Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258701	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2877	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

258702	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2876	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

258703	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2010-2875	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

258704	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2874	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

258705	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2873	2010-09-13 15:43	2010-08-24	Show	GitHub Exploit DB Packet Storm

258706	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2872	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

258707	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の 3D オブジェクト関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2871	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

258708	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2870	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

258709	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2869	2010-09-10 15:16	2010-08-24	Show	GitHub Exploit DB Packet Storm

258710	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の IML32.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2868	2010-09-10 15:16	2010-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198671	8.8	HIGH Network	expresstech	responsive_menu	In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These f…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2021-24160	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198672	8.8	HIGH Network	rocklobster	contact_form_7	Due to the lack of sanitization and lack of nonce protection on the custom CSS feature, an attacker could craft a request to inject malicious JavaScript on a site using the Contact Form 7 Style WordP…	CWE-352 Origin Validation Error	CVE-2021-24159	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198673	6.5	MEDIUM Network	themeisle	orbit_fox	Orbit Fox by ThemeIsle has a feature to add a registration form to both the Elementor and Beaver Builder page builders functionality. As part of the registration form, administrators can choose which…	NVD-CWE-Other	CVE-2021-24158	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198674	5.4	MEDIUM Network	themeisle	orbit_fox	Orbit Fox by ThemeIsle has a feature to add custom scripts to the header and footer of a page or post. There were no checks to verify that a user had the unfiltered_html capability prior to saving th…	CWE-79 Cross-site Scripting	CVE-2021-24157	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198675	5.4	MEDIUM Network	testimonial_rotator_project	testimonial_rotator	Stored Cross-Site Scripting vulnerabilities in Testimonial Rotator 3.0.3 allow low privileged users (Contributor) to inject arbitrary JavaScript code or HTML without approval. This could lead to priv…	CWE-79 Cross-site Scripting	CVE-2021-24156	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198676	7.2	HIGH Network	backup-guard	backup_guard	The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+…	-	CVE-2021-24155	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198677	4.9	MEDIUM Network	themeeditor	theme_editor	The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before passing it to the download_file() function, allowing administrators to download arbitrary files on the web …	CWE-552 Files or Directories Accessible to External Parties	CVE-2021-24154	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198678	5.4	MEDIUM Network	yoast	yoast_seo	A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several …	CWE-79 Cross-site Scripting	CVE-2021-24153	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198679	6.1	MEDIUM Network	sygnoos	popup_builder	The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting.	CWE-79 Cross-site Scripting	CVE-2021-24152	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm

198680	7.5	HIGH Network	likebtn-like-button_project	likebtn-like-button	The LikeBtn WordPress Like Button Rating ? LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2021-24150	2024-11-21 14:52	2021-04-6	Show	GitHub Exploit DB Packet Storm