Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
221511	7.5	危険	Ariel Sanders	-	WordPress 用 Lead Octopus プラグインの lib/optin/optin_page.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5189	2014-08-8 18:54	2014-07-28	Show	GitHub Exploit DB Packet Storm

221512	5	警告	Tom M8te project	-	WordPress 用 Tom M8te プラグインにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-5187	2014-08-8 18:48	2014-05-28	Show	GitHub Exploit DB Packet Storm

221513	6.5	警告	Vinoth Kumar	-	WordPress 用 All Video Gallery プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5186	2014-08-8 18:46	2014-05-28	Show	GitHub Exploit DB Packet Storm

221514	6	警告	Quartz plugin project	-	WordPress 用 Quartz プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5185	2014-08-8 18:45	2014-05-28	Show	GitHub Exploit DB Packet Storm

221515	6.5	警告	Brad Hawkins	-	WordPress 用 stripShow プラグインの stripshow-storylines ページにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5184	2014-08-8 18:44	2014-05-28	Show	GitHub Exploit DB Packet Storm

221516	6.5	警告	Jesse Cortez	-	WordPress 用 Simple Retail Menus プラグインの includes/mode-edit.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5183	2014-08-8 18:43	2014-02-19	Show	GitHub Exploit DB Packet Storm

221517	6	警告	ostenta	-	WordPress 用 yawpp プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5182	2014-08-8 18:42	2014-01-7	Show	GitHub Exploit DB Packet Storm

221518	5	警告	Last.fm Rotation plugin project	-	WordPress 用 Last.fm Rotation プラグインの lastfm-proxy.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2014-5181	2014-08-8 18:40	2014-05-28	Show	GitHub Exploit DB Packet Storm

221519	6.5	警告	HDW Player	-	WordPress 用 HDW Player プラグインのビデオページにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2014-5180	2014-08-8 18:39	2014-05-28	Show	GitHub Exploit DB Packet Storm

221520	7.5	危険	Vinoth Kumar	-	WordPress 用 All Video Gallery プラグインにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-6653	2014-08-8 18:36	2012-11-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
274011	4.3	MEDIUM Network	moodle	moodle	The grade-reporting feature in Singleview (aka Single View) in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/grade:manage capability, which allow…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-2155	2024-11-21 11:47	2016-05-23	Show	GitHub Exploit DB Packet Storm

274012	4.3	MEDIUM Network	moodle	moodle	admin/tool/monitor/lib.php in Event Monitor in Moodle 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 does not consider the moodle/course:viewhiddencourses capability, which allows re…	CWE-200 Information Exposure	CVE-2016-2154	2024-11-21 11:47	2016-05-23	Show	GitHub Exploit DB Packet Storm

274013	6.1	MEDIUM Network	moodle	moodle	Cross-site scripting (XSS) vulnerability in the advanced-search feature in mod_data in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allo…	CWE-79 Cross-site Scripting	CVE-2016-2153	2024-11-21 11:47	2016-05-23	Show	GitHub Exploit DB Packet Storm

274014	6.1	MEDIUM Network	moodle	moodle	Multiple cross-site scripting (XSS) vulnerabilities in auth/db/auth.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allow remote att…	CWE-79 Cross-site Scripting	CVE-2016-2152	2024-11-21 11:47	2016-05-23	Show	GitHub Exploit DB Packet Storm

274015	4.3	MEDIUM Network	moodle	moodle	user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 grants excessive authorization on the basis of the moodle/course:viewhidd…	CWE-200 Information Exposure	CVE-2016-2151	2024-11-21 11:47	2016-05-23	Show	GitHub Exploit DB Packet Storm

274016	5.4	MEDIUM Network	theforeman	foreman	Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permissi…	CWE-284 Improper Access Control	CVE-2016-2100	2024-11-21 11:47	2016-05-20	Show	GitHub Exploit DB Packet Storm

274017	8.8	HIGH Network	apple webkitgtk	iphone_os tvos safari webkitgtk\+	The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruptio…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1859	2024-11-21 11:47	2016-05-20	Show	GitHub Exploit DB Packet Storm

274018	6.5	MEDIUM Network	apple webkitgtk	iphone_os tvos safari webkitgtk\+	WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted …	CWE-200 Information Exposure	CVE-2016-1858	2024-11-21 11:47	2016-05-20	Show	GitHub Exploit DB Packet Storm

274019	8.8	HIGH Network	apple webkitgtk	iphone_os tvos safari webkitgtk\+	WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1857	2024-11-21 11:47	2016-05-20	Show	GitHub Exploit DB Packet Storm

274020	8.8	HIGH Network	apple webkitgtk	iphone_os tvos safari webkitgtk\+	WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1856	2024-11-21 11:47	2016-05-20	Show	GitHub Exploit DB Packet Storm