Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249151 10 危険 IBM - IBM Rational ClearQuest における .ocx ファイルに関する処理に不備がある脆弱性 CWE-noinfo
情報不足 		CVE-2010-4601 2012-03-27 18:42 2009-11-2 Show GitHub Exploit DB Packet Storm
249152 4.3 警告 Mozilla Foundation - Bugzilla の chart.cgi における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4572 2012-03-27 18:42 2011-01-28 Show GitHub Exploit DB Packet Storm
249153 4.3 警告 Mozilla Foundation - Bugzilla の duplicate-detection 機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4570 2012-03-27 18:42 2011-01-28 Show GitHub Exploit DB Packet Storm
249154 4.3 警告 Mozilla Foundation - Bugzilla におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4569 2012-03-27 18:42 2011-01-28 Show GitHub Exploit DB Packet Storm
249155 7.5 危険 Mozilla Foundation - Bugzilla における任意のアカウントにアクセスされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-4568 2012-03-27 18:42 2011-01-28 Show GitHub Exploit DB Packet Storm
249156 4.3 警告 Mozilla Foundation - Bugzilla におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4567 2012-03-27 18:42 2011-01-28 Show GitHub Exploit DB Packet Storm
249157 4.3 警告 SquirrelMail Project - SquirrelMail におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4555 2012-03-27 18:42 2011-07-11 Show GitHub Exploit DB Packet Storm
249158 4.3 警告 SquirrelMail Project - SquirrelMail の functions/page_header.php におけるクリックジャック攻撃を誘発する脆弱性 CWE-20
不適切な入力確認 		CVE-2010-4554 2012-03-27 18:42 2011-07-12 Show GitHub Exploit DB Packet Storm
249159 9.3 危険 Opera Software ASA - Opera における詳細不明の脆弱性 CWE-DesignError
CVE-2010-4587 2012-03-27 18:42 2010-12-16 Show GitHub Exploit DB Packet Storm
249160 10 危険 Opera Software ASA - Opera のデフォルト設定における脆弱性 CWE-16
環境設定 		CVE-2010-4586 2012-03-27 18:42 2010-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199331 9.3 CRITICAL
Network 		sap commerce_cloud SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and a… CWE-611
XXE 		CVE-2020-6238 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199332 7.5 HIGH
Network 		sap businessobjects_business_intelligence_platform Under certain conditions, SAP Business Objects Business Intelligence Platform, version 4.1, 4.2, dswsbobje web application allows an attacker to access information which would otherwise be restricted… NVD-CWE-noinfo
CVE-2020-6237 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199333 7.2 HIGH
Network 		sap landscape_management
adaptive_extensions 		SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to change ownership and permissions (including S-user ID bit s-bit) of … CWE-269
 Improper Privilege Management 		CVE-2020-6236 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199334 8.6 HIGH
Network 		sap solution_manager SAP Solution Manager (Diagnostics Agent), version 7.2, does not perform the authentication check for the functionalities of the Collector Simulator, leading to Missing Authentication. CWE-306
Missing Authentication for Critical Function 		CVE-2020-6235 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199335 7.2 HIGH
Network 		sap host_agent SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation. NVD-CWE-noinfo
CVE-2020-6234 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199336 4.3 MEDIUM
Network 		sap s\/4hana_financial_products_subledger
banking_services_from_sap 		SAP S/4 HANA (Financial Products Subledger and Banking Services), versions - FSAPPL 400, 450, 500 and S4FPSL 100, allows an authenticated user to run an analysis report due to Missing Authorization C… CWE-862
 Missing Authorization 		CVE-2020-6233 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199337 5.3 MEDIUM
Network 		sap commerce_cloud SAP Commerce, versions 1811, 1905, does not perform necessary authorization checks for an anonymous user, due to Missing Authorization Check. This affects confidentiality of secure media. CWE-862
 Missing Authorization 		CVE-2020-6232 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199338 5.4 MEDIUM
Network 		sap businessobjects_business_intelligence_platform SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulner… CWE-79
Cross-site Scripting 		CVE-2020-6231 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199339 7.2 HIGH
Network 		sap orientdb SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could … NVD-CWE-noinfo
CVE-2020-6230 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm
199340 6.1 MEDIUM
Network 		sap netweaver_as_abap_business_server_pages SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME), versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not sufficiently encode user con… CWE-79
Cross-site Scripting 		CVE-2020-6229 2024-11-21 14:35 2020-04-15 Show GitHub Exploit DB Packet Storm