Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258511	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1262	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

258512	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1259	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

258513	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1261	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

258514	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1260	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

258515	4.3	警告	マイクロソフト	-	複数の Microsoft 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1257	2010-06-30 18:53	2010-06-8	Show	GitHub Exploit DB Packet Storm

258516	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1880	2010-06-30 18:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

258517	9.3	危険	マイクロソフト	-	複数の Microsoft 製品における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1879	2010-06-30 18:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

258518	8.5	危険	PostgreSQL.org サイバートラスト株式会社レッドハット	-	PostgreSQL における任意の Perl コードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1447	2010-06-30 18:17	2010-05-14	Show	GitHub Exploit DB Packet Storm

258519	9.3	危険	アップル	-	Apple Mac OS の ColorSync における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-1726	2010-06-30 18:17	2009-08-5	Show	GitHub Exploit DB Packet Storm

258520	6.9	警告	アップルサイバートラスト株式会社 The Perl Foundation レッドハット	-	Perl の rmtree 関数における任意のファイルを削除される脆弱性	CWE-362 競合状態	CVE-2008-5303	2010-06-30 18:16	2008-12-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196931	4.8	MEDIUM Network	wp-eventmanager	wp_event_manager	The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even …	CWE-79 Cross-site Scripting	CVE-2021-24810	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

196932	7.2	HIGH Network	wpaffiliatefeed	tradetracker-store	The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.	CWE-89 SQL Injection	CVE-2021-24778	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

196933	7.2	HIGH Network	hotscot	contact_form	The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a…	CWE-89 SQL Injection	CVE-2021-24777	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

196934	4.8	MEDIUM Network	codeasily	grand_flagallery	The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when…	-	CVE-2021-24903	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196935	4.8	MEDIUM Network	securemoz	security_audit	The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilt…	-	CVE-2021-24901	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196936	4.8	MEDIUM Network	editable-table_project	editable_table	The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even w…	-	CVE-2021-24898	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196937	8.8	HIGH Network	wpscan	wp_cloudy	The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter before using it in a SQL statement in the admin dashboard, leading to a SQL Injection issue	-	CVE-2021-24864	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196938	8.1	HIGH Network	schiocco	support_board	The Support Board WordPress plugin before 3.3.6 does not have any CSRF checks in actions handled by the include/ajax.php file, which could allow attackers to make logged in users do unwanted actions.…	-	CVE-2021-24823	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196939	6.5	MEDIUM Network	bold-themes	cost_calculator	The Cost Calculator WordPress plugin through 1.6 allows authenticated users (Contributor+ in versions < 1.5, and Admin+ in versions <= 1.6) to perform path traversal and local PHP file inclusion on W…	-	CVE-2021-24820	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196940	8.8	HIGH Network	core_tweaks_wp_setup_project	core_tweaks_wp_setup	The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a new admin account. There is no CSRF protection in…	-	CVE-2021-24803	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm