Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 4:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
255371	7.8	危険	サイバートラスト株式会社 Avahi レッドハット	-	Avahi の originates_from_local_legacy_unicast_socket 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2009-0758	2010-08-10 18:49	2009-03-3	Show	GitHub Exploit DB Packet Storm

255372	6.8	警告	サン・マイクロシステムズ 68k.org	-	audiofile の msadpcm.c におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2008-5824	2010-08-10 18:49	2009-01-2	Show	GitHub Exploit DB Packet Storm

255373	2.4	注意	オラクル	-	Oracle Sun Java System Application Server および Oracle GlassFish Enterprise Server の GUI における脆弱性	CWE-noinfo 情報不足	CVE-2010-2397	2010-08-9 16:49	2010-07-13	Show	GitHub Exploit DB Packet Storm

255374	3	注意	オラクル	-	Oracle Solaris Studio における脆弱性	CWE-noinfo 情報不足	CVE-2010-2374	2010-08-9 16:49	2010-07-13	Show	GitHub Exploit DB Packet Storm

255375	4.3	警告	オラクル	-	Oracle OpenSSO Enterprise における脆弱性	CWE-noinfo 情報不足	CVE-2009-3762	2010-08-9 16:49	2010-07-13	Show	GitHub Exploit DB Packet Storm

255376	4.3	警告	オラクル	-	Oracle OpenSSO Enterprise の OpenSSO コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3764	2010-08-9 16:48	2010-07-13	Show	GitHub Exploit DB Packet Storm

255377	4.3	警告	オラクル	-	Oracle OpenSSO Enterprise の Access Manager / OpenSSO コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2009-3763	2010-08-9 16:48	2010-07-13	Show	GitHub Exploit DB Packet Storm

255378	5	警告	オラクル	-	Oracle Sun Convergence における脆弱性	CWE-noinfo 情報不足	CVE-2010-0914	2010-08-9 16:48	2010-07-13	Show	GitHub Exploit DB Packet Storm

255379	5.8	警告	オラクル	-	Oracle Sun Java System Web Proxy Server の管理サーバにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-2385	2010-08-9 16:48	2010-07-13	Show	GitHub Exploit DB Packet Storm

255380	2.1	注意	オラクル	-	Oracle PeopleSoft and JDEdwards Suite の PeopleSoft Enterprise Campus Solutions コンポーネントにおける脆弱性	CWE-noinfo 情報不足	CVE-2010-2403	2010-08-6 18:29	2010-07-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
270151	6.5	MEDIUM Network	doc4design	multicons	The multicons plugin before 3.0 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=multicons%2Fmulticons.php global_url or admin_url parameter.	CWE-352 Origin Validation Error	CVE-2015-9424	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270152	5.4	MEDIUM Network	simplysymphony	plugnedit	The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit…	CWE-79 Cross-site Scripting	CVE-2015-9423	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270153	6.5	MEDIUM Network	simplysymphony	plugnedit	The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, …	CWE-352 Origin Validation Error	CVE-2015-9422	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270154	6.5	MEDIUM Network	olevmedia	olevmedia_shortcodes	The olevmedia-shortcodes plugin before 1.1.9 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=omsc_popup id parameter.	CWE-352 Origin Validation Error	CVE-2015-9421	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270155	6.1	MEDIUM Network	mightymess	soundcloud_is_gold	The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter.	CWE-79 Cross-site Scripting	CVE-2015-9420	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270156	6.1	MEDIUM Network	captain-slider_project	captain-slider	The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section.	CWE-79 Cross-site Scripting	CVE-2015-9419	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270157	4.3	MEDIUM Network	kibokolabs	watupro	The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.	CWE-352 Origin Validation Error	CVE-2015-9418	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270158	6.5	MEDIUM Network	slidervilla	testimonial_slider	The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS.	CWE-352 Origin Validation Error	CVE-2015-9417	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270159	6.1	MEDIUM Network	onthegosystems	sitepress-multilingual-cms	The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.	CWE-79 Cross-site Scripting	CVE-2015-9416	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm

270160	7.5	HIGH Network	angrycreative	bj_lazy_load	The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion.	CWE-20 Improper Input Validation	CVE-2015-9415	2024-11-21 11:40	2019-09-26	Show	GitHub Exploit DB Packet Storm