Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
258951 6.6 警告 日立 - JP1/Cm2/Network Node Manager のリモートコンソールにおけるファイルパーミッションの脆弱性 CWE-264
認可・権限・アクセス制御 		- 2010-03-12 15:12 2010-02-26 Show GitHub Exploit DB Packet Storm
258952 9.3 危険 Panda Security - Panda Security ActiveScan におけるコンポーネントのデジタル署名を検証しない問題 CWE-94
コード・インジェクション 		CVE-2009-3735 2010-03-12 15:12 2010-02-12 Show GitHub Exploit DB Packet Storm
258953 5 警告 サイバートラスト株式会社
OpenSSL Project
IBM
レッドハット		 - OpenSSL の dtls1_retrieve_buffered_fragment 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1379 2010-03-12 14:44 2009-05-19 Show GitHub Exploit DB Packet Storm
258954 5 警告 サイバートラスト株式会社
OpenSSL Project
IBM
レッドハット		 - OpenSSL の dtls1_process_out_of_seq_message 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-1378 2010-03-12 14:44 2009-05-19 Show GitHub Exploit DB Packet Storm
258955 5 警告 サイバートラスト株式会社
OpenSSL Project
IBM
レッドハット		 - OpenSSL の dtls1_buffer_record 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2009-1377 2010-03-12 14:43 2009-05-19 Show GitHub Exploit DB Packet Storm
258956 5 警告 アップル
サイバートラスト株式会社
OpenSSL Project
Apache Software Foundation
レッドハット		 - OpenSSL の zlib_stateful_init 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-1678 2010-03-12 14:43 2008-07-10 Show GitHub Exploit DB Packet Storm
258957 5.8 警告 OpenPNEプロジェクト - OpenPNE におけるアクセス制限回避の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1040 2010-03-11 12:39 2010-03-5 Show GitHub Exploit DB Packet Storm
258958 10 危険 アドビシステムズ - Adobe Download Manager における任意のプログラムをダウンロードおよびインストールされる脆弱性 CWE-noinfo
情報不足 		CVE-2010-0189 2010-03-11 12:07 2010-02-23 Show GitHub Exploit DB Packet Storm
258959 7.2 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の collect_rx_frame 関数における脆弱性 CWE-119
バッファエラー 		CVE-2009-4005 2010-03-11 12:05 2009-11-20 Show GitHub Exploit DB Packet Storm
258960 7.8 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の RTL8169 NIC ドライバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2009-1389 2010-03-11 12:04 2009-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197601 4.8 MEDIUM
Network 		flippercode wp_google_map The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, ev… - CVE-2021-24502 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
197602 8.1 HIGH
Network 		amentotech workreap The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objec… - CVE-2021-24501 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
197603 8.1 HIGH
Network 		amentotech workreap Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an atta… CWE-352
 Origin Validation Error 		CVE-2021-24500 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
197604 9.8 CRITICAL
Network 		amentotech workreap The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid use… - CVE-2021-24499 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
197605 6.1 MEDIUM
Network 		marmoset marmoset_viewer The Marmoset Viewer WordPress plugin before 1.9.3 does not property sanitize, validate or escape the 'id' parameter before outputting back in the page, leading to a reflected Cross-Site Scripting iss… - CVE-2021-24495 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
197606 6.5 MEDIUM
Network 		leaflet_map_project leaflet_map The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Fo… - CVE-2021-24467 2024-11-21 14:53 2021-08-9 Show GitHub Exploit DB Packet Storm
197607 6.1 MEDIUM
Network 		wplearnmanager wp_learn_manager The WP LMS – Best WordPress LMS Plugin WordPress plugin through 1.1.2 does not properly sanitise or validate its User Field Titles, allowing XSS payload to be used in them. Furthermore, no CSRF and c… - CVE-2021-24504 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197608 5.4 MEDIUM
Network 		thememason popular_brand_icons_-_simple_icons The Popular Brand Icons – Simple Icons WordPress plugin before 2.7.8 does not sanitise or validate some of its shortcode parameters, such as "color", "size" or "class", allowing users with a role as … - CVE-2021-24503 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197609 6.1 MEDIUM
Network 		dwbooster calendar_event_multi_view The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a refle… - CVE-2021-24498 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm
197610 6.1 MEDIUM
Network 		community_events_project community_events The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leadin… - CVE-2021-24496 2024-11-21 14:53 2021-08-2 Show GitHub Exploit DB Packet Storm