Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
250301 6.8 警告 ApPHP - ApPHP Calendar の calendar.class.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2010-4881 2012-01-19 10:33 2011-10-7 Show GitHub Exploit DB Packet Storm
250302 4.3 警告 ApPHP - ApPHP Calendar の calendar.class.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4880 2012-01-19 10:33 2011-10-7 Show GitHub Exploit DB Packet Storm
250303 7.5 危険 Hinnendahl - Kontakt Formular の formmailer.php における任意の PHP コードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2010-4878 2012-01-19 10:32 2011-10-7 Show GitHub Exploit DB Packet Storm
250304 4.3 警告 InsaneVisions - OneCMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4877 2012-01-19 10:31 2011-10-7 Show GitHub Exploit DB Packet Storm
250305 7.5 危険 got milk - mBlogger の viewpost.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4876 2012-01-19 10:30 2011-10-7 Show GitHub Exploit DB Packet Storm
250306 4.3 警告 Xondie - WordPress 用 Vodpod Video Gallery プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4875 2012-01-19 10:30 2011-10-7 Show GitHub Exploit DB Packet Storm
250307 4.3 警告 NinkoBB - NinkoBB の users.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4874 2012-01-19 10:28 2011-10-7 Show GitHub Exploit DB Packet Storm
250308 4.3 警告 WeBid Support - WeBid におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-4873 2012-01-19 10:27 2011-10-7 Show GitHub Exploit DB Packet Storm
250309 7.5 危険 PilotCart - ASPilot Pilot Cart の newsroom.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-4872 2012-01-19 10:27 2011-10-7 Show GitHub Exploit DB Packet Storm
250310 10 危険 SmartSoft - SmartFTP における詳細不明な脆弱性 CWE-noinfo
情報不足 		CVE-2010-4871 2012-01-19 10:26 2011-10-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197021 7.8 HIGH
Local 		eaton intelligent_power_manager Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted reque… CWE-269
 Improper Privilege Management 		CVE-2020-6652 2024-11-21 14:36 2020-05-8 Show GitHub Exploit DB Packet Storm
197022 7.3 HIGH
Local 		eaton intelligent_power_manager Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code e… CWE-20
CWE-78
 Improper Input Validation 
OS Command  		CVE-2020-6651 2024-11-21 14:36 2020-05-8 Show GitHub Exploit DB Packet Storm
197023 5.5 MEDIUM
Local 		ledger monero A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app … CWE-327
 Use of a Broken or Risky Cryptographic Algorithm 		CVE-2020-6861 2024-11-21 14:36 2020-05-6 Show GitHub Exploit DB Packet Storm
197024 5.5 MEDIUM
Local 		zte zenic_one_r22b ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2020-6867 2024-11-21 14:36 2020-05-1 Show GitHub Exploit DB Packet Storm
197025 4.9 MEDIUM
Network 		zte zxctn_6500_firmware A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit this vulnerability to cause a denial of service by issuing a specific command. This affects: ZXCTN 65… NVD-CWE-noinfo
CVE-2020-6866 2024-11-21 14:36 2020-05-1 Show GitHub Exploit DB Packet Storm
197026 6.5 MEDIUM
Network 		zte oscp ZTE SDN controller platform is impacted by an information leakage vulnerability. Due to the program's failure to optimize the response of failure to the request, the caller can directly view the inte… CWE-200
Information Exposure 		CVE-2020-6865 2024-11-21 14:36 2020-05-1 Show GitHub Exploit DB Packet Storm
197027 9.8 CRITICAL
Network 		hpe smart_update_manager A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vul… NVD-CWE-noinfo
CVE-2020-7136 2024-11-21 14:36 2020-05-1 Show GitHub Exploit DB Packet Storm
197028 6.1 MEDIUM
Network 		mailbeez mailbeez Cross-site scripting (XSS) vulnerability in mailhive/cloudbeez/cloudloader.php and mailhive/cloudbeez/cloudloader_core.php in the MailBeez plugin for ZenCart before 3.9.22 allows remote attackers to … CWE-79
Cross-site Scripting 		CVE-2020-6579 2024-11-21 14:36 2020-04-30 Show GitHub Exploit DB Packet Storm
197029 7.5 HIGH
Network 		php
tenable
oracle
debian 		php
tenable.sc
communications_diameter_signaling_router
debian_linux 		In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocate… CWE-125
Out-of-bounds Read 		CVE-2020-7067 2024-11-21 14:36 2020-04-28 Show GitHub Exploit DB Packet Storm
197030 7.8 HIGH
Local 		hp service_pack_for_proliant A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable softwa… NVD-CWE-noinfo
CVE-2020-7135 2024-11-21 14:36 2020-04-28 Show GitHub Exploit DB Packet Storm