Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258781	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2010-0494	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

258782	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の mstime.dll における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0492	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

258783	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0490	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

258784	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0807	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

258785	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-362 競合状態	CVE-2010-0489	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

258786	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0267	2010-04-19 19:18	2010-03-30	Show	GitHub Exploit DB Packet Storm

258787	10	危険	アップル	-	Apple Mac OS X の xar におけるパッケージ署名の検証処理に関する脆弱性	CWE-DesignError	CVE-2010-0055	2010-04-16 16:59	2010-03-29	Show	GitHub Exploit DB Packet Storm

258788	0	注意	アップル	-	Apple Mac OS X の Wiki サーバにおけるコンテンツを公開される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0534	2010-04-16 16:58	2010-03-29	Show	GitHub Exploit DB Packet Storm

258789	5	警告	アップル	-	Apple Mac OS X の Wiki サーバにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0523	2010-04-16 16:58	2010-03-29	Show	GitHub Exploit DB Packet Storm

258790	9	危険	アップル	-	Apple Mac OS X のサーバ管理における管理者権限の処理に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0522	2010-04-16 16:58	2010-03-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197591	6.1	MEDIUM Network	verse-o-matic_project	verse-o-matic	The Verse-O-Matic WordPress plugin through 4.1.1 does not have any CSRF checks in place, allowing attackers to make logged in administrators do unwanted actions, such as add/edit/delete arbitrary ver…	-	CVE-2021-24466	2024-11-21 14:53	2021-08-16	Show	GitHub Exploit DB Packet Storm

197592	5.5	MEDIUM Network	draftpress	my_site_audit	The My Site Audit WordPress plugin through 1.2.4 does not sanitise or escape the Audit Name field when creating an audit, allowing high privilege users to set JavaScript payloads in them, even when h…	-	CVE-2021-24445	2024-11-21 14:53	2021-08-16	Show	GitHub Exploit DB Packet Storm

197593	6.1	MEDIUM Network	social_tape_project	social_tape	The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stor…	-	CVE-2021-24411	2024-11-21 14:53	2021-08-16	Show	GitHub Exploit DB Packet Storm

197594	6.1	MEDIUM Network	telugu_bible_verse_daily_project	telugu_bible_verse_daily	The ?????? ?????? ??????? WordPress plugin through 1.0 is lacking any CSRF check when saving its settings and verses, and do not sanitise or escape them when outputting them back in the page. This co…	CWE-352 Origin Validation Error	CVE-2021-24410	2024-11-21 14:53	2021-08-16	Show	GitHub Exploit DB Packet Storm

197595	6.1	MEDIUM Network	properfraction	profilepress	The User Registration, User Profile, Login & Membership – ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.1.11's widget for tabbed login/register was not properly escaped and could b…	-	CVE-2021-24522	2024-11-21 14:53	2021-08-9	Show	GitHub Exploit DB Packet Storm

197596	7.2	HIGH Network	wow-estore	side_menu	The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly sanitize input values from the browser when building an SQL statement. Users with the administrator role …	-	CVE-2021-24521	2024-11-21 14:53	2021-08-9	Show	GitHub Exploit DB Packet Storm

197597	8.8	HIGH Network	coderstimes	out_of_stock_message_for_woocommerce	The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor…	-	CVE-2021-24520	2024-11-21 14:53	2021-08-9	Show	GitHub Exploit DB Packet Storm

197598	5.4	MEDIUM Network	a3rev	page_view_count	The Page View Count WordPress plugin before 2.4.9 does not escape the postid parameter of pvc_stats shortcode, allowing users with a role as low as Contributor to perform Stored XSS attacks. A post m…	-	CVE-2021-24509	2024-11-21 14:53	2021-08-9	Show	GitHub Exploit DB Packet Storm

197599	9.8	CRITICAL Network	brainstormforce	astra	The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (av…	-	CVE-2021-24507	2024-11-21 14:53	2021-08-9	Show	GitHub Exploit DB Packet Storm

197600	5.4	MEDIUM Network	madeit	forms	The Forms WordPress plugin before 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting (X…	-	CVE-2021-24505	2024-11-21 14:53	2021-08-9	Show	GitHub Exploit DB Packet Storm