Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
256591 7.5 危険 Google - Google Chrome の Safe Browsing 機能におけるサービス運用妨害 (ヒープメモリ破損) の脆弱性 CWE-399
リソース管理の問題
CVE-2011-3925 2012-01-25 16:07 2012-01-23 Show GitHub Exploit DB Packet Storm
256592 4.3 警告 SimpleSAMLphp - SimpleSAMLphp の modules/core/www/no_cookie.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-0040 2012-01-25 14:16 2012-01-24 Show GitHub Exploit DB Packet Storm
256593 7.5 危険 Stoneware - Stoneware webNetwork における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2012-0912 2012-01-25 14:15 2012-01-23 Show GitHub Exploit DB Packet Storm
256594 6.8 警告 Stoneware - Stoneware webNetwork におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2012-0286 2012-01-25 14:14 2012-01-23 Show GitHub Exploit DB Packet Storm
256595 4.3 警告 Stoneware - Stoneware webNetwork におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-0285 2012-01-25 14:13 2012-01-23 Show GitHub Exploit DB Packet Storm
256596 5.8 警告 NeoAxis - NeoAxis web player におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2012-0907 2012-01-25 11:24 2012-01-20 Show GitHub Exploit DB Packet Storm
256597 7.5 危険 deV!L'z Clanportal - deV!L'z Clanportal (DZCP) の Moviebase アドオンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2012-0906 2012-01-25 11:00 2012-01-20 Show GitHub Exploit DB Packet Storm
256598 7.5 危険 deV!L'z Clanportal - deV!L'z Clanportal (DZCP) の Gamebase アドオンにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2012-0905 2012-01-25 10:57 2012-01-20 Show GitHub Exploit DB Packet Storm
256599 4.3 警告 VideoLAN - VLC media player におけるサービス運用妨害 (クラッシュ) の脆弱性 CWE-399
リソース管理の問題
CVE-2012-0904 2012-01-25 10:54 2012-01-20 Show GitHub Exploit DB Packet Storm
256600 4.3 警告 VMware - VMware Zimbra Desktop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-0903 2012-01-25 10:51 2012-01-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
277541 6.1 MEDIUM
Network
elfsight instalinker The instalinker plugin before 1.1.2 for WordPress has includes/instalinker-admin-preview.php?client_id= XSS. CWE-79
Cross-site Scripting
CVE-2016-11005 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277542 8.8 HIGH
Network
elegantthemes monarch The Elegant Themes Monarch plugin before 1.2.7 for WordPress has privilege escalation. CWE-269
 Improper Privilege Management
CVE-2016-11004 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277543 8.8 HIGH
Network
elegantthemes monarch The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation. CWE-269
 Improper Privilege Management
CVE-2016-11003 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277544 8.8 HIGH
Network
elegantthemes extra The Elegant Themes Extra theme before 1.2.4 for WordPress has privilege escalation. CWE-269
 Improper Privilege Management
CVE-2016-11002 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277545 6.1 MEDIUM
Network
plugin-planet user_submitted_posts The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field. CWE-79
Cross-site Scripting
CVE-2016-11001 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277546 9.8 CRITICAL
Network
smackcoders ultimate_exporter The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter. CWE-89
SQL Injection
CVE-2016-11000 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277547 6.1 MEDIUM
Network
momizat goodnews The Goodnews theme through 2016-02-28 for WordPress has XSS via the s parameter. CWE-79
Cross-site Scripting
CVE-2016-10999 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277548 6.1 MEDIUM
Network
ocimscripts ocim-mp3 The ocim-mp3 plugin through 2016-03-07 for WordPress has wp-content/plugins/ocim-mp3/source/pages.php?id= XSS. CWE-79
Cross-site Scripting
CVE-2016-10998 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277549 6.5 MEDIUM
Network
yourinspirationweb beauty-premium The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php. CWE-352
 Origin Validation Error
CVE-2016-10997 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm
277550 5.3 MEDIUM
Network
optinmonster optinmonster The optinmonster plugin before 1.1.4.6 for WordPress has incorrect access control for shortcodes because of a nonce leak. CWE-863
 Incorrect Authorization
CVE-2016-10996 2024-11-21 11:45 2019-09-21 Show GitHub Exploit DB Packet Storm