Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228421	7.5	危険	webmastersite	-	WSN Guest の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0672	2012-12-20 19:28	2010-02-22	Show	GitHub Exploit DB Packet Storm

228422	5	警告	xs4all	-	JAG における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0665	2012-12-20 19:28	2010-02-19	Show	GitHub Exploit DB Packet Storm

228423	7.5	危険	flex project	-	Fast Lexical Analyzer Generator における脆弱性	CWE-noinfo 情報不足	CVE-2010-0634	2012-12-20 19:28	2010-02-12	Show	GitHub Exploit DB Packet Storm

228424	7.5	危険	webguerilla	-	Joomla! 用の Photoblog コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0610	2012-12-20 19:28	2010-02-11	Show	GitHub Exploit DB Packet Storm

228425	4.3	警告	sterlitetechnologies	-	Sterlite SAM300 AX Router の Forms/status_statistics_1 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0607	2012-12-20 19:28	2010-02-11	Show	GitHub Exploit DB Packet Storm

228426	7.5	危険	サン・マイクロシステムズ	-	Oracle OpenSolaris のデフォルト設定における脆弱性	CWE-16 環境設定	CVE-2010-0559	2012-12-20 19:28	2010-01-25	Show	GitHub Exploit DB Packet Storm

228427	7.5	危険	サン・マイクロシステムズ	-	Oracle OpenSolaris のデフォルト設定における脆弱性	CWE-16 環境設定	CVE-2010-0558	2012-12-20 19:28	2010-01-25	Show	GitHub Exploit DB Packet Storm

228428	5	警告	Xerox	-	Xerox WorkCentre 6400 System Software および Net Controller の Network Controller における "ディレクトリ構造" へアクセスされる脆弱性	CWE-200 情報漏えい	CVE-2010-0549	2012-12-20 19:28	2010-01-22	Show	GitHub Exploit DB Packet Storm

228429	5	警告	Xerox	-	Xerox WorkCentre 5632 などにおけるメールボックスへアクセスされる脆弱性	CWE-200 情報漏えい	CVE-2010-0548	2012-12-20 19:28	2010-01-22	Show	GitHub Exploit DB Packet Storm

228430	4.3	警告	SugarCRM	-	SugarCRM のオンライン Documents 機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0465	2012-12-20 19:28	2010-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
216391	4.9	MEDIUM Physics	baxter	prismaflex_firmware prismax_firmware	Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service password that provides access to biomedical information, device settings, calibr…	CWE-798 Use of Hard-coded Credentials	CVE-2020-12035	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216392	9.1	CRITICAL Network	baxter	em2400_firmware em1200_firmware	Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-12032	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216393	6.1	MEDIUM Physics	baxter	em2400_firmware em1200_firmware	Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical acce…	NVD-CWE-Other	CVE-2020-12024	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216394	6.1	MEDIUM Local	baxter	em2400_firmware em1200_firmware	Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non administrative users from gaining access to the operating system and editi…	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2020-12020	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216395	9.8	CRITICAL Network	baxter	em2400_firmware em1200_firmware	Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 a…	CWE-798 Use of Hard-coded Credentials	CVE-2020-12016	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216396	7.5	HIGH Network	baxter	em2400_firmware em1200_firmware	Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an att…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-12008	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216397	6.1	MEDIUM Physics	baxter	em2400_firmware em1200_firmware	Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, an…	CWE-798 Use of Hard-coded Credentials	CVE-2020-12012	2024-11-21 13:59	2020-06-29	Show	GitHub Exploit DB Packet Storm

216398	7.5	HIGH Network	apache canonical oracle opensuse debian netapp	tomcat ubuntu_linux workload_manager siebel_ui_framework mysql_enterprise_monitor leap debian_linux oncommand_system_manager	A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient …	NVD-CWE-noinfo	CVE-2020-11996	2024-11-21 13:59	2020-06-27	Show	GitHub Exploit DB Packet Storm

216399	8.8	HIGH Adjacent	rockwellautomation	factorytalk_services_platform	In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent a…	CWE-20 Improper Input Validation	CVE-2020-12033	2024-11-21 13:59	2020-06-24	Show	GitHub Exploit DB Packet Storm

216400	9.0	CRITICAL Network	osisoft	pi_web_api	In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitr…	CWE-79 Cross-site Scripting	CVE-2020-12021	2024-11-21 13:59	2020-06-24	Show	GitHub Exploit DB Packet Storm