Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230821	5	警告	WordPress.org	-	WordPress におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0196	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230822	5	警告	WordPress.org	-	WordPress における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0195	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230823	7.5	危険	WordPress.org	-	WordPress の wp-db-backup.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0194	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230824	4.3	警告	WordPress.org	-	WordPress の wp-db-backup.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0193	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230825	4.3	警告	WordPress.org	-	WordPress におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0192	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230826	5	警告	WordPress.org	-	WordPress における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2008-0191	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230827	7.5	危険	spacial audio solutions	-	SAM Broadcaster samPHPweb の songinfo.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2008-0187	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230828	4.3	警告	phprisk	-	NetRisk の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2008-0186	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230829	6.4	警告	prenotazioni on line	-	Line System 上で稼動している Sys-Hotel における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2008-0184	2012-12-20 18:34	2008-01-9	Show	GitHub Exploit DB Packet Storm

230830	4.3	警告	Plone Foundation	-	Plone CMS におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2008-0164	2012-12-20 18:34	2008-03-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
196771	6.1	MEDIUM Network	sap	netweaver_application_server_java	SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Re…	CWE-601 Open Redirect	CVE-2021-21491	2024-11-21 14:48	2021-03-11	Show	GitHub Exploit DB Packet Storm

196772	6.5	MEDIUM Network	linuxfoundation	besu	Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. In Besu before version 1.5.1 there is a denial-of-service vulnerability involving the HTTP JSON-RPC API servic…	-	CVE-2021-21369	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196773	3.3	LOW Local	sap	3d_visual_enterprise_viewer	When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes tempora…	NVD-CWE-noinfo	CVE-2021-21493	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196774	6.5	MEDIUM Network	sap	netweaver_knowledge_management	Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controlled data without verification, leading to insecure deseriali…	CWE-502 Deserialization of Untrusted Data	CVE-2021-21488	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196775	8.8	HIGH Network	sap	payment_engine	SAP Payment Engine version 500, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.	CWE-862 Missing Authorization	CVE-2021-21487	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196776	8.8	HIGH Network	sap	enterprise_financial_services	SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, 800, does not perform necessary authorization checks for an authenticated user, resulting …	CWE-862 Missing Authorization	CVE-2021-21486	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196777	9.8	CRITICAL Network	sap	hana	LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.	CWE-863 Incorrect Authorization	CVE-2021-21484	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196778	8.8	HIGH Adjacent	sap	netweaver	The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access co…	CWE-863 Incorrect Authorization	CVE-2021-21481	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196779	8.8	HIGH Network	sap	manufacturing_integration_and_intelligence	SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacker can intercept a request to the server, inject malicious JSP code in…	CWE-94 Code Injection	CVE-2021-21480	2024-11-21 14:48	2021-03-10	Show	GitHub Exploit DB Packet Storm

196780	6.5	MEDIUM Adjacent	vagrant_project	vagrant	The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in …	-	CVE-2021-21361	2024-11-21 14:48	2021-03-9	Show	GitHub Exploit DB Packet Storm