Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230091	9.3	危険	x multimedia system	-	xmms における整数オーバーフローの脆弱性	-	CVE-2007-0653	2012-12-20 18:19	2007-03-21	Show	GitHub Exploit DB Packet Storm

230092	7.5	危険	rbl	-	Raymond BERTHOU script collection の tForum における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-0642	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230093	7.5	危険	shaffer solutions corp	-	SSC DiskAccess NFS Client の EnumPrintersA 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-0641	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230094	10	危険	Zabbix	-	ZABBIX におけるバッファオーバーフローの脆弱性	-	CVE-2007-0640	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230095	5	警告	vlad alexa mancini	-	Vlad Alexa Mancini PHPFootball の show.php における重要な情報を取得される脆弱性	-	CVE-2007-0638	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230096	7.5	危険	t-systems solutions for research gmbh	-	MyNews の include/themes/themefunc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0633	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230097	7.5	危険	x-dev	-	X-dev xNews の classes/class.news.php における SQL インジェクションの脆弱性	-	CVE-2007-0630	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230098	6.4	警告	plain black	-	Plain Black WebGUI の www_purgeList メソッドにおける許可されていないアセットを削除される脆弱性	-	CVE-2007-0629	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

230099	4.3	警告	サン・マイクロシステムズ	-	Sun Java System Access Manager におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0628	2012-12-20 18:19	2007-01-29	Show	GitHub Exploit DB Packet Storm

230100	5	警告	vlad leont	-	FD Script の download.php における特定の拡張子を伴う Web 文書ルート配下のファイルのソースを読み取られる脆弱性	-	CVE-2007-0620	2012-12-20 18:19	2007-01-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197481	9.1	CRITICAL Network	sap	businessobjects_business_intelligence_platform	Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.	CWE-306 Missing Authentication for Critical Function	CVE-2020-6294	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197482	6.5	MEDIUM Network	sap	netweaver_knowledge_management	SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files bu…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-6293	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197483	9.0	CRITICAL Network	sap	netweaver_knowledge_management	SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user's privil…	CWE-79 Cross-site Scripting	CVE-2020-6284	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197484	4.3	MEDIUM Network	sap	s\/4_hana_fiori_ui_for_general_ledger_accounting	SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attac…	CWE-862 Missing Authorization	CVE-2020-6273	2024-11-21 14:35	2020-08-12	Show	GitHub Exploit DB Packet Storm

197485	8.8	HIGH Network	frappe	erpnext	An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenti…	CWE-89 SQL Injection	CVE-2020-6145	2024-11-21 14:35	2020-08-10	Show	GitHub Exploit DB Packet Storm

197486	7.8	HIGH Local	f2fs-tools_project fedoraproject	f2fs-tools fedora	An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operation…	CWE-131 Incorrect Calculation of Buffer Size	CVE-2020-6070	2024-11-21 14:35	2020-08-10	Show	GitHub Exploit DB Packet Storm

197487	7.5	HIGH Network	freediameter	freediameter	An exploitable denial of service vulnerability exists in the freeDiameter functionality of freeDiameter 1.3.2. A specially crafted Diameter request can trigger a memory corruption resulting in denial…	CWE-787 CWE-191 Out-of-bounds Write Integer Underflow (Wrap or Wraparound)	CVE-2020-6098	2024-11-21 14:35	2020-07-29	Show	GitHub Exploit DB Packet Storm

197488	4.3	MEDIUM Network	google debian opensuse fedoraproject	chrome debian_linux leap fedora backports_sle	Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted…	NVD-CWE-Other	CVE-2020-6536	2024-11-21 14:35	2020-07-23	Show	GitHub Exploit DB Packet Storm

197489	6.1	MEDIUM Network	google opensuse debian fedoraproject	chrome backports_sle debian_linux leap fedora	Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a …	CWE-79 Cross-site Scripting	CVE-2020-6535	2024-11-21 14:35	2020-07-23	Show	GitHub Exploit DB Packet Storm

197490	8.8	HIGH Network	google opensuse debian fedoraproject	chrome backports_sle debian_linux leap fedora	Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-787 Out-of-bounds Write	CVE-2020-6534	2024-11-21 14:35	2020-07-23	Show	GitHub Exploit DB Packet Storm