Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258511 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1262 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
258512 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1259 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
258513 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1261 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
258514 9.3 危険 マイクロソフト - Microsoft Internet Explorer における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1260 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
258515 4.3 警告 マイクロソフト - 複数の Microsoft 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1257 2010-06-30 18:53 2010-06-8 Show GitHub Exploit DB Packet Storm
258516 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1880 2010-06-30 18:52 2010-06-8 Show GitHub Exploit DB Packet Storm
258517 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1879 2010-06-30 18:52 2010-06-8 Show GitHub Exploit DB Packet Storm
258518 8.5 危険 PostgreSQL.org
サイバートラスト株式会社
レッドハット		 - PostgreSQL における任意の Perl コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1447 2010-06-30 18:17 2010-05-14 Show GitHub Exploit DB Packet Storm
258519 9.3 危険 アップル - Apple Mac OS の ColorSync における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-1726 2010-06-30 18:17 2009-08-5 Show GitHub Exploit DB Packet Storm
258520 6.9 警告 アップル
サイバートラスト株式会社
The Perl Foundation
レッドハット		 - Perl の rmtree 関数における任意のファイルを削除される脆弱性 CWE-362
競合状態 		CVE-2008-5303 2010-06-30 18:16 2008-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196921 4.3 MEDIUM
Network 		designwall dw_question_\&_answer The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2021-24800 2024-11-21 14:53 2022-04-26 Show GitHub Exploit DB Packet Storm
196922 6.1 MEDIUM
Network 		heateor sassy_social_share The Social Sharing Plugin WordPress plugin before 3.3.40 does not escape the viewed post URL before outputting it back in onclick attributes when the "Enable 'More' icon" option is enabled (which is … - CVE-2021-24746 2024-11-21 14:53 2022-03-29 Show GitHub Exploit DB Packet Storm
196923 8.0 HIGH
Network 		vsourz advanced_cf7_db The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted,… CWE-352
 Origin Validation Error 		CVE-2021-24905 2024-11-21 14:53 2022-03-22 Show GitHub Exploit DB Packet Storm
196924 5.4 MEDIUM
Network 		viitorcloud add_subtitle The Add Subtitle WordPress plugin through 1.1.0 does not sanitise or escape the sub-title field (available only with classic editor) when output in the page, which could allow users with a role as lo… - CVE-2021-24897 2024-11-21 14:53 2022-03-15 Show GitHub Exploit DB Packet Storm
196925 4.8 MEDIUM
Network 		webbigt cybersoldier The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and escape the URL settings before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripti… CWE-79
Cross-site Scripting 		CVE-2021-24895 2024-11-21 14:53 2022-03-15 Show GitHub Exploit DB Packet Storm
196926 6.5 MEDIUM
Network 		tipsandtricks-hq simple_download_monitor The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector. - CVE-2021-24692 2024-11-21 14:53 2022-03-15 Show GitHub Exploit DB Packet Storm
196927 5.4 MEDIUM
Network 		custom_content_shortcode_project custom_content_shortcode The Custom Content Shortcode WordPress plugin before 4.0.2 does not escape custom fields before outputting them, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to perform Cros… CWE-79
Cross-site Scripting 		CVE-2021-24826 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
196928 4.3 MEDIUM
Network 		custom_content_shortcode_project custom_content_shortcode The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v < 4.0.2) users to display a… - CVE-2021-24825 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
196929 4.3 MEDIUM
Network 		custom_content_shortcode_project custom_content_shortcode The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This c… CWE-863
 Incorrect Authorization 		CVE-2021-24824 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm
196930 5.4 MEDIUM
Network 		nicdark cost_calculator The Cost Calculator WordPress plugin before 1.6 allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator > Price S… CWE-79
Cross-site Scripting 		CVE-2021-24821 2024-11-21 14:53 2022-03-7 Show GitHub Exploit DB Packet Storm