Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225001	5.5	警告	日立	-	JP1/IT Desktop Management - Manager および Hitachi IT Operations Director における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4697	2013-08-2 18:15	2013-07-29	Show	GitHub Exploit DB Packet Storm

225002	5.8	警告	シマンテック	-	Symantec Web Gateway アプライアンスの管理コンソールにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2013-4673	2013-08-2 17:58	2013-07-25	Show	GitHub Exploit DB Packet Storm

225003	7.2	危険	シマンテック	-	Symantec Web Gateway アプライアンスの管理コンソールにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-4672	2013-08-2 17:57	2013-07-25	Show	GitHub Exploit DB Packet Storm

225004	6	警告	シマンテック	-	Symantec Web Gateway アプライアンスの管理コンソールにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-4671	2013-08-2 17:57	2013-07-25	Show	GitHub Exploit DB Packet Storm

225005	4.3	警告	シマンテック	-	Symantec Web Gateway アプライアンスの管理コンソールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-4670	2013-08-2 17:56	2013-07-25	Show	GitHub Exploit DB Packet Storm

225006	7.4	危険	シマンテック	-	Symantec Web Gateway アプライアンスの管理コンソールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2013-1617	2013-08-2 17:55	2013-07-25	Show	GitHub Exploit DB Packet Storm

225007	8.3	危険	シマンテック	-	Symantec Web Gateway アプライアンスの管理コンソールにおける任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2013-1616	2013-08-2 17:55	2013-07-25	Show	GitHub Exploit DB Packet Storm

225008	6.4	警告	IBM	-	IBM WebSphere Commerce における REST リクエストを発行される脆弱性	CWE-20 不適切な入力確認	CVE-2013-2994	2013-08-2 17:54	2013-07-26	Show	GitHub Exploit DB Packet Storm

225009	5.8	警告	IBM	-	IBM WebSphere Commerce におけるリクエストを発行される脆弱性	CWE-287 不適切な認証	CVE-2013-2993	2013-08-2 17:53	2013-07-30	Show	GitHub Exploit DB Packet Storm

225010	9.3	危険	General Electric Company	-	GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY および Proficy Process Systems with CIMPLICITY におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-2785	2013-08-2 16:20	2013-06-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200201	8.8	HIGH Network	tibco oracle	jasperreports_library jasperreports_server retail_order_broker	The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS M…	CWE-79 Cross-site Scripting	CVE-2020-9410	2024-11-21 14:40	2020-05-20	Show	GitHub Exploit DB Packet Storm

200202	9.8	CRITICAL Network	tibco oracle	jasperreports_server retail_order_broker	The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vul…	CWE-276 Incorrect Default Permissions	CVE-2020-9409	2024-11-21 14:40	2020-05-20	Show	GitHub Exploit DB Packet Storm

200203	5.4	MEDIUM Network	microfocus	enterprise_developer enterprise_server	Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8. The vulnerability could allow an attacker to …	CWE-79 Cross-site Scripting	CVE-2020-9524	2024-11-21 14:40	2020-05-18	Show	GitHub Exploit DB Packet Storm

200204	9.8	CRITICAL Network	dahuasecurity	sd6al_firmware sd5a_firmware sd1a_firmware ptz1a_firmware sd50_firmware sd52c_firmware ipc-hx5842h_firmware ipc-hx7842h_firmware ipc-hx2xxx_firmware ipc-hxxx5x4x_firmware	Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packe…	CWE-330 Use of Insufficiently Random Values	CVE-2020-9502	2024-11-21 14:40	2020-05-14	Show	GitHub Exploit DB Packet Storm

200205	5.5	MEDIUM Local	dahuasecurity	web_p2p	Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may …	NVD-CWE-noinfo	CVE-2020-9501	2024-11-21 14:40	2020-05-14	Show	GitHub Exploit DB Packet Storm

200206	7.5	HIGH Network	oracle	iplanet_web_server	PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read…	CWE-306 Missing Authentication for Critical Function	CVE-2020-9315	2024-11-21 14:40	2020-05-11	Show	GitHub Exploit DB Packet Storm

200207	4.8	MEDIUM Network	oracle	iplanet_web_server	PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists b…	CWE-79 Cross-site Scripting	CVE-2020-9314	2024-11-21 14:40	2020-05-11	Show	GitHub Exploit DB Packet Storm

200208	7.0	HIGH Local	siedle	sg_150-0_firmware	The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows local privilege escalation via a race condition in logrotate. By using an exploit chain, an attacker with access to the network can g…	CWE-362 Race Condition	CVE-2020-9475	2024-11-21 14:40	2020-05-8	Show	GitHub Exploit DB Packet Storm

200209	8.8	HIGH Network	siedle	sg_150-0_firmware	The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the net…	CWE-494 Download of Code Without Integrity Check	CVE-2020-9474	2024-11-21 14:40	2020-05-8	Show	GitHub Exploit DB Packet Storm

200210	7.5	HIGH Network	huawei	oceanstor_5310_firmware	Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the i…	CWE-763 Release of Invalid Pointer or Reference	CVE-2020-9098	2024-11-21 14:40	2020-05-1	Show	GitHub Exploit DB Packet Storm