Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 19, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258481 9.3 危険 アドビシステムズ
Google		 - Google Chrome における Adobe Acrobat の JavaScript の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1598 2010-10-19 14:56 2009-05-11 Show GitHub Exploit DB Packet Storm
258482 6.8 警告 Google - Google Chrome で使用される Skia における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-1442 2010-10-19 14:56 2009-05-5 Show GitHub Exploit DB Packet Storm
258483 9.3 危険 Google - Google Chrome の ParamTraits::Read 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1441 2010-10-19 14:56 2009-05-5 Show GitHub Exploit DB Packet Storm
258484 5 警告 Google - Google Chrome におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1514 2010-10-19 14:55 2009-04-20 Show GitHub Exploit DB Packet Storm
258485 4.3 警告 Google - Google Chrome におけるクロスサイトスクリプティングを誘導される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1414 2010-10-19 14:55 2009-04-24 Show GitHub Exploit DB Packet Storm
258486 4.3 警告 Google - Google Chrome におけるクロスサイトスクリプティングを誘導される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1413 2010-10-19 14:55 2009-04-24 Show GitHub Exploit DB Packet Storm
258487 7.8 危険 Google - Google Chrome における IsWebSafeScheme 制限を満たしていない URL をタブで開かれる脆弱性 CWE-200
情報漏えい 		CVE-2009-1412 2010-10-19 14:54 2009-04-24 Show GitHub Exploit DB Packet Storm
258488 5 警告 Google - Google Chrome の V8 JavaScript エンジンにおける同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0276 2010-10-19 14:54 2009-01-28 Show GitHub Exploit DB Packet Storm
258489 5 警告 Google - Google Chrome における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-0411 2010-10-19 14:54 2009-01-28 Show GitHub Exploit DB Packet Storm
258490 2.1 注意 Google - Google Chrome の JavaScript 実装における偽装したポップアップメッセージに従って行動させられる脆弱性 CWE-Other
その他 		CVE-2008-5915 2010-10-19 14:54 2009-01-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 20, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197431 5.3 MEDIUM
Network 		correosexpress_project correosexpress The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email… - CVE-2021-25009 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
197432 5.4 MEDIUM
Network 		iptanus wordpress_file_upload_pro
wordpress_file_upload 		The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role … CWE-79
Cross-site Scripting 		CVE-2021-24961 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
197433 5.4 MEDIUM
Network 		iptanus wordpress_file_upload_pro
wordpress_file_upload 		The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24960 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
197434 6.1 MEDIUM
Network 		tinywebgallery advanced_iframe The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue CWE-79
Cross-site Scripting 		CVE-2021-24953 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
197435 8.8 HIGH
Network 		tatvic conversios.io The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the sync_progressive_data parameter for the tvcajax_product_sync_bantch_wise AJAX action before using it in a SQ… CWE-89
SQL Injection 		CVE-2021-24952 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
197436 5.3 MEDIUM
Network 		yoast yoast_seo The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify ot… - CVE-2021-25118 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
197437 6.1 MEDIUM
Network 		i-plugins whmcs_bridge The WHMCS Bridge WordPress plugin before 6.4b does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting - CVE-2021-25112 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
197438 6.5 MEDIUM
Network 		wpgooglemap wp_google_map The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in most of its AJAX actions, which could allow attackers to make logged in admins delete arbitrary posts … - CVE-2021-25081 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
197439 5.4 MEDIUM
Network 		plugins-market wp_visitor_statistics_\(real_time_traffic\) The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, o… - CVE-2021-25042 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
197440 6.1 MEDIUM
Network 		wp_user_project wp_user The WP User WordPress plugin before 7.0 does not sanitise and escape some parameters in pages where the [wp_user] shortcode is used, leading to Reflected Cross-Site Scripting issues - CVE-2021-25034 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm