Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258611 6.8 警告 Opera Software ASA - Opera における任意の Web スクリプトを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2059 2010-09-27 16:10 2009-06-15 Show GitHub Exploit DB Packet Storm
258612 9.3 危険 アドビシステムズ
Opera Software ASA		 - Opera における Adobe Acrobat の JavaScript の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1599 2010-09-27 16:09 2009-05-11 Show GitHub Exploit DB Packet Storm
258613 5 警告 Opera Software ASA - Opera におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-7245 2010-09-27 16:09 2009-09-18 Show GitHub Exploit DB Packet Storm
258614 9.3 危険 Opera Software ASA - Windows 上で稼働する Opera におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-5178 2010-09-27 16:09 2008-11-20 Show GitHub Exploit DB Packet Storm
258615 10 危険 Opera Software ASA - Opera における脆弱性 CWE-noinfo
情報不足 		CVE-2009-0916 2010-09-27 16:08 2009-03-3 Show GitHub Exploit DB Packet Storm
258616 4.3 警告 Opera Software ASA - Windows 上で稼働する Opera におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5428 2010-09-27 16:07 2008-12-11 Show GitHub Exploit DB Packet Storm
258617 4.3 警告 Opera Software ASA - Opera の Opera.dll におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4725 2010-09-27 16:07 2008-10-23 Show GitHub Exploit DB Packet Storm
258618 5.8 警告 Opera Software ASA - Opera における新規フィードの購読を作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-4698 2010-09-27 16:05 2008-10-23 Show GitHub Exploit DB Packet Storm
258619 10 危険 Opera Software ASA - Windows 上で稼働する Opera における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2008-4293 2010-09-27 16:05 2008-09-27 Show GitHub Exploit DB Packet Storm
258620 10 危険 Opera Software ASA - Opera における CRL の更新時の処理に関する脆弱性 CWE-255
CWE-noinfo
CVE-2008-4292 2010-09-27 16:04 2008-09-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197981 4.8 MEDIUM
Network 		media-tags_project media-tags The Media-Tags WordPress plugin through 3.2.0.2 does not sanitise and escape any of its Labels settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the u… - CVE-2021-24899 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197982 7.2 HIGH
Network 		ninjaforms ninja_forms The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields POST parameter, which could allow high privilege users to perform SQL injections attacks - CVE-2021-24889 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197983 5.4 MEDIUM
Network 		essentialplugin popup_anything The Popup Anything WordPress plugin before 2.0.4 does not escape the Link Text and Button Text fields of Popup, which could allow users with a role as low as Contributor to perform Cross-Site Scripti… - CVE-2021-24883 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197984 6.1 MEDIUM
Network 		roundupwp registrations_for_the_events_calendar The Registrations for the Events Calendar WordPress plugin before 2.7.5 does not escape the v parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting - CVE-2021-24876 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197985 7.2 HIGH
Network 		bannersky bsk_pdf_manager The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue - CVE-2021-24860 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197986 5.4 MEDIUM
Network 		bulk_datetime_change_project bulk_datetime_change The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which allows users with Contributor roles to 1) list private post titles of other users and 2) change the post… CWE-863
 Incorrect Authorization 		CVE-2021-24842 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197987 5.4 MEDIUM
Network 		stylishcostcalculator stylish_cost_calculator The Stylish Cost Calculator WordPress plugin before 7.0.4 does not have any authorisation and CSRF checks on some of its AJAX actions (available to authenticated users), which could allow any authent… CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2021-24822 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197988 4.8 MEDIUM
Network 		shoppagewp shop_page_wp The Shop Page WP WordPress plugin before 1.2.8 does not sanitise and escape some of the Product fields, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_… - CVE-2021-24811 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197989 4.8 MEDIUM
Network 		wprssaggregator wp_rss_aggregator The WP RSS Aggregator WordPress plugin before 4.19.2 does not properly sanitise and escape the URL to Blacklist field, allowing malicious HTML to be inserted by high privilege users even when the unf… - CVE-2021-24768 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm
197990 8.8 HIGH
Network 		mycred mycred The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before using it in a SQL statement, leading to an SQL injection exploitable by any authenticated user - CVE-2021-24755 2024-11-21 14:53 2021-11-29 Show GitHub Exploit DB Packet Storm