Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
259421 5 警告 オラクル - BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0074 2010-02-15 19:32 2010-01-12 Show GitHub Exploit DB Packet Storm
259422 5 警告 オラクル - BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0068 2010-02-15 19:32 2010-01-12 Show GitHub Exploit DB Packet Storm
259423 4.3 警告 オラクル - Oracle Application Server の J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0070 2010-02-15 19:31 2010-01-12 Show GitHub Exploit DB Packet Storm
259424 5 警告 オラクル - Oracle Application Server の J2EE コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0067 2010-02-15 19:31 2010-01-12 Show GitHub Exploit DB Packet Storm
259425 5 警告 オラクル - Oracle Application Server の Access Manager Identity Server コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2010-0066 2010-02-15 19:31 2010-01-12 Show GitHub Exploit DB Packet Storm
259426 7.8 危険 サイバートラスト株式会社
Linux
レッドハット		 - Linux kernel の e1000_clean_rx_irq 関数における整数アンダーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2009-1385 2010-02-15 11:03 2009-06-4 Show GitHub Exploit DB Packet Storm
259427 4.6 警告 サイバートラスト株式会社
Todd C. Miller		 - sudo の Perl スクリプト実行時における権限昇格の脆弱性 - CVE-2005-4158 2010-02-15 11:03 2005-11-8 Show GitHub Exploit DB Packet Storm
259428 1 注意 オラクル - Oracle Database および Oracle Application Server の Unzip コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3412 2010-02-12 12:22 2010-01-12 Show GitHub Exploit DB Packet Storm
259429 3.2 注意 オラクル - Oracle Database の Oracle Spatial コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3413 2010-02-12 12:22 2010-01-12 Show GitHub Exploit DB Packet Storm
259430 3.6 注意 オラクル - Oracle Database の RDBMS コンポーネントにおける脆弱性 CWE-noinfo
情報不足 		CVE-2009-3410 2010-02-12 12:21 2010-01-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197711 5.4 MEDIUM
Network 		ayecode geodirectory The GeoDirectory Business Directory WordPress plugin before 2.1.1.3 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS). - CVE-2021-24720 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197712 6.1 MEDIUM
Network 		kriesi enfold The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Reflected Cross-Site Scripting (XSS). The vulnerability is present on Enfold versions previous than 4.8.4 which use Avia Page Builder. CWE-79
Cross-site Scripting 		CVE-2021-24719 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197713 5.4 MEDIUM
Network 		dwbooster appointment_hour_booking The Appointment Hour Booking WordPress plugin before 1.3.17 does not properly sanitize values used when creating new calendars. CWE-79
Cross-site Scripting 		CVE-2021-24712 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197714 8.8 HIGH
Network 		tipsandtricks-hq software_license_manager The del_reistered_domains AJAX action of the Software License Manager WordPress plugin before 4.5.1 does not have any CSRF checks, and is vulnerable to a CSRF attack - CVE-2021-24711 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197715 4.8 MEDIUM
Network 		awplife weather_effect The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like *_size_leaf, *_flakes_leaf, *_speed) which could lead to Stored Cross-Site Scripting … - CVE-2021-24709 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197716 4.8 MEDIUM
Network 		expresstech quiz_and_survey_master The Quiz And Survey Master WordPress plugin before 7.3.2 does not escape the Quiz Url Slug setting before outputting it in some pages, which could allow high privilege users to perform Cross-Site Scr… - CVE-2021-24691 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197717 5.4 MEDIUM
Network 		kibokolabs chained_quiz The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings. - CVE-2021-24690 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197718 5.4 MEDIUM
Network 		awplife weather_effect The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting i… CWE-352
CWE-79
 Origin Validation Error
Cross-site Scripting 		CVE-2021-24683 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197719 4.8 MEDIUM
Network 		duplicatepro duplicate_page The Duplicate Page WordPress plugin through 4.4.2 does not sanitise or escape the Duplicate Post Suffix settings before outputting it, which could allow high privilege users to perform Stored Cross-S… - CVE-2021-24681 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm
197720 4.8 MEDIUM
Network 		wpbrigade simple_social_buttons The Simple Social Media Share Buttons WordPress plugin before 3.2.4 does not escape the Share Title settings before outputting it in the frontend pages or posts (depending on the settings used), allo… - CVE-2021-24656 2024-11-21 14:53 2021-10-11 Show GitHub Exploit DB Packet Storm