Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
258981	6.8	警告	Linux レッドハット	-	KVM の pit_ioport_read 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-16 環境設定	CVE-2010-0309	2010-03-4 13:41	2010-02-9	Show	GitHub Exploit DB Packet Storm

258982	4.1	警告	Linux レッドハット	-	KVM の x86 エミュレータにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0306	2010-03-4 13:41	2010-02-9	Show	GitHub Exploit DB Packet Storm

258983	5	警告	レッドハットリアルネットワークス	-	RealNetworks HelixPlayer および RealPlayer におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0417	2010-03-4 13:40	2010-02-18	Show	GitHub Exploit DB Packet Storm

258984	7.5	危険	レッドハットリアルネットワークス	-	RealNetworks HelixPlayer および RealPlayer の Unescape 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0416	2010-03-4 13:40	2010-02-18	Show	GitHub Exploit DB Packet Storm

258985	9.3	危険	マイクロソフト	-	Microsoft Windows の Microsoft Paint における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-0028	2010-03-3 11:54	2010-02-9	Show	GitHub Exploit DB Packet Storm

258986	7.2	危険	マイクロソフト	-	Microsoft Windows の kernel における権限昇格の脆弱性	CWE-Other その他	CVE-2010-0233	2010-03-3 11:54	2010-02-9	Show	GitHub Exploit DB Packet Storm

258987	6.3	警告	マイクロソフト	-	Microsoft Windows の KDC におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-0035	2010-03-3 11:54	2010-02-9	Show	GitHub Exploit DB Packet Storm

258988	7.1	危険	マイクロソフト	-	Microsoft Windows の SMB 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-362 競合状態	CVE-2010-0021	2010-03-3 11:54	2010-02-9	Show	GitHub Exploit DB Packet Storm

258989	10	危険	マイクロソフト	-	Microsoft Windows の SMB 実装におけるアクセス権を取得される脆弱性	CWE-264 CWE-310	CVE-2010-0231	2010-03-3 11:54	2010-02-9	Show	GitHub Exploit DB Packet Storm

258990	7.8	危険	マイクロソフト	-	Microsoft Windows の SMB 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0022	2010-03-3 11:53	2010-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196931	4.8	MEDIUM Network	wp-eventmanager	wp_event_manager	The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even …	CWE-79 Cross-site Scripting	CVE-2021-24810	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

196932	7.2	HIGH Network	wpaffiliatefeed	tradetracker-store	The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.	CWE-89 SQL Injection	CVE-2021-24778	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

196933	7.2	HIGH Network	hotscot	contact_form	The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a…	CWE-89 SQL Injection	CVE-2021-24777	2024-11-21 14:53	2022-03-7	Show	GitHub Exploit DB Packet Storm

196934	4.8	MEDIUM Network	codeasily	grand_flagallery	The GRAND FlaGallery WordPress plugin through 6.1.2 does not sanitise and escape some of its gallery settings, which could allow high privilege users to perform Cross-Site scripting attacks even when…	-	CVE-2021-24903	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196935	4.8	MEDIUM Network	securemoz	security_audit	The Security Audit WordPress plugin through 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilt…	-	CVE-2021-24901	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196936	4.8	MEDIUM Network	editable-table_project	editable_table	The EditableTable WordPress plugin through 0.1.4 does not sanitise and escape any of the Table and Column fields, which could allow high privilege users to perform Cross-Site Scripting attacks even w…	-	CVE-2021-24898	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196937	8.8	HIGH Network	wpscan	wp_cloudy	The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter before using it in a SQL statement in the admin dashboard, leading to a SQL Injection issue	-	CVE-2021-24864	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196938	8.1	HIGH Network	schiocco	support_board	The Support Board WordPress plugin before 3.3.6 does not have any CSRF checks in actions handled by the include/ajax.php file, which could allow attackers to make logged in users do unwanted actions.…	-	CVE-2021-24823	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196939	6.5	MEDIUM Network	bold-themes	cost_calculator	The Cost Calculator WordPress plugin through 1.6 allows authenticated users (Contributor+ in versions < 1.5, and Admin+ in versions <= 1.6) to perform path traversal and local PHP file inclusion on W…	-	CVE-2021-24820	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm

196940	8.8	HIGH Network	core_tweaks_wp_setup_project	core_tweaks_wp_setup	The Core Tweaks WP Setup WordPress plugin through 4.1 allows to bulk-set many settings in WordPress, including the admin email, as well as creating a new admin account. There is no CSRF protection in…	-	CVE-2021-24803	2024-11-21 14:53	2022-02-28	Show	GitHub Exploit DB Packet Storm