Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
256361 6.9 警告 アップル
サイバートラスト株式会社
The Perl Foundation
レッドハット		 - Perl の rmtree 関数における任意の setuid バイナリを作成される脆弱性 CWE-362
競合状態 		CVE-2008-5302 2010-06-30 18:16 2008-12-1 Show GitHub Exploit DB Packet Storm
256362 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1419 2010-06-29 16:59 2010-06-10 Show GitHub Exploit DB Packet Storm
256363 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1412 2010-06-25 18:51 2010-06-10 Show GitHub Exploit DB Packet Storm
256364 9.3 危険 アップル - Apple Safari の WebKit における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1749 2010-06-24 15:38 2010-06-10 Show GitHub Exploit DB Packet Storm
256365 7.8 危険 日立 - JP1/ServerConductor/Deployment Manager における不正にシャットダウンまたはリブートを実行する脆弱性 CWE-noinfo
情報不足 		- 2010-06-22 17:28 2010-06-4 Show GitHub Exploit DB Packet Storm
256366 6.8 警告 pon software - Explzh におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-2434 2010-06-22 14:01 2010-06-22 Show GitHub Exploit DB Packet Storm
256367 4.3 警告 アップル - Apple Safari の WebKit における任意のファイルを読まれる脆弱性 CWE-200
情報漏えい 		CVE-2010-1388 2010-06-21 16:56 2010-06-10 Show GitHub Exploit DB Packet Storm
256368 9.3 危険 アップル - Apple Safari における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1750 2010-06-18 18:21 2010-06-10 Show GitHub Exploit DB Packet Storm
256369 9.3 危険 アップル - Apple Safari における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2010-1385 2010-06-18 18:20 2010-06-10 Show GitHub Exploit DB Packet Storm
256370 9.3 危険 OpenOffice.org Project
レッドハット		 - OpenOffice.org における任意の Python コードを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-0395 2010-06-17 18:34 2010-06-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
309241 9.8 CRITICAL
Network 		- - The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks… CWE-22
Path Traversal 		CVE-2024-10470 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309242 5.3 MEDIUM
Network 		- - The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes i… CWE-200
Information Exposure 		CVE-2024-8756 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309243 6.4 MEDIUM
Network 		- - The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5 via the ce_get_file() function. This makes it possible for authenticated att… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-10814 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309244 4.3 MEDIUM
Network 		- - The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.3 via the 'elementor-template' shortcode due to insufficient restrictions on which … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10770 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309245 4.3 MEDIUM
Network 		- - The Countdown Timer block – Display the event's date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the [ctb] shortcode … CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2024-10669 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309246 - - - The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1.5 via the [csb] shortcode due to insufficient restrictions on which posts… - CVE-2024-10667 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309247 6.1 MEDIUM
Network 		- - The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate esca… CWE-79
Cross-site Scripting 		CVE-2024-9226 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309248 8.8 HIGH
Network 		- - The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the th_shop_mania_install_and_activate_callback() function in al… CWE-862
 Missing Authorization 		CVE-2024-10674 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309249 8.8 HIGH
Network 		- - The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the top_store_install_and_activate_callback() function in all versio… CWE-862
 Missing Authorization 		CVE-2024-10673 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm
309250 9.8 CRITICAL
Network 		- - The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-10627 2024-11-12 22:56 2024-11-9 Show GitHub Exploit DB Packet Storm