Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258411 9.3 危険 日本電気
サイバートラスト株式会社
MIT Kerberos
サン・マイクロシステムズ
ターボリナックス
ヒューレット・パッカード
レッドハット		 - MIT Kerberos 5 RPC ライブラリの gssrpc__svcauth_gssapi() 関数における不正なメモリ領域が解放される脆弱性 - CVE-2007-2442 2010-07-15 17:19 2007-06-26 Show GitHub Exploit DB Packet Storm
258412 4.3 警告 VMware - 複数の VMware 製品の WebAccess におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2277 2010-07-14 17:27 2010-03-29 Show GitHub Exploit DB Packet Storm
258413 6.9 警告 VMware - 複数の VMware 製品の USB サービス における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1140 2010-07-14 17:27 2010-04-9 Show GitHub Exploit DB Packet Storm
258414 9.3 危険 シマンテック - Symantec Workspace Streaming (旧 Symantec AppStream) に脆弱性 CWE-287
不適切な認証 		CVE-2008-4389 2010-07-14 17:26 2010-06-22 Show GitHub Exploit DB Packet Storm
258415 5.8 警告 アップル - Apple iOS の設定アプリケーションにおけるユーザを追跡可能な脆弱性 CWE-DesignError
CVE-2010-1756 2010-07-14 17:26 2010-06-22 Show GitHub Exploit DB Packet Storm
258416 4.3 警告 アップル - Apple iOS の Safari におけるリモートの Web サーバがユーザを追跡可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1755 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258417 1.9 注意 アップル - Apple iOS の パスコードロックにおける任意のデータにアクセスされる脆弱性 CWE-362
競合状態 		CVE-2010-1775 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258418 6.9 警告 アップル - Apple iOS の パスコードロックにおけるパスコード要求を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1754 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258419 6.8 警告 アップル - Apple iOS の ImageIO における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-1753 2010-07-14 17:25 2010-06-22 Show GitHub Exploit DB Packet Storm
258420 5 警告 アップル - Apple iOS の Application Sandbox におけるロケーション情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1751 2010-07-14 17:24 2010-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196911 6.1 MEDIUM
Network 		feedwordpress_project feedwordpress The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter. CWE-79
Cross-site Scripting 		CVE-2021-25055 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
196912 6.1 MEDIUM
Network 		sigmaplugin advanced_database_cleaner The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting iss… - CVE-2021-24921 2024-11-21 14:54 2022-02-21 Show GitHub Exploit DB Packet Storm
196913 6.4 MEDIUM
Network 		wp_photo_album_plus_project wp_photo_album_plus The WP Photo Album Plus WordPress plugin before 8.0.10 was vulnerable to Stored Cross-Site Scripting (XSS). Error log content was handled improperly, therefore any user, even unauthenticated, could c… - CVE-2021-25115 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196914 4.3 MEDIUM
Network 		futuriowp futurio_extra The Futurio Extra WordPress plugin before 1.6.3 allows any logged in user, such as subscriber, to extract any other user's email address. - CVE-2021-25110 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196915 2.7 LOW
Network 		futuriowp futurio_extra The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that could be used by high privilege users to extract data from the database as well as used to perform Cr… CWE-89
SQL Injection 		CVE-2021-25109 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196916 6.1 MEDIUM
Network 		accesspressthemes form_store_to_db The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site … - CVE-2021-25107 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196917 4.8 MEDIUM
Network 		wpchill remove_footer_credit The Remove Footer Credit WordPress plugin before 1.0.11 does properly sanitise its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is dis… - CVE-2021-25050 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196918 6.1 MEDIUM
Network 		noptin noptin The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue - CVE-2021-25033 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196919 5.4 MEDIUM
Network 		najeebmedia ppom_for_woocommerce The PPOM for WooCommerce WordPress plugin before 24.0 does not have authorisation and CSRF checks in the ppom_settings_panel_action AJAX action, allowing any authenticated to call it and set arbitrar… - CVE-2021-25018 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm
196920 3.5 LOW
Network 		vowelweb ibtana The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action, allowing any authenticated users, such as subscriber to call it an… - CVE-2021-25014 2024-11-21 14:54 2022-02-14 Show GitHub Exploit DB Packet Storm