Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Feb. 9, 2026, 12:59 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250061 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット
オラクル		 - 複数の Mozilla 製品の nsGenericDOMDataNode::SetTextInternal 関数における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2010-1196 2011-01-5 14:39 2010-06-22 Show GitHub Exploit DB Packet Storm
250062 9.3 危険 Mozilla Foundation
オラクル		 - 複数の Mozilla 製品の nsCycleCollector::MarkRoots 関数における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-0183 2011-01-5 14:19 2010-06-22 Show GitHub Exploit DB Packet Storm
250063 7.5 危険 レッドハット - Red Hat Enterprise MRG の Management Console における任意のジョブを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4179 2011-01-4 16:28 2010-11-30 Show GitHub Exploit DB Packet Storm
250064 7.8 危険 シスコシステムズ - 複数の CIsco 製品上で稼働する remote-access IPSec VPN の実装における有効なグループ名を列挙される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4354 2011-01-4 16:18 2010-09-22 Show GitHub Exploit DB Packet Storm
250065 4 警告 Pidgin
オラクル		 - Pidgin の libpurple 内にある oscar プロトコルプラグインの clientautoresp 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-2528 2011-01-4 16:14 2010-07-30 Show GitHub Exploit DB Packet Storm
250066 7.2 危険 VMware - 複数の VMware 製品の VMware-Tools アップデート機能における権限昇格の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4297 2010-12-27 15:40 2010-12-2 Show GitHub Exploit DB Packet Storm
250067 7.2 危険 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4296 2010-12-27 15:38 2010-12-2 Show GitHub Exploit DB Packet Storm
250068 6.9 警告 VMware - 複数の VMware 製品の vmware-mount における権限昇格の脆弱性 CWE-362
競合状態 		CVE-2010-4295 2010-12-27 15:36 2010-12-2 Show GitHub Exploit DB Packet Storm
250069 9.3 危険 VMware - 複数の VMware 製品の VMnc メディアコーデック内にあるフレーム復元機能における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4294 2010-12-27 15:33 2010-12-2 Show GitHub Exploit DB Packet Storm
250070 2.1 注意 アップル - Windows 上で稼働する Apple QuickTime における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0530 2010-12-27 15:07 2010-12-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 25, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1071 6.1 MEDIUM
Network 		- - The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode_id' parameter in all versions up to, and including, 1.1.6 due to insufficient input sanitization and… Update CWE-79
Cross-site Scripting 		CVE-2026-1838 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1072 6.4 MEDIUM
Network 		- - The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insuffic… Update CWE-79
Cross-site Scripting 		CVE-2026-4801 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1073 6.4 MEDIUM
Network 		- - The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flipbox widget's button URL `custom_attributes` field in all versions up to, and including, 2… Update CWE-79
Cross-site Scripting 		CVE-2026-6048 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1074 8.8 HIGH
Network 		- - The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the `c… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-6518 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1075 6.4 MEDIUM
Network 		- - The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_block shortcode in all versions up to, and including, 3.3.9 due to i… Update CWE-79
Cross-site Scripting 		CVE-2026-0894 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1076 5.4 MEDIUM
Network 		- - The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.1, via the 'z_taxonomy_image' shortcode. This is due to the shortcode ren… Update CWE-79
Cross-site Scripting 		CVE-2026-2505 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1077 6.4 MEDIUM
Network 		- - The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'other_attributes' parameter in versions up to, and including, 4.2.1 due to insufficient input s… Update CWE-79
Cross-site Scripting 		CVE-2026-2986 2026-04-23 05:22 2026-04-18 Show GitHub Exploit DB Packet Storm
1078 6.4 MEDIUM
Network 		- - The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's calendly shortcode in all versions up to, and including, 4.4 due… Update CWE-79
Cross-site Scripting 		CVE-2026-0868 2026-04-23 05:22 2026-04-19 Show GitHub Exploit DB Packet Storm
1079 4.3 MEDIUM
Network 		- - A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scriptin… Update CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-6559 2026-04-23 05:22 2026-04-19 Show GitHub Exploit DB Packet Storm
1080 8.8 HIGH
Network 		- - A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param l… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-6560 2026-04-23 05:22 2026-04-19 Show GitHub Exploit DB Packet Storm