Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
209011	6.5	警告	WP Symposium	-	WordPress 用 WP Symposium プラグインの ajax/mail_functions.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-8810	2015-01-5 17:00	2014-11-26	Show	GitHub Exploit DB Packet Storm

209012	4.3	警告	WP Symposium	-	WordPress 用 WP Symposium プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2014-8809	2015-01-5 17:00	2014-11-26	Show	GitHub Exploit DB Packet Storm

209013	10	危険	Allegro Software Development Corporation	-	Huawei ホームゲートウェイ製品などで使用される AllegroSoft RomPager におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-9223	2015-01-5 16:25	2014-12-24	Show	GitHub Exploit DB Packet Storm

209014	7.5	危険	BSD mailx project Heirloom レッドハットオラクル	-	Heirloom mailx および BSD mailx の fio.c の expand 関数における任意のコマンドを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2004-2771	2015-01-5 15:15	2004-10-29	Show	GitHub Exploit DB Packet Storm

209015	7.5	危険	Google	-	Google Chrome の WebKit の WebCore の rendering/svg/RenderSVGText.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1798	2015-01-5 14:41	2011-04-16	Show	GitHub Exploit DB Packet Storm

209016	7.5	危険	Google	-	Google Chrome の WebKit の WebCore の page/FrameView.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2011-1796	2015-01-5 14:41	2011-04-19	Show	GitHub Exploit DB Packet Storm

209017	7.5	危険	Google	-	Google Chrome の WebKit の WebCore の html/HTMLFormElement.cpp における整数アンダーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1795	2015-01-5 14:41	2011-04-12	Show	GitHub Exploit DB Packet Storm

209018	7.5	危険	Google	-	Google Chrome の WebKit の WebCore の SVG フィルタの実装における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2011-1794	2015-01-5 14:40	2011-04-20	Show	GitHub Exploit DB Packet Storm

209019	7.5	危険	Google	-	Google Chrome の WebKit の rendering/svg/RenderSVGResourceFilter.cpp におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-1793	2015-01-5 14:40	2011-04-30	Show	GitHub Exploit DB Packet Storm

209020	7.2	危険	Linux	-	MSM デバイス用 Qualcomm Innovation Center Android コントリビューションなどで使用される Linux Kernel 用 QSEECOM ドライバにおける権限を取得される脆弱性	CWE-119 バッファエラー	CVE-2014-4322	2015-01-5 12:15	2014-12-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 26, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251441	4.8	MEDIUM Network	aftabhusain	category_and_taxonomy_meta_fields	The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaft_add_meta_textinput' function in versions up to, an…	CWE-79 Cross-site Scripting	CVE-2024-9590	2024-10-30 01:07	2024-10-22	Show	GitHub Exploit DB Packet Storm

251442	4.8	MEDIUM Network	aftabhusain	category_and_taxonomy_meta_fields	The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new_meta_name' parameter in the 'wpaft_option_page' function in versions up to, and in…	CWE-79 Cross-site Scripting	CVE-2024-9589	2024-10-30 01:07	2024-10-22	Show	GitHub Exploit DB Packet Storm

251443	9.8	CRITICAL Network	pluginus	wordpress_meta_data_and_taxonomies_filter	Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and…	CWE-94 Code Injection	CVE-2024-50450	2024-10-30 01:05	2024-10-28	Show	GitHub Exploit DB Packet Storm

251444	7.2	HIGH Network	royal-elementor-addons	royal_elementor_addons	Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980.	CWE-611 XXE	CVE-2024-50442	2024-10-30 01:04	2024-10-28	Show	GitHub Exploit DB Packet Storm

251445	4.8	MEDIUM Network	aftabhusain	category_and_taxonomy_image	The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_category_image' parameter in versions up to, and including, 1.0.0 due to insufficient input…	CWE-79 Cross-site Scripting	CVE-2024-9591	2024-10-30 01:04	2024-10-22	Show	GitHub Exploit DB Packet Storm

251446	8.8	HIGH Network	wpclever	wpc_shop_as_a_customer_for_woocommerce	Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through …	CWE-502 Deserialization of Untrusted Data	CVE-2024-50416	2024-10-30 01:02	2024-10-28	Show	GitHub Exploit DB Packet Storm

251447	8.8	HIGH Network	kibokolabs	namaste\!_lms	Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object Injection.This issue affects Namaste! LMS: from n/a through 2.6.3.	CWE-502 Deserialization of Untrusted Data	CVE-2024-50408	2024-10-30 01:01	2024-10-28	Show	GitHub Exploit DB Packet Storm

251448	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN401 'stream_enc_regs' array is an array of dcn10_stream…	CWE-129 Improper Validation of Array Index	CVE-2024-49970	2024-10-30 00:57	2024-10-22	Show	GitHub Exploit DB Packet Storm

251449	6.5	MEDIUM Network	metagauss	profilegrid	Missing Authorization vulnerability in ProfileGrid User Profiles ProfileGrid.This issue affects ProfileGrid: from n/a through 5.9.3.	CWE-862 Missing Authorization	CVE-2024-49273	2024-10-30 00:48	2024-10-21	Show	GitHub Exploit DB Packet Storm

251450	9.1	CRITICAL Network	openrefine	butterfly	The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour…	CWE-22 Path Traversal	CVE-2024-47883	2024-10-30 00:38	2024-10-25	Show	GitHub Exploit DB Packet Storm