Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252971	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の DLL ファイルにおける任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-0376	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

252972	9.3	危険	リアルネットワークス	-	RealNetworks RealPlayer の DLL ファイルにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-0375	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

252973	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における HTTP のチャンク転送コーディングの処理に関する脆弱性	CWE-119 バッファエラー	CVE-2009-4243	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

252974	9.3	危険	レッドハットリアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4242	2010-02-17 11:47	2010-01-19	Show	GitHub Exploit DB Packet Storm

252975	9.3	危険	リアルネットワークス	-	Realnetworks RealPlayer における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-4241	2010-02-17 11:46	2010-01-19	Show	GitHub Exploit DB Packet Storm

252976	4.4	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の z90crypt ドライバにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-1883	2010-02-17 11:46	2009-09-15	Show	GitHub Exploit DB Packet Storm

252977	7.2	危険	サイバートラスト株式会社 Linux ターボリナックスレッドハット	-	Linux kernel の udp_sendmsg 関数における権限昇格の脆弱性	CWE-DesignError	CVE-2009-2698	2010-02-17 11:45	2009-08-27	Show	GitHub Exploit DB Packet Storm

252978	7.2	危険	サイバートラスト株式会社 Linux ターボリナックスレッドハット	-	Linux kernel における proto_ops 構造体の初期化処理に関する権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2009-2692	2010-02-17 11:45	2009-08-14	Show	GitHub Exploit DB Packet Storm

252979	4.9	警告	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の agp サブシステムにおける情報漏えいの脆弱性	CWE-Other その他	CVE-2009-1192	2010-02-17 11:45	2009-04-24	Show	GitHub Exploit DB Packet Storm

252980	7.8	危険	サイバートラスト株式会社 Linux レッドハット	-	Linux kernel の CIFS サブシステムにおける Unicode 文字列の処理に関するバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-1633	2010-02-17 11:45	2009-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
306661	-		-	-	There exists an insecure default user permission in Google Cloud Migrate to containers from version 1.1.0 to 1.2.2 Windows installs. A local "m2cuser" was greated with administrator privileges. This …	-	CVE-2024-9858	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306662	-		-	-	A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead…	CWE-1270 Generation of Incorrect Security Tokens	CVE-2023-32188	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306663	-		-	-	A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies t…	-	CVE-2023-22650	2024-10-16 18:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306664	-		-	-	The BigBlueButton plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the moderator code and viewer code fields in versions up to, and including, 3.0.0-beta.4 due to insufficien…	CWE-79 Cross-site Scripting	CVE-2023-7296	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306665	6.1	MEDIUM Network	-	-	The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.21 due to insufficient input sanitization and out…	CWE-79 Cross-site Scripting	CVE-2023-7295	2024-10-16 17:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306666	-		-	-	The Accordion Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ attribute of an accordion slider in all versions up to, and including, 1.9.11 due to insufficient…	CWE-79 Cross-site Scripting	CVE-2024-9582	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306667	6.5	MEDIUM Network	-	-	The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the edit_users c…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2023-7286	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306668	6.3	MEDIUM Network	-	-	The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce prot…	CWE-862 Missing Authorization	CVE-2022-4974	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306669	8.8	HIGH Network	-	-	The Essential Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in versions up to and including 4.6.4 due to a lack of restrictions on who can add a registration form a…	CWE-862 Missing Authorization	CVE-2021-4447	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm

306670	6.3	MEDIUM Network	-	-	The Essential Addons for Elementor plugin for WordPress is vulnerable to authorization bypass in versions up to and including 4.6.4 due to missing capability checks and nonce disclosure. This makes i…	CWE-862 Missing Authorization	CVE-2021-4446	2024-10-16 16:15	2024-10-16	Show	GitHub Exploit DB Packet Storm