Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258651 6.8 警告 ヒューレット・パッカード - HP HP-UX の Software Distributor における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2010-2712 2010-09-15 17:18 2010-08-25 Show GitHub Exploit DB Packet Storm
258652 6 警告 レッドハット - Red Hat Enterprise Linux の gdm におけるアクセス制限を回避される脆弱性 CWE-DesignError
CVE-2007-5079 2010-09-15 17:18 2007-09-25 Show GitHub Exploit DB Packet Storm
258653 9.3 危険 ImageMagick
GraphicsMagick
レッドハット		 - ImageMagick および GraphicsMagick の XMakeImage 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-1882 2010-09-15 17:17 2009-06-2 Show GitHub Exploit DB Packet Storm
258654 3.3 注意 レッドハット - Firefox の SPICE プラグインにおける任意のファイルを上書きされる脆弱性 CWE-59
リンク解釈の問題 		CVE-2010-2794 2010-09-15 17:17 2010-08-25 Show GitHub Exploit DB Packet Storm
258655 3.3 注意 レッドハット - Firefox の SPICE プラグインにおける重要な情報を取得される脆弱性 CWE-362
競合状態 		CVE-2010-2792 2010-09-15 17:13 2010-08-25 Show GitHub Exploit DB Packet Storm
258656 1.9 注意 シトリックス・システムズ - Citrix XenServer におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2010-2619 2010-09-14 15:55 2010-06-17 Show GitHub Exploit DB Packet Storm
258657 4.6 警告 シトリックス・システムズ - Citrix XenServer における認証を回避され Xen API (XAPI) を実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-0633 2010-09-14 15:54 2010-02-12 Show GitHub Exploit DB Packet Storm
258658 4.3 警告 シトリックス・システムズ - 複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3253 2010-09-14 15:54 2008-07-16 Show GitHub Exploit DB Packet Storm
258659 7.5 危険 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3760 2010-09-14 15:54 2009-10-22 Show GitHub Exploit DB Packet Storm
258660 6 警告 シトリックス・システムズ - Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2009-3759 2010-09-14 15:54 2009-10-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197411 5.3 MEDIUM
Network 		b4after osmapper The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related post type named 'map' and is registered with the wp_ajax_nopriv prefix, making it available to unauthent… CWE-352
CWE-862
 Origin Validation Error
 Missing Authorization 		CVE-2021-24978 2024-11-21 14:54 2022-03-29 Show GitHub Exploit DB Packet Storm
197412 8.8 HIGH
Network 		iptanus wordpress_file_upload_pro
wordpress_file_upload 		The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to uplo… CWE-22
Path Traversal 		CVE-2021-24962 2024-11-21 14:54 2022-03-29 Show GitHub Exploit DB Packet Storm
197413 6.8 MEDIUM
Network 		isc
fedoraproject
netapp
siemens
juniper 		bind
fedora
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_firmware
h700e_firmware
h410s_firmware
h410c_firmware
sinec_ins
junos 		BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0,… CWE-444
HTTP Request Smuggling 		CVE-2021-25220 2024-11-21 14:54 2022-03-23 Show GitHub Exploit DB Packet Storm
197414 6.1 MEDIUM
Network 		squirrly seo_plugin_by_squirrly_seo The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripti… - CVE-2021-25019 2024-11-21 14:54 2022-03-22 Show GitHub Exploit DB Packet Storm
197415 5.5 MEDIUM
Network 		patreon patreon_wordpress The Patreon WordPress plugin before 1.8.2 does not sanitise and escape the field "Custom Patreon Page name", which could allow high privilege users to perform Cross-Site Scripting attacks even when t… - CVE-2021-25026 2024-11-21 14:54 2022-03-15 Show GitHub Exploit DB Packet Storm
197416 9.8 CRITICAL
Network 		molie_instructure_canvas_linking_tool_project molie_instructure_canvas_linking_tool The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using in a SQL statement, leading to an SQL Injection - CVE-2021-25007 2024-11-21 14:54 2022-03-15 Show GitHub Exploit DB Packet Storm
197417 6.1 MEDIUM
Network 		molie_instructure_canvas_linking_tool_project molie_instructure_canvas_linking_tool The MOLIE WordPress plugin through 0.5 does not escape the course_id parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue - CVE-2021-25006 2024-11-21 14:54 2022-03-15 Show GitHub Exploit DB Packet Storm
197418 9.8 CRITICAL
Network 		wptaskforce wpcargo_track_\&_trace The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-25003 2024-11-21 14:54 2022-03-15 Show GitHub Exploit DB Packet Storm
197419 6.1 MEDIUM
Network 		wki idpay_for_contact_form_7 The IDPay for Contact Form 7 WordPress plugin through 2.1.2 does not sanitise and escape the idpay_error parameter before outputting it back in the page leading to a Reflected Cross-Site Scripting - CVE-2021-24996 2024-11-21 14:54 2022-03-15 Show GitHub Exploit DB Packet Storm
197420 4.8 MEDIUM
Network 		html5_responsive_faq_project html5_responsive_faq The HTML5 Responsive FAQ WordPress plugin through 2.8.5 does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Cross-Site Scripting attacks ev… - CVE-2021-24995 2024-11-21 14:54 2022-03-15 Show GitHub Exploit DB Packet Storm