Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
253671	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の TextXtra.x32 モジュールにおける整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2879	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

253672	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2878	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

253673	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2877	2010-09-13 15:45	2010-08-24	Show	GitHub Exploit DB Packet Storm

253674	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2876	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

253675	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2010-2875	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

253676	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-2874	2010-09-13 15:44	2010-08-24	Show	GitHub Exploit DB Packet Storm

253677	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2873	2010-09-13 15:43	2010-08-24	Show	GitHub Exploit DB Packet Storm

253678	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2872	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

253679	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の 3D オブジェクト関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-2871	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

253680	9.3	危険	アドビシステムズ	-	Adobe Shockwave Player の DIRAPIX.dll における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2010-2870	2010-09-10 15:17	2010-08-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
310231	6.5	MEDIUM Network	wp-property-hive	propertyhive	The PropertyHive plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.19. This is due to missing or incorrect nonce validation on the 'save_accou…	CWE-352 Origin Validation Error	CVE-2024-8490	2024-09-28 03:36	2024-09-17	Show	GitHub Exploit DB Packet Storm

310232	4.8	MEDIUM Network	majeedraza	carousel_slider	The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks eve…	CWE-79 Cross-site Scripting	CVE-2024-6850	2024-09-28 03:30	2024-09-13	Show	GitHub Exploit DB Packet Storm

310233	7.2	HIGH Network	nsqua	simply_schedule_appointments	The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin WordPress plugin before 1.6.7.43 does not escape template syntax provided via user input, leading to Twig Template Injec…	NVD-CWE-Other	CVE-2024-7129	2024-09-28 03:26	2024-09-13	Show	GitHub Exploit DB Packet Storm

310234	6.5	MEDIUM Network	michalaugustyniak	misiek_photo_album	The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places, which could allow attackers to make logged in users delete arbitrary albums via a CSRF attack	CWE-352 Origin Validation Error	CVE-2024-7817	2024-09-28 03:26	2024-09-12	Show	GitHub Exploit DB Packet Storm

310235	4.8	MEDIUM Network	wp-master	logo_manager_for_enamad	The Logo Manager For Enamad WordPress plugin through 0.7.1 does not sanitise and escape in its widgets settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scri…	CWE-79 Cross-site Scripting	CVE-2024-5170	2024-09-28 03:23	2024-09-17	Show	GitHub Exploit DB Packet Storm

310236	5.4	MEDIUM Network	seanschulte	vikinghammer_tweet	The Vikinghammer Tweet WordPress plugin through 0.2.4 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add…	CWE-352 Origin Validation Error	CVE-2024-8043	2024-09-28 03:22	2024-09-17	Show	GitHub Exploit DB Packet Storm

310237	5.4	MEDIUM Network	moc	special_feed_items	The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add…	CWE-352 Origin Validation Error	CVE-2024-8051	2024-09-28 03:19	2024-09-17	Show	GitHub Exploit DB Packet Storm

310238	6.1	MEDIUM Network	michalaugustyniak	misiek_photo_album	The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add…	CWE-79 Cross-site Scripting	CVE-2024-7818	2024-09-28 03:18	2024-09-12	Show	GitHub Exploit DB Packet Storm

310239	5.4	MEDIUM Network	alaingonzalez	accordion_image_menu	The Accordion Image Menu WordPress plugin through 3.1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin a…	CWE-352 Origin Validation Error	CVE-2024-8092	2024-09-28 03:17	2024-09-17	Show	GitHub Exploit DB Packet Storm

310240	6.5	MEDIUM Network	jakesnyder	enhanced_search_box	The Enhanced Search Box WordPress plugin through 0.6.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack	CWE-352 Origin Validation Error	CVE-2024-8091	2024-09-28 03:17	2024-09-17	Show	GitHub Exploit DB Packet Storm