Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258531	-	-	Accoria Networks	-	Accoria Rock Web Server に複数の脆弱性	-	-	2010-06-17 18:33	2010-06-3	Show	GitHub Exploit DB Packet Storm

258532	5	警告	富士通	-	Interstage Portalworks および Interstage Interaction Manager のポータル機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	-	2010-06-17 18:33	2010-05-28	Show	GitHub Exploit DB Packet Storm

258533	10	危険	シスコシステムズ	-	Cisco Mediator Framework におけるパスワードおよびアカウントの詳細を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0600	2010-06-16 18:32	2010-05-26	Show	GitHub Exploit DB Packet Storm

258534	9.3	危険	シスコシステムズ	-	Cisco Mediator Framework における Administrator の認証情報を見破られる脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0599	2010-06-16 18:32	2010-05-26	Show	GitHub Exploit DB Packet Storm

258535	9.3	危険	シスコシステムズ	-	Cisco Mediator Framework における Administrator の認証情報を見破られる脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0598	2010-06-16 18:31	2010-05-26	Show	GitHub Exploit DB Packet Storm

258536	9	危険	シスコシステムズ	-	Cisco Mediator Framework におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2010-0597	2010-06-16 18:31	2010-05-26	Show	GitHub Exploit DB Packet Storm

258537	9	危険	シスコシステムズ	-	Cisco Mediator Framework における権限を取得される脆弱性	CWE-noinfo 情報不足	CVE-2010-0596	2010-06-16 18:31	2010-05-26	Show	GitHub Exploit DB Packet Storm

258538	10	危険	シスコシステムズ	-	Cisco Mediator Framework におけるアクセス権限を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-0595	2010-06-16 18:31	2010-05-26	Show	GitHub Exploit DB Packet Storm

258539	4	警告	サイバートラスト株式会社 MIT Kerberos ターボリナックスレッドハット	-	MIT Kerberos の kadmind におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2010-0629	2010-06-16 16:17	2010-04-6	Show	GitHub Exploit DB Packet Storm

258540	6.4	警告	OpenSSL Project	-	OpenSSL の EVP_PKEY_verify_recover 関数における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1633	2010-06-15 18:26	2010-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197441	4.8	MEDIUM Network	shoppagewp	shop_page_wp	The Shop Page WP WordPress plugin before 1.2.8 does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_…	-	CVE-2021-24811	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197442	4.8	MEDIUM Network	wprssaggregator	wp_rss_aggregator	The WP RSS Aggregator WordPress plugin before 4.19.2 does not properly sanitise and escape the URL to Blacklist field, allowing malicious HTML to be inserted by high privilege users even when the unf…	-	CVE-2021-24768	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197443	8.8	HIGH Network	mycred	mycred	The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before using it in a SQL statement, leading to an SQL injection exploitable by any authenticated user	-	CVE-2021-24755	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197444	5.4	MEDIUM Network	generateblocks	generateblocks	The GenerateBlocks WordPress plugin before 1.4.0 does not validate the generateblocks/container block's tagName attribute, which could allow users with a role as low as contributor to perform Cross-S…	-	CVE-2021-24751	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197445	4.3	MEDIUM Network	kazencoders	url_shortify	The URL Shortify WordPress plugin before 1.5.1 does not have CSRF check in place when bulk-deleting links or groups, which could allow attackers to make a logged in admin delete arbitrary link and gr…	-	CVE-2021-24749	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197446	8.8	HIGH Network	mandsconsulting	email_before_download	The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL inje…	-	CVE-2021-24748	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197447	5.4	MEDIUM Network	wpkube	about_author_box	The About Author Box WordPress plugin before 1.0.2 does not sanitise and escape the Social Profiles field values before outputting them in attributes, which could allow user with a role as low as con…	-	CVE-2021-24745	2024-11-21 14:53	2021-11-29	Show	GitHub Exploit DB Packet Storm

197448	6.5	MEDIUM Network	implecode	reviews_plus	The Reviews Plus WordPress plugin before 1.2.14 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the review section when an authenticated us…	CWE-20 Improper Input Validation	CVE-2021-24894	2024-11-21 14:53	2021-11-24	Show	GitHub Exploit DB Packet Storm

197449	8.8	HIGH Network	advanced_forms_project	advanced_forms	Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user's email address and request for reset passw…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2021-24892	2024-11-21 14:53	2021-11-24	Show	GitHub Exploit DB Packet Storm

197450	6.1	MEDIUM Network	elementor	website_builder	The Elementor Website Builder WordPress plugin before 3.4.8 does not sanitise or escape user input appended to the DOM via a malicious hash, resulting in a DOM Cross-Site Scripting issue.	-	CVE-2021-24891	2024-11-21 14:53	2021-11-24	Show	GitHub Exploit DB Packet Storm