Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
225751	7.5	危険	taskfreak	-	TaskFreak! Original マルチユーザの include/classes/tzn_user.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1521	2012-12-20 19:29	2010-06-30	Show	GitHub Exploit DB Packet Storm

225752	4.3	警告	taskfreak	-	TaskFreak! Original multi user の logout.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1520	2012-12-20 19:29	2010-06-30	Show	GitHub Exploit DB Packet Storm

225753	9.3	危険	SWFTools	-	SWFTools における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2010-1516	2012-12-20 19:29	2010-08-17	Show	GitHub Exploit DB Packet Storm

225754	2.6	注意	tomatocms	-	TomatoCMS の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1515	2012-12-20 19:29	2010-06-15	Show	GitHub Exploit DB Packet Storm

225755	6	警告	tomatocms	-	TomatoCMS における任意の PHP コードを実行される脆弱性	CWE-Other その他	CVE-2010-1514	2012-12-20 19:29	2010-06-15	Show	GitHub Exploit DB Packet Storm

225756	4.3	警告	tatsuhiro tsujikawa	-	aria2 におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-1512	2012-12-20 19:29	2010-05-17	Show	GitHub Exploit DB Packet Storm

225757	3.5	注意	PmWiki	-	PmWiki の table 機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1481	2012-12-20 19:29	2010-05-12	Show	GitHub Exploit DB Packet Storm

225758	7.5	危険	rockettheme	-	Joomla! 用の Rokmodule コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1480	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

225759	7.5	危険	rockettheme	-	Joomla! 用の Rokmodule コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1479	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

225760	6.8	警告	ternaria	-	Joomla! 用の Ternaria Informatica jfeedback! コンポーネントにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-1478	2012-12-20 19:29	2010-04-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198001	8.1	HIGH Network	sap	marketing	SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain functions that are restricted. Limited knowledge of payload is required for an attacker to exploit the…	NVD-CWE-noinfo	CVE-2020-6320	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198002	4.3	MEDIUM Network	sap	3d_visual_enterprise_viewer	SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavail…	CWE-20 Improper Input Validation	CVE-2020-6314	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198003	6.5	MEDIUM Network	sap	netweaver_application_server_java	SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store ma…	CWE-79 CWE-116 Cross-site Scripting Improper Encoding or Escaping of Output	CVE-2020-6313	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198004	8.1	HIGH Network	sap	commerce	SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL when the application is loaded initially. An attacker can get this session ID via shoulder surfing or …	NVD-CWE-noinfo	CVE-2020-6302	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198005	7.2	HIGH Network	sap	abap_platform	A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) and ABAP Platform (> release 7.40).Because of this, an attacker can exploit these products via Code…	CWE-94 Code Injection	CVE-2020-6318	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198006	5.4	MEDIUM Network	sap	businessobjects_business_intelligence_platform	SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page pro…	CWE-79 Cross-site Scripting	CVE-2020-6312	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198007	5.3	MEDIUM Network	sap	businessobjects_business_intelligence_platform	SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) allows an attacker with edit document rights to upload any file (including script files) without proper file form…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-6288	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198008	6.1	MEDIUM Network	sap	fiori_launchpad	SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in re…	CWE-79 Cross-site Scripting	CVE-2020-6283	2024-11-21 14:35	2020-09-9	Show	GitHub Exploit DB Packet Storm

198009	7.8	HIGH Local	accusoft	imagegear	A code execution vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause an out-of-bounds write. An attacker can…	CWE-787 Out-of-bounds Write	CVE-2020-6152	2024-11-21 14:35	2020-09-2	Show	GitHub Exploit DB Packet Storm

198010	9.8	CRITICAL Network	accusoft	imagegear	A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacke…	CWE-787 CWE-704 Out-of-bounds Write Incorrect Type Conversion or Cast	CVE-2020-6151	2024-11-21 14:35	2020-09-2	Show	GitHub Exploit DB Packet Storm