Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 17, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230831	7.5	危険	phpbp	-	phpBP の index.php における upload/banners/ ファイルに任意の PHP コードを挿入される脆弱性	-	CVE-2007-0370	2012-12-20 18:19	2007-01-19	Show	GitHub Exploit DB Packet Storm

230832	7.5	危険	phpbp	-	phpBP における SQL インジェクションの脆弱性	-	CVE-2007-0369	2012-12-20 18:19	2007-01-19	Show	GitHub Exploit DB Packet Storm

230833	7.5	危険	uberghey	-	Uberghey CMS の frontpage.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-0359	2012-12-20 18:19	2007-01-18	Show	GitHub Exploit DB Packet Storm

230834	6.2	警告	zonelabs	-	Microsoft Windows XP および Windows Server 2003 における権限を取得される脆弱性	-	CVE-2007-0351	2012-12-20 18:19	2007-01-18	Show	GitHub Exploit DB Packet Storm

230835	7.5	危険	sme	-	SmE FileMailer の index.php および dl.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-0350	2012-12-20 18:19	2007-01-18	Show	GitHub Exploit DB Packet Storm

230836	7.5	危険	sme	-	SmE FileMailer の index.php における SQL インジェクションの脆弱性	-	CVE-2007-0346	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

230837	6.8	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-0341	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

230838	7.5	危険	thwboard	-	ThWboard の inc/header.inc.php における SQL インジェクションの脆弱性	-	CVE-2007-0340	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

230839	7.5	危険	scriptme	-	Scriptme SMe FileMailer の index.php における SQL インジェクションの脆弱性	-	CVE-2007-0339	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

230840	4.4	警告	rixstep	-	Rixstep Undercover の Undercover.app/Contents/Resources/uc における任意のファイルを上書きされる脆弱性	-	CVE-2007-0336	2012-12-20 18:19	2007-01-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 17, 2026, 4:15 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199291	5.4	MEDIUM Network	sap	businessobjects_business_intelligence_platform	Web Intelligence HTML interface in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)…	CWE-79 Cross-site Scripting	CVE-2020-6221	2024-11-21 14:35	2020-04-15	Show	GitHub Exploit DB Packet Storm

199292	8.8	HIGH Network	sap	businessobjects_business_intelligence_platform crystal_reports_for_visual_studio	SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform…	CWE-502 Deserialization of Untrusted Data	CVE-2020-6219	2024-11-21 14:35	2020-04-15	Show	GitHub Exploit DB Packet Storm

199293	5.0	MEDIUM Network	sap	businessobjects_business_intelligence_platform	Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to access information that should otherwise be restricted, leading to Infor…	NVD-CWE-noinfo	CVE-2020-6218	2024-11-21 14:35	2020-04-15	Show	GitHub Exploit DB Packet Storm

199294	6.1	MEDIUM Network	sap	businessobjects_business_intelligence_platform	SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability.	CWE-79 Cross-site Scripting	CVE-2020-6216	2024-11-21 14:35	2020-04-15	Show	GitHub Exploit DB Packet Storm

199295	4.7	MEDIUM Network	sap	s\/4hana	SAP S/4HANA (Financial Products Subledger), version 100, uses an incorrect authorization object in some reports. Although the affected reports are protected with other authorization objects, exploita…	CWE-863 Incorrect Authorization	CVE-2020-6214	2024-11-21 14:35	2020-04-15	Show	GitHub Exploit DB Packet Storm

199296	6.5	MEDIUM Network	google debian fedoraproject opensuse	chrome debian_linux fedora leap backports	Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.	CWE-276 Incorrect Default Permissions	CVE-2020-6456	2024-11-21 14:35	2020-04-14	Show	GitHub Exploit DB Packet Storm

199297	8.8	HIGH Network	google debian fedoraproject opensuse	chrome debian_linux fedora leap backports	Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-125 Out-of-bounds Read	CVE-2020-6455	2024-11-21 14:35	2020-04-14	Show	GitHub Exploit DB Packet Storm

199298	8.8	HIGH Network	google fedoraproject debian opensuse	chrome fedora debian_linux leap backports_sle	Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chro…	CWE-416 Use After Free	CVE-2020-6454	2024-11-21 14:35	2020-04-14	Show	GitHub Exploit DB Packet Storm

199299	8.8	HIGH Network	google fedoraproject opensuse	chrome fedora leap backports	Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-787 Out-of-bounds Write	CVE-2020-6452	2024-11-21 14:35	2020-04-14	Show	GitHub Exploit DB Packet Storm

199300	8.8	HIGH Network	google fedoraproject opensuse	chrome fedora leap backports_sle	Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CWE-416 Use After Free	CVE-2020-6451	2024-11-21 14:35	2020-04-14	Show	GitHub Exploit DB Packet Storm