Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249021 4.3 警告 BraveNewCode
WordPress.org		 - WordPress の WPtouch プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4779 2012-03-27 18:42 2011-04-7 Show GitHub Exploit DB Packet Storm
249022 4.3 警告 Horde - Horde Groupware Webmail Edition のfetchmailprefs.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4778 2012-03-27 18:42 2011-04-4 Show GitHub Exploit DB Packet Storm
249023 7.5 危険 PreProject.com - PreProjects Pre Online Tests Generator Pro の takefreestart.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4776 2012-03-27 18:42 2011-03-23 Show GitHub Exploit DB Packet Storm
249024 7.5 危険 AuraCMS - AuraCMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4774 2012-03-27 18:42 2011-03-23 Show GitHub Exploit DB Packet Storm
249025 4.3 警告 matteoiammarrone - S-CMS の blocks/lang.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4772 2012-03-27 18:42 2011-03-23 Show GitHub Exploit DB Packet Storm
249026 4 警告 IBM - IBM Tivoli Directory Server (TDS) のプロキシサーバ実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4789 2012-03-27 18:42 2010-10-29 Show GitHub Exploit DB Packet Storm
249027 4 警告 IBM - IBM TDS におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4788 2012-03-27 18:42 2010-02-10 Show GitHub Exploit DB Packet Storm
249028 4 警告 IBM - IBM TDS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4787 2012-03-27 18:42 2010-06-9 Show GitHub Exploit DB Packet Storm
249029 4 警告 IBM - IBM TDS におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4786 2012-03-27 18:42 2010-04-23 Show GitHub Exploit DB Packet Storm
249030 4 警告 IBM - IBM TDS の do_extendedOp 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2010-4785 2012-03-27 18:42 2010-01-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199031 7.8 HIGH
Local 		sap 3d_visual_enterprise_viewer SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavaila… CWE-20
CWE-787
 Improper Input Validation 
 Out-of-bounds Write 		CVE-2020-6372 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199032 4.3 MEDIUM
Network 		sap netweaver_application_server_abap User enumeration vulnerability can be exploited to get a list of user accounts and personal user information can be exposed in SAP NetWeaver Application Server ABAP (POWL test application) versions -… NVD-CWE-noinfo
CVE-2020-6371 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199033 5.4 MEDIUM
Network 		sap business_planning_and_consolidation SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without authorizat… CWE-79
Cross-site Scripting 		CVE-2020-6368 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199034 10.0 CRITICAL
Network 		sap introscope_enterprise_manager SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentia… CWE-78
OS Command  		CVE-2020-6364 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199035 4.6 MEDIUM
Network 		sap commerce_cloud SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several web applications that maintain sessions with a user. These sessions are established after the user has authenticated with userna… CWE-613
 Insufficient Session Expiration 		CVE-2020-6363 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199036 6.1 MEDIUM
Network 		sap netweaver_enterprise_portal SAP NetWeaver Enterprise Portal (Fiori Framework Page) versions - 7.50, 7.31, 7.40, does not sufficiently encode user-controlled inputs and allows an attacker on a valid session to create an XSS that… CWE-79
Cross-site Scripting 		CVE-2020-6323 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199037 6.1 MEDIUM
Network 		sap netweaver_application_server_java SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different sy… CWE-79
Cross-site Scripting 		CVE-2020-6319 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199038 5.4 MEDIUM
Network 		sap commerce_cloud SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not sufficiently encode user inputs, which allows an authenticated and authorized content manager to inject malicious script into several we… CWE-79
Cross-site Scripting 		CVE-2020-6272 2024-11-21 14:35 2020-10-15 Show GitHub Exploit DB Packet Storm
199039 7.5 HIGH
Network 		rockwellautomation allen-bradley_flex_io_1794-aent\/b_firmware An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of… CWE-120
Classic Buffer Overflow 		CVE-2020-6083 2024-11-21 14:35 2020-10-14 Show GitHub Exploit DB Packet Storm
199040 7.5 HIGH
Network 		rockwellautomation flex_i\/o_1794-aent\/b_firmware An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of… CWE-120
Classic Buffer Overflow 		CVE-2020-6087 2024-11-21 14:35 2020-10-14 Show GitHub Exploit DB Packet Storm