Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258711	9.3	危険	マイクロソフト	-	Microsoft Windows の Media Services におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0478	2010-05-10 19:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

258712	10	危険	マイクロソフト	-	Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0477	2010-05-10 19:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

258713	10	危険	マイクロソフト	-	Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0476	2010-05-10 19:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

258714	10	危険	マイクロソフト	-	Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0270	2010-05-10 19:10	2010-04-13	Show	GitHub Exploit DB Packet Storm

258715	10	危険	マイクロソフト	-	Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0269	2010-05-10 19:09	2010-04-13	Show	GitHub Exploit DB Packet Storm

258716	9.3	危険	マイクロソフト	-	Microsoft Windows の Cabinet File Viewer Shell Extension における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0487	2010-05-10 19:09	2010-04-13	Show	GitHub Exploit DB Packet Storm

258717	9.3	危険	マイクロソフト	-	Microsoft Windows の Authenticode Signature Verification における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0486	2010-05-10 19:09	2010-04-13	Show	GitHub Exploit DB Packet Storm

258718	4.7	警告	サイバートラスト株式会社 Linux レッドハット	-	x86_64 および amd64 プラットフォーム上 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2009-4271	2010-05-10 18:25	2010-03-16	Show	GitHub Exploit DB Packet Storm

258719	5	警告	VMware	-	VMware Authorization Service の VMware Authentication Daemon におけるサービス運用妨害 (DoS) の脆弱性	CWE-134 書式文字列の問題	CVE-2009-3707	2010-05-7 17:26	2009-10-16	Show	GitHub Exploit DB Packet Storm

258720	9.3	危険	VMware	-	VMnc メディアコーデックおよびムービーデコーダにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-1565	2010-05-7 17:26	2010-04-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197511	9.0	CRITICAL Network	tipsandtricks-hq	simple_download_monitor	The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor …	-	CVE-2021-24693	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197512	4.8	MEDIUM Network	igexsolutions	wpschoolpress	The School Management System – WPSchoolPress WordPress plugin before 2.1.17 sanitise some fields using sanitize_text_field() but does not escape them before outputting in attributes, resulting in Sto…	-	CVE-2021-24664	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197513	8.1	HIGH Network	genetechsolutions	pie_register	The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing…	-	CVE-2021-24647	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197514	4.8	MEDIUM Network	bookingholdings	booking.com_banner_creator	The Booking.com Banner Creator WordPress plugin before 1.4.3 does not properly sanitize inputs when creating banners, which could allow high privilege users to perform Cross-Site Scripting attacks ev…	-	CVE-2021-24646	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197515	4.8	MEDIUM Network	bookingholdings	booking.com_product_helper	The Booking.com Product Helper WordPress plugin before 1.0.2 does not sanitize and escape Product Code when creating Product Shortcode, which could allow high privilege users to perform Cross-Site Sc…	-	CVE-2021-24645	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197516	8.8	HIGH Network	unlimited_popups_project	unlimited_popups	The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authentica…	-	CVE-2021-24631	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197517	8.8	HIGH Network	schreikasten_project	schreikasten	The Schreikasten WordPress plugin through 0.14.18 does not sanitise or escape the id GET parameter before using it in SQL statements in the comments dashboard from various actions, leading to authent…	-	CVE-2021-24630	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197518	7.2	HIGH Network	post_content_xmlrpc_project	post_content_xmlrpc	The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated S…	-	CVE-2021-24629	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197519	7.2	HIGH Network	wow-company	wow_forms	The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authentic…	CWE-89 SQL Injection	CVE-2021-24628	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm

197520	7.2	HIGH Network	g_auto-hyperlink_project	g_auto-hyperlink	The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leadin…	-	CVE-2021-24627	2024-11-21 14:53	2021-11-9	Show	GitHub Exploit DB Packet Storm