Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258531	7.5	危険	アップルサイバートラスト株式会社 Python Software Foundation サン・マイクロシステムズレッドハット	-	Python における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2008-2315	2010-01-19 15:48	2008-08-1	Show	GitHub Exploit DB Packet Storm

258532	7.5	危険	アップルサイバートラスト株式会社 Python Software Foundation サン・マイクロシステムズレッドハット	-	Python の zlib 拡張モジュールにおける任意のコードを実行される脆弱性	CWE-189 数値処理の問題	CVE-2008-1721	2010-01-19 15:48	2008-04-10	Show	GitHub Exploit DB Packet Storm

258533	6.8	警告	アップルサイバートラスト株式会社 Python Software Foundation サン・マイクロシステムズレッドハット	-	Python の imageop.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2008-1679	2010-01-19 15:48	2008-04-22	Show	GitHub Exploit DB Packet Storm

258534	5.8	警告	アップルサイバートラスト株式会社 Python Software Foundation サン・マイクロシステムズレッドハット	-	Python の imageop モジュールにおける複数の整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-4965	2010-01-19 15:47	2007-09-18	Show	GitHub Exploit DB Packet Storm

258535	7.5	危険	アップル	-	Mac OS X 用の Java における任意のコードを実行される脆弱性	CWE-310 暗号の問題	CVE-2009-2843	2010-01-18 12:22	2009-12-3	Show	GitHub Exploit DB Packet Storm

258536	6.8	警告	アップル GNU Project サン・マイクロシステムズサイバートラスト株式会社レッドハット	-	GNU tar の contains_dot_dot() 関数におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-4131	2010-01-18 12:21	2007-08-23	Show	GitHub Exploit DB Packet Storm

258537	4.6	警告	IBM	-	IBM DB2 の dasauto における管理者権限を持たないユーザが実行可能な脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4150	2010-01-15 14:10	2009-12-2	Show	GitHub Exploit DB Packet Storm

258538	2.1	注意	サン・マイクロシステムズ	-	Sun Solaris の ldap_cachemgr におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-4080	2010-01-15 14:10	2009-11-24	Show	GitHub Exploit DB Packet Storm

258539	5	警告	サン・マイクロシステムズ	-	Sun Solaris の sshd におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-4075	2010-01-15 14:09	2009-11-23	Show	GitHub Exploit DB Packet Storm

258540	2.6	注意	オラクル	-	Oracle Application Server におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2010-01-14 15:01	2010-01-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 10, 2026, 5 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196551	4.3	MEDIUM Network	gvectors	wpdiscuz	The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary c…	CWE-352 Origin Validation Error	CVE-2021-24806	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196552	4.3	MEDIUM Network	wp_survey_plus_project	wp_survey_plus	The WP Survey Plus WordPress plugin through 1.0 does not have any authorisation and CSRF checks in place in its AJAX actions, allowing any user to call them and add/edit/delete Surveys. Furthermore, …	CWE-352 CWE-79 Origin Validation Error Cross-site Scripting	CVE-2021-24801	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196553	6.1	MEDIUM Network	androidbubbles	wp_header_images	The WP Header Images WordPress plugin before 2.0.1 does not sanitise and escape the t parameter before outputting it back in the plugin's settings page, leading to a Reflected Cross-Site Scripting is…	CWE-79 Cross-site Scripting	CVE-2021-24798	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196554	7.2	HIGH Network	draftpress	header_footer_code_manager	The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets …	CWE-89 SQL Injection	CVE-2021-24791	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196555	6.5	MEDIUM Network	batch_cat_project	batch_cat	The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require authentication but are available for all roles. As a result, any authenticated user (including simple subs…	NVD-CWE-Other	CVE-2021-24788	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196556	6.5	MEDIUM Network	publishpress	post_expirator	The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts.	CWE-863 Incorrect Authorization	CVE-2021-24783	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196557	6.5	MEDIUM Network	fullworks	redirect_404_error_page_to_homepage_or_custom_page_with_logs	The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete …	-	CVE-2021-24767	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196558	6.5	MEDIUM Network	404_to_301_project	404_to_301	The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delet…	-	CVE-2021-24766	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196559	8.8	HIGH Network	wclovers	frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible	The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor p…	CWE-89 SQL Injection	CVE-2021-24835	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

196560	9.8	CRITICAL Network	genetechsolutions	pie_register	The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a…	-	CVE-2021-24731	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm