Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190921 5.3 警告
Network 		マイクロソフト - Microsoft Exchange Server 2013 および 2016 における意図しない情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-11761 2017-09-22 16:24 2017-09-12 Show GitHub Exploit DB Packet Storm
190922 5.3 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Windows Hyper-V コンポーネントにおける情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-8707 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190923 5.3 警告
Local 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 の Windows Hyper-V コンポーネントにおける情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-8706 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190924 5.3 警告
Local 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 の Windows Hyper-V コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2017-8704 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190925 7 重要
Local 		マイクロソフト - Microsoft Windows 10 および Windows Server 2016 の Windows エラー報告におけるより高いアクセス権を取得される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-8702 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190926 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Windows Shell における現在のユーザのコンテキストで任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-8699 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190927 7.5 重要
Network 		マイクロソフト - 複数の Microsoft 製品の Windows Uniscribe におけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8696 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190928 5.3 警告
Network 		マイクロソフト - 複数の Microsoft 製品の Windows Uniscribe における情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-8695 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190929 7.5 重要
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Windows Uniscribe コンポーネントにおけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8692 2017-09-22 16:14 2017-09-12 Show GitHub Exploit DB Packet Storm
190930 7.8 重要
Local 		マイクロソフト - Microsoft Publisher 2007 および 2010 におけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-8725 2017-09-22 16:12 2017-09-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1711 6.4 MEDIUM
Network 		- - The Content Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 2.4.1 due to insufficient input sanitization and… CWE-79
Cross-site Scripting 		CVE-2026-8873 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1712 6.4 MEDIUM
Network 		- - The Responsive Video Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rem_video' shortcode in versions up to, and including, 0.1. This is due to insufficient input … CWE-79
Cross-site Scripting 		CVE-2026-8877 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1713 6.4 MEDIUM
Network 		- - The hk_shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title-plane' shortcode in versions up to, and including, 1.0. This is due to insufficient input sanitizatio… CWE-79
Cross-site Scripting 		CVE-2026-8886 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1714 6.4 MEDIUM
Network 		- - The Easy Prism Syntax Highlighter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'code' (and 'c') shortcode in versions up to, and including, 1.0.2. This is due to… CWE-79
Cross-site Scripting 		CVE-2026-8875 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1715 6.4 MEDIUM
Network 		- - The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sa… CWE-79
Cross-site Scripting 		CVE-2026-8884 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1716 6.4 MEDIUM
Network 		- - The Listen Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'listen' shortcode in versions up to, and including, 1.0. This is due to insufficient input sanitization… CWE-79
Cross-site Scripting 		CVE-2026-8887 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1717 6.4 MEDIUM
Network 		- - The BitForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bitform' shortcode in versions up to, and including, 1.1.0. This is due to insufficient input sanitizat… CWE-79
Cross-site Scripting 		CVE-2026-8891 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1718 6.4 MEDIUM
Network 		- - The iWR Tooltip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `iwrtooltip` shortcode in versions up to, and including, 1.0. This is due to insufficient input sani… CWE-79
Cross-site Scripting 		CVE-2026-8894 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1719 6.4 MEDIUM
Network 		- - The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and… CWE-79
Cross-site Scripting 		CVE-2026-8897 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm
1720 6.4 MEDIUM
Network 		- - The Events In City plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'org-events' shortcode in versions up to, and including, 3.0. This is due to insufficient input sanitizati… CWE-79
Cross-site Scripting 		CVE-2026-8898 2026-05-27 23:50 2026-05-27 Show GitHub Exploit DB Packet Storm