Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
259751 9.3 危険 マイクロソフト - Microsoft Internet Explorer におけるメモリ破損の脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3673 2010-01-22 10:26 2009-12-8 Show GitHub Exploit DB Packet Storm
259752 9.3 危険 マイクロソフト - Microsoft Internet Explorer におけるメモリ破損の脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3671 2010-01-22 10:26 2009-12-8 Show GitHub Exploit DB Packet Storm
259753 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性 CWE-255
CWE-94
CVE-2009-3677 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
259754 10 危険 マイクロソフト - Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性 CWE-287
不適切な認証 		CVE-2009-2505 2010-01-22 10:24 2009-12-8 Show GitHub Exploit DB Packet Storm
259755 6.9 警告 acpid - acpid の umask におけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4235 2010-01-21 11:44 2009-12-7 Show GitHub Exploit DB Packet Storm
259756 6.9 警告 サイバートラスト株式会社
レッドハット
acpid		 - acpid のレッドハットパッチにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4033 2010-01-21 11:43 2009-12-7 Show GitHub Exploit DB Packet Storm
259757 10 危険 アドビシステムズ - Adobe Illustrator における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-3952 2010-01-21 11:43 2010-01-7 Show GitHub Exploit DB Packet Storm
259758 9.3 危険 アドビシステムズ - Adobe Illustrator における Encapsulated PostScript ファイルの処理に関する任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2009-4195 2010-01-21 11:43 2009-12-4 Show GitHub Exploit DB Packet Storm
259759 4.4 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux Kernel の exit_notify 関数における任意のシグナルをプロセスに送信可能な脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-1337 2010-01-21 11:23 2009-04-22 Show GitHub Exploit DB Packet Storm
259760 4.9 警告 サイバートラスト株式会社
Linux
レッドハット		 - Linux Kernel における sendmsg 関数の呼び出しに関するサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-5300 2010-01-21 11:22 2008-12-1 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 19, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197921 8.8 HIGH
Network 		getperfectsurvey perfect_survey The Perfect Survey WordPress plugin before 1.5.2 does not have proper authorisation nor CSRF checks in the save_global_setting AJAX action, allowing unauthenticated users to edit surveys and modify s… CWE-352
 Origin Validation Error 		CVE-2021-24763 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
197922 9.8 CRITICAL
Network 		getperfectsurvey perfect_survey The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticate… - CVE-2021-24762 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
197923 6.5 MEDIUM
Network 		bestwebsoft error_log_viewer The Error Log Viewer WordPress plugin before 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in a… - CVE-2021-24761 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
197924 4.8 MEDIUM
Network 		nd-learning_project nd-learning The Learning Courses WordPress plugin before 5.0 does not sanitise and escape the Email PDT identity token settings, which could allow high privilege users to perform cross-Site Scripting attacks eve… CWE-79
Cross-site Scripting 		CVE-2021-24707 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
197925 4.8 MEDIUM
Network 		benbodhi svg_support The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scr… CWE-79
Cross-site Scripting 		CVE-2021-24686 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
197926 6.1 MEDIUM
Network 		metagauss registrationmagic The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting CWE-79
Cross-site Scripting 		CVE-2021-24648 2024-11-21 14:53 2022-02-1 Show GitHub Exploit DB Packet Storm
197927 7.5 HIGH
Network 		wp-experts protect_wp_admin The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib/pwa-deactivate.php file, which could allow unauthenticated users to disable the plugin (and therefore th… - CVE-2021-24906 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197928 7.2 HIGH
Network 		acf-extended advanced_custom_fields\ The Advanced Custom Fields: Extended WordPress plugin before 0.8.8.7 does not validate the order and orderby parameters before using them in a SQL statement, leading to a SQL Injection issue - CVE-2021-24865 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197929 7.2 HIGH
Network 		accesspressthemes wp_cookie_user_info The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin … - CVE-2021-24858 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm
197930 4.3 MEDIUM
Network 		wp_post_page_clone_project wp_post_page_clone The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor to clone and view other users' draft and password-protected posts which they cannot view normally. CWE-863
 Incorrect Authorization 		CVE-2021-24733 2024-11-21 14:53 2022-01-24 Show GitHub Exploit DB Packet Storm