Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254301	7.5	危険	VMware	-	複数の VMware 製品の WebAccess におけるリクエストの発信元を偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2010-0686	2010-04-21 17:53	2010-03-29	Show	GitHub Exploit DB Packet Storm

254302	4.3	警告	VMware	-	複数の VMware 製品の WebAccess におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1137	2010-04-21 17:51	2010-03-29	Show	GitHub Exploit DB Packet Storm

254303	4.6	警告	GNU Project サイバートラスト株式会社レッドハット	-	GNU Automake の dist または distcheck ルールにおけるコンテンツを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2009-4029	2010-04-21 17:51	2009-12-20	Show	GitHub Exploit DB Packet Storm

254304	5	警告	Linux レッドハット	-	Linux kernel の virtio-net ドライバにおけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0741	2010-04-21 17:48	2010-03-30	Show	GitHub Exploit DB Packet Storm

254305	6.9	警告	mielke レッドハット	-	brltty の libbrlttybba.so における権限昇格の脆弱性	CWE-264 CWE-Other	CVE-2008-3279	2010-04-21 17:47	2010-03-30	Show	GitHub Exploit DB Packet Storm

254306	4.3	警告	Mozilla Foundation	-	Mozilla Firefox/SeaMonkey におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2010-0181	2010-04-20 16:42	2010-03-30	Show	GitHub Exploit DB Packet Storm

254307	5.8	警告	サイボウズ	-	複数のサイボウズ製品におけるアクセス制限に関する脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2029	2010-04-20 12:01	2010-04-20	Show	GitHub Exploit DB Packet Storm

254308	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer の Tabular Data Control ActiveX コントロールにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0805	2010-04-19 19:20	2010-03-30	Show	GitHub Exploit DB Packet Storm

254309	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2010-0491	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

254310	4.3	警告	マイクロソフト	-	Microsoft Internet Explorer における同一生成元ポリシーを回避される脆弱性	CWE-200 情報漏えい	CVE-2010-0494	2010-04-19 19:19	2010-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
304761	7.5	HIGH Network	-	-	A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-se…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2020-25720	2024-11-19 02:11	2024-11-17	Show	GitHub Exploit DB Packet Storm

304762	-		-	-	The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.15.6 due to insufficie…	CWE-89 SQL Injection	CVE-2024-9887	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304763	6.4	MEDIUM Network	-	-	The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization …	CWE-80 Basic XSS	CVE-2024-10592	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304764	7.5	HIGH Network	-	-	The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the us…	CWE-89 SQL Injection	CVE-2024-10645	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304765	4.3	MEDIUM Network	-	-	The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, …	CWE-862 Missing Authorization	CVE-2024-10614	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304766	8.8	HIGH Network	-	-	The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_re…	CWE-862 Missing Authorization	CVE-2024-10728	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304767	6.1	MEDIUM Network	-	-	The Bounce Handler MailPoet 3 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.3.21 due to insufficient input sani…	CWE-79 Cross-site Scripting	CVE-2024-9938	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304768	6.4	MEDIUM Network	-	-	The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output e…	CWE-79 Cross-site Scripting	CVE-2024-9850	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304769	-		-	-	The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 0.3.5.…	CWE-79 Cross-site Scripting	CVE-2024-9615	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm

304770	6.4	MEDIUM Network	-	-	The Exclusive Divi – Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.4 du…	CWE-79 Cross-site Scripting	CVE-2024-9386	2024-11-19 02:11	2024-11-16	Show	GitHub Exploit DB Packet Storm