Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228191 4.3 警告 Andy Armstrong
レッドハット
VMware
オラクル		 - CGI.pm および CGI::Simple の multipart_init 関数における任意の HTTP ヘッダを挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-2761 2012-12-17 16:21 2010-12-6 Show GitHub Exploit DB Packet Storm
228192 5 警告 VMware
Linux		 - Linux Kernel の xfrm6_tunnel_rcv 関数におけるメモリ二重解放の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-1583 2012-12-17 16:18 2012-06-16 Show GitHub Exploit DB Packet Storm
228193 7.8 危険 VMware
Linux
オラクル		 - Linux Kernel の IPv6 の実装におけるサービス運用妨害 (ネットワーク障害) の脆弱性 CWE-DesignError
CVE-2011-2699 2012-12-17 16:16 2012-05-24 Show GitHub Exploit DB Packet Storm
228194 7.8 危険 VMware
Linux		 - Linux Kernel の igmp_heard_query 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-0207 2012-12-17 16:13 2012-05-17 Show GitHub Exploit DB Packet Storm
228195 4.9 警告 VMware
Linux		 - Linux kernel の NFS 実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2011-4325 2012-12-17 16:12 2012-01-27 Show GitHub Exploit DB Packet Storm
228196 4.9 警告 VMware
Linux		 - Linux Kernel の encode_share_access 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2011-4324 2012-12-17 16:10 2012-06-21 Show GitHub Exploit DB Packet Storm
228197 2.1 注意 VMware
Linux		 - Linux kernel におけるサービス運用妨害 (アサーションエラーおよび kernel oops) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-4132 2012-12-17 16:08 2012-01-27 Show GitHub Exploit DB Packet Storm
228198 2.1 注意 VMware
Linux		 - Linux kernel の proc ファイルシステム実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-1020 2012-12-17 16:06 2011-02-28 Show GitHub Exploit DB Packet Storm
228199 2.1 注意 VMware
Linux		 - Linux kernel におけるサービス運用妨害 (NULL ポインタデリファレンスおよび kernel oops) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-4110 2012-12-17 16:02 2012-01-27 Show GitHub Exploit DB Packet Storm
228200 5.4 警告 VMware
Linux		 - Linux Kernel の setup_cifs_sb 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 CWE-20
不適切な入力確認 		CVE-2011-3363 2012-12-17 16:00 2012-05-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
249931 8.8 HIGH
Network 		wpvivid migration\
_backup\
_staging 		The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvivid_upload_import_files and wpvivid_upload_files AJA… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-36842 2024-10-31 06:03 2024-10-16 Show GitHub Exploit DB Packet Storm
249932 5.3 MEDIUM
Network 		strategy11 formidable_form_builder The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for u… NVD-CWE-noinfo
CVE-2017-20194 2024-10-31 06:00 2024-10-16 Show GitHub Exploit DB Packet Storm
249933 6.1 MEDIUM
Network 		solarwinds solarwinds_platform The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements. CWE-79
Cross-site Scripting 		CVE-2024-45715 2024-10-31 05:59 2024-10-16 Show GitHub Exploit DB Packet Storm
249934 5.4 MEDIUM
Network 		gtranslate google_language_translator The Google Language Translator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in versions up to, and including, 6.0.9 due to insufficient input sanitizat… CWE-79
Cross-site Scripting 		CVE-2021-4452 2024-10-31 05:57 2024-10-16 Show GitHub Exploit DB Packet Storm
249935 4.3 MEDIUM
Network 		sinaextra sina_extension_for_elementor The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.7 via the render function in widgets/advanced/sina-moda… CWE-200
Information Exposure 		CVE-2024-9540 2024-10-31 05:56 2024-10-16 Show GitHub Exploit DB Packet Storm
249936 6.1 MEDIUM
Network 		woo product_vendors The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output e… CWE-79
Cross-site Scripting 		CVE-2017-20193 2024-10-31 05:46 2024-10-16 Show GitHub Exploit DB Packet Storm
249937 4.3 MEDIUM
Network 		agnai agnai Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen loca… CWE-22
Path Traversal 		CVE-2024-47171 2024-10-31 05:46 2024-09-27 Show GitHub Exploit DB Packet Storm
249938 4.8 MEDIUM
Network 		netgate pfsense A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_e… CWE-79
Cross-site Scripting 		CVE-2024-46538 2024-10-31 05:45 2024-10-23 Show GitHub Exploit DB Packet Storm
249939 7.5 HIGH
Network 		apple xcode This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data. NVD-CWE-noinfo
CVE-2024-44228 2024-10-31 05:35 2024-10-29 Show GitHub Exploit DB Packet Storm
249940 - - - Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information. - CVE-2024-50616 2024-10-31 05:35 2024-10-28 Show GitHub Exploit DB Packet Storm