcome_add_contact_page and bpfwp_welcome_set_contact_information AJAX a… - CVE-2021-25060 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197456 5.4 MEDIUM
Network 		the_buffer_button_project the_buffer_button The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting (XSS) within the Twitter username to mention text field. - CVE-2021-25058 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197457 5.4 MEDIUM
Network 		translationexchange translation_exchange The Translation Exchange WordPress plugin through 1.0.14 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS) within the Project Key text field found in the plugin's settings. - CVE-2021-25057 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197458 6.1 MEDIUM
Network 		feedwordpress_project feedwordpress The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter. CWE-79
Cross-site Scripting 		CVE-2021-25055 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197459 6.1 MEDIUM
Network 		sigmaplugin advanced_database_cleaner The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting iss… - CVE-2021-24921 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
197460 6.4 MEDIUM
Network 		wp_photo_album_plus_project wp_photo_album_plus The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could c… - CVE-2021-25115 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm