Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257461	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2010-3940	2011-01-14 15:55	2010-12-14	Show	GitHub Exploit DB Packet Storm

257462	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内にある win32k.sys におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-3939	2011-01-14 15:53	2010-12-14	Show	GitHub Exploit DB Packet Storm

257463	9.3	危険	マイクロソフト	-	Microsoft Windows の Internet Connection Signup Wizard における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3144	2011-01-14 15:49	2010-12-14	Show	GitHub Exploit DB Packet Storm

257464	9.3	危険	マイクロソフト	-	Windows Address Book の wab.exe における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3147	2011-01-14 15:47	2010-12-14	Show	GitHub Exploit DB Packet Storm

257465	6.9	警告	マイクロソフト	-	Microsoft Windows における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3966	2011-01-14 15:42	2010-12-14	Show	GitHub Exploit DB Packet Storm

257466	6.9	警告	マイクロソフト	-	Windows Media Encoder における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3965	2011-01-14 15:39	2010-12-14	Show	GitHub Exploit DB Packet Storm

257467	6.9	警告	マイクロソフト	-	Microsoft Windows Movie Maker における権限昇格の脆弱性	CWE-Other その他	CVE-2010-3967	2011-01-14 15:36	2010-12-14	Show	GitHub Exploit DB Packet Storm

257468	7.2	危険	マイクロソフト	-	Microsoft Windows の Windows Task Scheduler における権限昇格の脆弱性	CWE-20 不適切な入力確認	CVE-2010-3338	2011-01-14 15:31	2010-12-14	Show	GitHub Exploit DB Packet Storm

257469	6.9	警告	マイクロソフト	-	Microsoft Windows の OpenType Font ドライバにおける権限昇格の脆弱性	CWE-94 コード・インジェクション	CVE-2010-3959	2011-01-14 15:27	2010-12-14	Show	GitHub Exploit DB Packet Storm

257470	5	警告	アップルサイバートラスト株式会社 OpenLDAP Foundation ターボリナックス VMware レッドハット	-	OpenLDAP の IA5StringNormalize 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0212	2011-01-14 14:45	2010-06-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276561	7.2	HIGH Network	awesome_filterable_portfolio_project	awesome_filterable_portfolio	The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter.	CWE-89 SQL Injection	CVE-2015-9462	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

276562	7.2	HIGH Network	brinidesigner	awesome_filterable_portfolio	The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.	CWE-89 SQL Injection	CVE-2015-9461	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

276563	8.8	HIGH Network	pinpoint	pinpoint_booking_system	The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter.	CWE-89 SQL Injection	CVE-2015-9460	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

276564	6.1	MEDIUM Network	seo_searchterms_tagging_2_project	seo_searchterms_tagging_2	The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter.	CWE-79 Cross-site Scripting	CVE-2015-9459	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

276565	7.2	HIGH Network	seo_searchterms_tagging_2_project	seo_searchterms_tagging_2	The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.	CWE-89 SQL Injection	CVE-2015-9458	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

276566	7.2	HIGH Network	caseproof	pretty_link	The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter.	CWE-89 SQL Injection	CVE-2015-9457	2024-11-21 11:40	2019-10-11	Show	GitHub Exploit DB Packet Storm

276567	6.5	MEDIUM Network	orbisius	child_theme_creator	The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=sav…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2015-9456	2024-11-21 11:40	2019-10-8	Show	GitHub Exploit DB Packet Storm

276568	8.1	HIGH Network	incsub	buddypress-activity-plus	The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action.	CWE-352 Origin Validation Error	CVE-2015-9455	2024-11-21 11:40	2019-10-8	Show	GitHub Exploit DB Packet Storm

276569	8.8	HIGH Network	slidervilla	smooth_slider	The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter.	CWE-89 SQL Injection	CVE-2015-9454	2024-11-21 11:40	2019-10-8	Show	GitHub Exploit DB Packet Storm

276570	6.1	MEDIUM Network	k-78	broken_link_manager	The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent header to a URL that does not exist.	CWE-79 Cross-site Scripting	CVE-2015-9453	2024-11-21 11:40	2019-10-8	Show	GitHub Exploit DB Packet Storm