Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 21, 2026, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226241 4.3 警告 SAP - SAP NetWeaver におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5260 2013-02-15 19:04 2013-02-12 Show GitHub Exploit DB Packet Storm
226242 6.8 警告 OrangeHRM - OrangeHRM における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2011-5259 2013-02-15 18:59 2013-02-12 Show GitHub Exploit DB Packet Storm
226243 4.3 警告 OrangeHRM - OrangeHRM におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5258 2013-02-15 18:58 2013-02-12 Show GitHub Exploit DB Packet Storm
226244 4.3 警告 AppThemes - WordPress 用 Classipress テーマにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5257 2013-02-15 18:57 2011-10-7 Show GitHub Exploit DB Packet Storm
226245 2.6 注意 LimeSurvey - LimeSurvey におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2011-5256 2013-02-15 18:56 2012-02-9 Show GitHub Exploit DB Packet Storm
226246 5 警告 Joomla! - Joomla! における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-1455 2013-02-15 16:51 2013-02-4 Show GitHub Exploit DB Packet Storm
226247 2.1 注意 Bitbucket - xNBD の xnbd-server および xndb-wrapperr における任意のファイルを上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-0265 2013-02-15 16:48 2013-02-13 Show GitHub Exploit DB Packet Storm
226248 5 警告 LSIロジック株式会社 - 3DM (3ware Disk Manager) におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-0705 2013-02-15 12:00 2013-02-15 Show GitHub Exploit DB Packet Storm
226249 9.3 危険 Fabrice Bellard - Qemu の e1000 デバイスドライバにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-6075 2013-02-15 11:56 2013-02-13 Show GitHub Exploit DB Packet Storm
226250 10 危険 アドビシステムズ - Adobe Shockwave Player におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0636 2013-02-15 11:09 2013-02-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210141 2.3 LOW
Local 		hms-networks ewon_flexy_firmware
ewon_cosy_firmware 		All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the C… NVD-CWE-Other
CVE-2020-16230 2024-11-21 14:06 2020-09-19 Show GitHub Exploit DB Packet Storm
210142 6.5 MEDIUM
Adjacent 		philips clinical_collaboration_platform Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influe… - CVE-2020-16200 2024-11-21 14:06 2020-09-19 Show GitHub Exploit DB Packet Storm
210143 6.3 MEDIUM
Adjacent 		philips clinical_collaboration_platform Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. When an attacker claims to have a given identity, the software does not prove or insufficiently proves the claim is correct. - CVE-2020-16198 2024-11-21 14:06 2020-09-19 Show GitHub Exploit DB Packet Storm
210144 8.6 HIGH
Network 		1crm 1crm An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenti… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2020-15958 2024-11-21 14:06 2020-09-19 Show GitHub Exploit DB Packet Storm
210145 6.5 MEDIUM
Network 		gradle enterprise An issue was discovered in Gradle Enterprise before 2020.2.4. Because of unrestricted cross-origin requests to read-only data in the Export API, an attacker can access data as a user (for the duratio… CWE-346
 Origin Validation Error 		CVE-2020-15773 2024-11-21 14:06 2020-09-19 Show GitHub Exploit DB Packet Storm
210146 8.8 HIGH
Network 		gradle enterprise An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. The CSRF prevention token is stored in a request cookie that is not annotated as HttpOnly. An attacker with the ability to execute arbi… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-15776 2024-11-21 14:06 2020-09-18 Show GitHub Exploit DB Packet Storm
210147 7.5 HIGH
Network 		gradle enterprise An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. The /usage page of Gradle Enterprise conveys high level build information such as project names and build counts over time. This page i… CWE-922
 Insecure Storage of Sensitive Information 		CVE-2020-15775 2024-11-21 14:06 2020-09-18 Show GitHub Exploit DB Packet Storm
210148 6.8 MEDIUM
Physics 		gradle enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. An attacker with physical access to the browser of a user who has recently logged in to Gradle Enterprise and since closed their browse… CWE-613
 Insufficient Session Expiration 		CVE-2020-15774 2024-11-21 14:06 2020-09-18 Show GitHub Exploit DB Packet Storm
210149 4.9 MEDIUM
Network 		gradle enterprise An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator… CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)  		CVE-2020-15772 2024-11-21 14:06 2020-09-18 Show GitHub Exploit DB Packet Storm
210150 7.5 HIGH
Network 		gradle enterprise_cache_node
enterprise 		An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1. Cross-site transmission of cookie containing CSRF token allows remote attacker to bypass CSRF mitigatio… CWE-311
Missing Encryption of Sensitive Data 		CVE-2020-15771 2024-11-21 14:06 2020-09-18 Show GitHub Exploit DB Packet Storm