Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 1, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
206411	4	警告	Ipswitch, Inc.	-	Ipswitch MOVEit DMZ の MOVEitISAPI サービスにおける FileID を列挙される脆弱性	CWE-200 情報漏えい	CVE-2015-7677	2016-02-15 13:48	2015-10-20	Show	GitHub Exploit DB Packet Storm

206412	6	警告	Apache Software Foundation	-	Apache CloudStack におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2015-3252	2016-02-15 11:59	2015-04-10	Show	GitHub Exploit DB Packet Storm

206413	4	警告	Apache Software Foundation	-	Apache CloudStack における仮想マシンの root アカウント用の重要なパスワード情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2015-3251	2016-02-15 11:59	2015-04-10	Show	GitHub Exploit DB Packet Storm

206414	4.3	警告	JasPer Project	-	JasPer の jas_seq.c の jas_matrix_clip 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2016-2089	2016-02-15 11:53	2016-01-28	Show	GitHub Exploit DB Packet Storm

206415	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品の PDF ライブラリにおけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-0058	2016-02-15 11:52	2016-02-9	Show	GitHub Exploit DB Packet Storm

206416	9.3	危険	マイクロソフト	-	複数の Microsoft Office 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0053	2016-02-15 11:51	2016-02-9	Show	GitHub Exploit DB Packet Storm

206417	5	警告	DELL EMC (旧 EMC Corporation) 日立	-	複数の EMC RSA BSAFE 製品における指紋ベースの証明書のブラックリスト保護メカニズムを破られる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-0534	2016-02-12 18:12	2015-08-17	Show	GitHub Exploit DB Packet Storm

206418	2.6	注意	（複数のベンダ）	-	複数のルータ製品におけるクリックジャッキングの脆弱性	CWE-Other その他	-	2016-02-12 17:15	2015-10-30	Show	GitHub Exploit DB Packet Storm

206419	10	危険	シスコシステムズ	-	Cisco Adaptive Security Appliance (ASA) の IKEv1 と IKEv2 の処理にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2016-1287	2016-02-12 16:52	2016-02-11	Show	GitHub Exploit DB Packet Storm

206420	9.3	危険	マイクロソフト	-	Microsoft Office 2007 における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2016-0055	2016-02-12 14:38	2016-02-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1491	6.1	MEDIUM Network	-	-	The WP Promoter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on a function. This ma…	CWE-352 Origin Validation Error	CVE-2026-8906	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1492	4.3	MEDIUM Network	-	-	The MetaMagic SEO Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. This is due to missing or incorrect nonce validation on the metama…	CWE-352 Origin Validation Error	CVE-2026-8942	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1493	7.1	HIGH Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RiceTheme Felan Framework allows Reflected XSS. This issue affects Felan Framework: from n/a thr…	CWE-79 Cross-site Scripting	CVE-2025-22741	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1494	7.1	HIGH Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS. This issue affects Themebox …	CWE-79 Cross-site Scripting	CVE-2025-52747	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1495	6.5	MEDIUM Network	-	-	Insertion of Sensitive Information Into Sent Data vulnerability in Tom GenerateBlocks allows Retrieve Embedded Sensitive Data. This issue affects GenerateBlocks: from n/a through 2.1.0.	CWE-201 Insertion of Sensitive Information Into Sent Data	CVE-2026-48877	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1496	6.5	MEDIUM Network	-	-	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows DOM-Based XSS. This issue affects Master Slider: from n/a through 3.…	CWE-79 Cross-site Scripting	CVE-2026-48968	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1497	6.5	MEDIUM Network	-	-	The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 1.4.7 via the Draw SVG widget. This makes it possible for authentica…	CWE-73 External Control of File Name or Path	CVE-2025-0898	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1498	4.8	MEDIUM Network	-	-	The rexCrawler plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output esca…	CWE-79 Cross-site Scripting	CVE-2026-2280	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1499	4.8	MEDIUM Network	-	-	The myLinksDump plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link_title' parameter in all versions up to, and including, 1.6 due to insufficient input sanitization and o…	CWE-79 Cross-site Scripting	CVE-2026-2288	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm

1500	4.4	MEDIUM Network	-	-	The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings (Description, Title, and other fields) in all versions up to, and including, 3.6.…	CWE-79 Cross-site Scripting	CVE-2026-3348	2026-05-27 23:50	2026-05-27	Show	GitHub Exploit DB Packet Storm