Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229011	7.5	危険	XOOPS	-	Xoops における SQL インジェクションの脆弱性	-	CVE-2007-0377	2012-12-20 18:19	2007-01-19	Show	GitHub Exploit DB Packet Storm

229012	6.8	警告	VirtueMart	-	Virtuemart におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0376	2012-12-20 18:19	2007-01-19	Show	GitHub Exploit DB Packet Storm

229013	7.5	危険	phpbp	-	phpBP の index.php における upload/banners/ ファイルに任意の PHP コードを挿入される脆弱性	-	CVE-2007-0370	2012-12-20 18:19	2007-01-19	Show	GitHub Exploit DB Packet Storm

229014	7.5	危険	phpbp	-	phpBP における SQL インジェクションの脆弱性	-	CVE-2007-0369	2012-12-20 18:19	2007-01-19	Show	GitHub Exploit DB Packet Storm

229015	7.5	危険	uberghey	-	Uberghey CMS の frontpage.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0359	2012-12-20 18:19	2007-01-18	Show	GitHub Exploit DB Packet Storm

229016	6.2	警告	zonelabs	-	Microsoft Windows XP および Windows Server 2003 における権限を取得される脆弱性	-	CVE-2007-0351	2012-12-20 18:19	2007-01-18	Show	GitHub Exploit DB Packet Storm

229017	7.5	危険	sme	-	SmE FileMailer の index.php および dl.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-0350	2012-12-20 18:19	2007-01-18	Show	GitHub Exploit DB Packet Storm

229018	7.5	危険	sme	-	SmE FileMailer の index.php における SQL インジェクションの脆弱性	-	CVE-2007-0346	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

229019	6.8	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0341	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

229020	7.5	危険	thwboard	-	ThWboard の inc/header.inc.php における SQL インジェクションの脆弱性	-	CVE-2007-0340	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196961	7.5	HIGH Network	ibm	emptoris_strategic_supply_management	IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 190989.	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2020-4898	2024-11-21 14:33	2021-01-8	Show	GitHub Exploit DB Packet Storm

196962	5.3	MEDIUM Network	ibm	emptoris_contract_management emptoris_spend_analysis	IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1.0, 10.1.1, and 10.1.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is re…	CWE-209 Information Exposure Through an Error Message	CVE-2020-4897	2024-11-21 14:33	2021-01-8	Show	GitHub Exploit DB Packet Storm

196963	6.5	MEDIUM Network	ibm	emptoris_sourcing	IBM Emptoris Sourcing 10.1.0, 10.1.1, and 10.1.3 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 190987.	CWE-20 Improper Input Validation	CVE-2020-4896	2024-11-21 14:33	2021-01-8	Show	GitHub Exploit DB Packet Storm

196964	5.4	MEDIUM Network	ibm	emptoris_strategic_supply_management	IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus…	CWE-79 Cross-site Scripting	CVE-2020-4895	2024-11-21 14:33	2021-01-8	Show	GitHub Exploit DB Packet Storm

196965	5.9	MEDIUM Network	ibm	emptoris_strategic_supply_management	IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive information in HTTP GET request parameters. This may lead to information disclosure via man in the middle metho…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-4893	2024-11-21 14:33	2021-01-8	Show	GitHub Exploit DB Packet Storm

196966	5.4	MEDIUM Network	ibm	emptoris_contract_management	IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…	CWE-79 Cross-site Scripting	CVE-2020-4892	2024-11-21 14:33	2021-01-8	Show	GitHub Exploit DB Packet Storm

196967	9.1	CRITICAL Network	ibm	api_connect	IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow for data corruption due to plain text transmission of sensitive information across the network. IBM X-Fo…	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-4899	2024-11-21 14:33	2021-01-6	Show	GitHub Exploit DB Packet Storm

196968	8.8	HIGH Network	ibm	sterling_b2b_integrator	IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user to create a privileged account due to improper access co…	NVD-CWE-Other	CVE-2020-4762	2024-11-21 14:33	2021-01-6	Show	GitHub Exploit DB Packet Storm

196969	5.3	MEDIUM Network	ibm	sterling_b2b_integrator	IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical er…	CWE-209 Information Exposure Through an Error Message	CVE-2020-4761	2024-11-21 14:33	2021-01-6	Show	GitHub Exploit DB Packet Storm

196970	7.6	HIGH Physics	dell	cpg_bios	Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2020-5361	2024-11-21 14:33	2021-01-5	Show	GitHub Exploit DB Packet Storm