Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
260381 4.9 警告 マイクロソフト - Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
CWE-noinfo
CVE-2010-0238 2010-05-11 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
260382 6.9 警告 マイクロソフト - Microsoft Windows の kernel における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0237 2010-05-11 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
260383 6.8 警告 マイクロソフト - Microsoft Windows の kernel における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0236 2010-05-11 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
260384 4.7 警告 マイクロソフト - Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0235 2010-05-11 15:13 2010-04-13 Show GitHub Exploit DB Packet Storm
260385 4.7 警告 マイクロソフト - Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-0234 2010-05-11 15:12 2010-04-13 Show GitHub Exploit DB Packet Storm
260386 9.3 危険 マイクロソフト - Microsoft Windows Media Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2010-0268 2010-05-10 19:11 2010-04-13 Show GitHub Exploit DB Packet Storm
260387 9.3 危険 マイクロソフト - Microsoft Windows の MPEG Layer-3 オーディオコーデックにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0480 2010-05-10 19:11 2010-04-13 Show GitHub Exploit DB Packet Storm
260388 9.3 危険 マイクロソフト - Microsoft Windows の Media Services におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0478 2010-05-10 19:10 2010-04-13 Show GitHub Exploit DB Packet Storm
260389 10 危険 マイクロソフト - Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0477 2010-05-10 19:10 2010-04-13 Show GitHub Exploit DB Packet Storm
260390 10 危険 マイクロソフト - Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0476 2010-05-10 19:10 2010-04-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199511 5.4 MEDIUM
Network 		iptanus wordpress_file_upload_pro
wordpress_file_upload 		The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2021-24960 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
199512 6.1 MEDIUM
Network 		tinywebgallery advanced_iframe The Advanced iFrame WordPress plugin before 2022 does not sanitise and escape the ai_config_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue CWE-79
Cross-site Scripting 		CVE-2021-24953 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
199513 8.8 HIGH
Network 		tatvic conversios.io The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the sync_progressive_data parameter for the tvcajax_product_sync_bantch_wise AJAX action before using it in a SQ… CWE-89
SQL Injection 		CVE-2021-24952 2024-11-21 14:54 2022-03-7 Show GitHub Exploit DB Packet Storm
199514 5.3 MEDIUM
Network 		yoast yoast_seo The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify ot… - CVE-2021-25118 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
199515 6.1 MEDIUM
Network 		i-plugins whmcs_bridge The WHMCS Bridge WordPress plugin before 6.4b does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting - CVE-2021-25112 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
199516 6.5 MEDIUM
Network 		wpgooglemap wp_google_map The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in most of its AJAX actions, which could allow attackers to make logged in admins delete arbitrary posts … - CVE-2021-25081 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
199517 5.4 MEDIUM
Network 		plugins-market wp_visitor_statistics_\(real_time_traffic\) The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.5 does not have authorisation and CSRF checks in the updateIpAddress AJAX action, allowing any authenticated user to call it, o… - CVE-2021-25042 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
199518 6.1 MEDIUM
Network 		wp_user_project wp_user The WP User WordPress plugin before 7.0 does not sanitise and escape some parameters in pages where the [wp_user] shortcode is used, leading to Reflected Cross-Site Scripting issues - CVE-2021-25034 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
199519 5.7 MEDIUM
Network 		wpgooglemap wp_google_map The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper authorisation and CSRF in most of its AJAX actions, which could allow any authenticated users, such as subscri… CWE-352
 Origin Validation Error 		CVE-2021-25011 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm
199520 9.6 CRITICAL
Network 		postsnippets post_snippets The Post Snippets WordPress plugin before 3.1.4 does not have CSRF check when importing files, allowing attacker to make a logged In admin import arbitrary snippets. Furthermore, imported snippers ar… - CVE-2021-25010 2024-11-21 14:54 2022-02-28 Show GitHub Exploit DB Packet Storm