Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252691	6.4	警告	Google	-	Google Chrome における任意の HTTPS サーバになりすまされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2973	2010-10-19 14:59	2009-08-25	Show	GitHub Exploit DB Packet Storm

252692	10	危険	Google	-	Google Chrome にて使用される Google V8 における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-2935	2010-10-19 14:58	2009-08-25	Show	GitHub Exploit DB Packet Storm

252693	4.3	警告	Google	-	Google Chrome の tooltip manager におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2008-7061	2010-10-19 14:58	2009-08-24	Show	GitHub Exploit DB Packet Storm

252694	5	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2009-2955	2010-10-19 14:58	2009-08-24	Show	GitHub Exploit DB Packet Storm

252695	5.8	警告	Google	-	Google Chrome における任意の Web スクリプトを実行される脆弱性	CWE-287 不適切な認証	CVE-2009-2060	2010-10-19 14:57	2009-03-23	Show	GitHub Exploit DB Packet Storm

252696	9.3	危険	Google	-	Google Chrome の chrome/common/gfx/url_elider.cc におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-6998	2010-10-19 14:57	2009-08-19	Show	GitHub Exploit DB Packet Storm

252697	4.3	警告	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2008-6997	2010-10-19 14:57	2009-08-19	Show	GitHub Exploit DB Packet Storm

252698	5	警告	Google	-	Google Chrome BETA におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2008-6996	2010-10-19 14:56	2009-08-19	Show	GitHub Exploit DB Packet Storm

252699	9.3	危険	アドビシステムズ Google	-	Google Chrome における Adobe Acrobat の JavaScript の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1598	2010-10-19 14:56	2009-05-11	Show	GitHub Exploit DB Packet Storm

252700	6.8	警告	Google	-	Google Chrome で使用される Skia における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2009-1442	2010-10-19 14:56	2009-05-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
266541	8.8	HIGH Network	simpolio_project	simpolio	The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.	CWE-276 Incorrect Default Permissions	CVE-2015-9474	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266542	7.5	HIGH Network	estrutura-basica_project	estrutura-basica	The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/download.php arquivo parameter.	CWE-22 Path Traversal	CVE-2015-9473	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266543	6.1	MEDIUM Network	monitorbacklinks	incoming_links	The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP header.	CWE-79 Cross-site Scripting	CVE-2015-9472	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266544	9.8	CRITICAL Network	digitalzoomstudio	zoomsounds	The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2015-9471	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266545	7.5	HIGH Network	ionadas	history_collection	The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.php var parameter.	CWE-22 Path Traversal	CVE-2015-9470	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266546	4.8	MEDIUM Network	cybercraftit	content-grabber	The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.	CWE-79 Cross-site Scripting	CVE-2015-9469	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266547	6.1	MEDIUM Network	k-78	broken_link_manager	The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action.	CWE-79 Cross-site Scripting	CVE-2015-9468	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266548	9.8	CRITICAL Network	k-78	broken_link_manager	The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injection via the url parameter.	CWE-89 SQL Injection	CVE-2015-9467	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266549	9.8	CRITICAL Network	webtechideas	wti_like_post	The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED vari…	CWE-89 SQL Injection	CVE-2015-9466	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

266550	8.8	HIGH Network	yet_another_stars_rating_project	yet_another_stars_rating	The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.	CWE-89 SQL Injection	CVE-2015-9465	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm