Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
254021 10 危険 アップル
VMware
サン・マイクロシステムズ		 - Sun Java SE の Provider クラスにおける詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2009-2723 2010-01-4 14:55 2009-08-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
266481 6.1 MEDIUM
Network 		neuvoo neuvoo-jobroll The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. CWE-79
Cross-site Scripting 		CVE-2015-9404 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266482 6.1 MEDIUM
Network 		neuvoo neuvoo-jobroll The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. CWE-79
Cross-site Scripting 		CVE-2015-9403 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266483 8.8 HIGH
Network 		usersultra users_ultra_membership The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2015-9402 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266484 4.8 MEDIUM
Network 		websimon-tables_project websimon-tables The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS. CWE-79
Cross-site Scripting 		CVE-2015-9401 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266485 8.8 HIGH
Network 		typomedia wordpress_meta_robots The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection. CWE-89
SQL Injection 		CVE-2015-9400 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266486 7.2 HIGH
Network 		trivetechnology wp-stats-dashboard The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection. CWE-89
SQL Injection 		CVE-2015-9399 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266487 8.8 HIGH
Network 		webmaster-source gocodes The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. CWE-89
SQL Injection 		CVE-2015-9398 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266488 5.4 MEDIUM
Network 		webmaster-source gocodes The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS. CWE-79
Cross-site Scripting 		CVE-2015-9397 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266489 6.1 MEDIUM
Network 		attosoft auto_thickbox_plus The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS. CWE-79
Cross-site Scripting 		CVE-2015-9396 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm
266490 8.8 HIGH
Network 		usersultra users_ultra_membership The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. CWE-89
SQL Injection 		CVE-2015-9395 2024-11-21 11:40 2019-09-21 Show GitHub Exploit DB Packet Storm