Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
249891	4.3	警告	Mechbunny	-	PaysiteReviewCMS におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-4909	2012-02-28 10:36	2011-10-8	Show	GitHub Exploit DB Packet Storm

249892	7.5	危険	Virtue Netz	-	Virtue Shopping Mall の detail.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-4908	2012-02-28 10:35	2011-10-8	Show	GitHub Exploit DB Packet Storm

249893	4.3	警告	Powie	-	Powie pFile の pfile/kommentar.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1211	2012-02-27 17:12	2012-02-24	Show	GitHub Exploit DB Packet Storm

249894	4.3	警告	Apache Software Foundation	-	Apache HTTP Server の mod_proxy モジュールにおけるイントラネットサーバにリクエストを送信される脆弱性	CWE-20 不適切な入力確認	CVE-2011-3639	2012-02-27 17:01	2011-10-25	Show	GitHub Exploit DB Packet Storm

249895	4.3	警告	Zimbra	-	Zimbra Web Client の zimbra/h/calendar におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1213	2012-02-27 16:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

249896	4.3	警告	SMW+	-	Semantic Enterprise Wiki の smwfOnSfSetTargetName 関数におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1212	2012-02-27 16:47	2012-02-24	Show	GitHub Exploit DB Packet Storm

249897	7.5	危険	Powie	-	Powie pFile の pfile/file.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-1210	2012-02-27 15:51	2012-02-24	Show	GitHub Exploit DB Packet Storm

249898	4.3	警告	Fork CMS	-	Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1209	2012-02-27 15:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

249899	4.3	警告	Fork CMS	-	Fork CMS の backend/core/engine/base.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1208	2012-02-27 15:48	2012-02-24	Show	GitHub Exploit DB Packet Storm

249900	5	警告	Fork CMS	-	Fork CMS の frontend/core/engine/javascript.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1207	2012-02-27 15:41	2012-02-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 14, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197261	5.5	MEDIUM Local	schneider-electric	ecostruxure_operator_terminal_expert	A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and…	CWE-22 Path Traversal	CVE-2020-7495	2024-11-21 14:37	2020-06-17	Show	GitHub Exploit DB Packet Storm

197262	7.8	HIGH Local	schneider-electric	ecostruxure_operator_terminal_expert	A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as V…	CWE-22 Path Traversal	CVE-2020-7494	2024-11-21 14:37	2020-06-17	Show	GitHub Exploit DB Packet Storm

197263	7.8	HIGH Local	schneider-electric	ecostruxure_operator_terminal_expert	A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly know…	CWE-89 SQL Injection	CVE-2020-7493	2024-11-21 14:37	2020-06-17	Show	GitHub Exploit DB Packet Storm

197264	6.5	MEDIUM Network	schneider-electric	gp-pro_ex_firmware	A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not…	CWE-521 Weak Password Requirements	CVE-2020-7492	2024-11-21 14:37	2020-06-17	Show	GitHub Exploit DB Packet Storm

197265	9.1	CRITICAL Network	siemens	logo\!_8_bm_firmware	A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). The vulnerability could lead to an attacker reading and modifying the device configuration and obtain project…	-	CVE-2020-7589	2024-11-21 14:37	2020-06-11	Show	GitHub Exploit DB Packet Storm

197266	9.8	CRITICAL Network	cd-messenger_project	cd-messenger	cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the `color` argument executed by the `eval` function resulting in code execution.	CWE-94 Code Injection	CVE-2020-7675	2024-11-21 14:37	2020-06-11	Show	GitHub Exploit DB Packet Storm

197267	9.8	CRITICAL Network	access-policy_project	access-policy	access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the `template` function is executed by the `eval` function resulting in code execution.	CWE-94 Code Injection	CVE-2020-7674	2024-11-21 14:37	2020-06-11	Show	GitHub Exploit DB Packet Storm

197268	9.8	CRITICAL Network	node-extend_project	node-extend	node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `…	CWE-94 Code Injection	CVE-2020-7673	2024-11-21 14:37	2020-06-11	Show	GitHub Exploit DB Packet Storm

197269	7.8	HIGH Local	siemens	simatic_pcs_7 simatic_step_7 sinamics_starter simatic_process_device_manager	A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All version…	-	CVE-2020-7586	2024-11-21 14:37	2020-06-11	Show	GitHub Exploit DB Packet Storm

197270	7.8	HIGH Local	siemens	simatic_pcs_7 simatic_step_7 sinamics_starter simatic_process_device_manager	A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All version…	-	CVE-2020-7585	2024-11-21 14:37	2020-06-11	Show	GitHub Exploit DB Packet Storm