Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 7, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
222551	6.8	警告	XYZScripts	-	WordPress 用 Newsletter Manager プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-6629	2014-01-21 17:03	2012-05-15	Show	GitHub Exploit DB Packet Storm

222552	4.3	警告	XYZScripts	-	WordPress 用 Newsletter Manager プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6628	2014-01-21 17:03	2012-04-20	Show	GitHub Exploit DB Packet Storm

222553	4.3	警告	XYZScripts	-	WordPress 用 Newsletter Manager プラグインの admin/test_mail.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6627	2014-01-21 17:02	2012-05-15	Show	GitHub Exploit DB Packet Storm

222554	4.3	警告	VastHTML	-	WordPress 用 ForumPress WP Forum Server プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6623	2014-01-21 17:01	2012-07-14	Show	GitHub Exploit DB Packet Storm

222555	4.3	警告	VastHTML	-	WordPress 用 ForumPress WP Forum Server プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6622	2014-01-21 17:01	2012-04-18	Show	GitHub Exploit DB Packet Storm

222556	7.5	危険	VastHTML	-	WordPress 用 ForumPress WP Forum Server プラグインにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6625	2014-01-21 16:09	2012-04-18	Show	GitHub Exploit DB Packet Storm

222557	4.3	警告	Mightymess	-	WordPress 用 SoundCloud Is Gold プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6624	2014-01-21 16:08	2012-05-15	Show	GitHub Exploit DB Packet Storm

222558	7.5	危険	Brian Cabunac	-	b2ePMS の verify-user.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-6626	2014-01-21 14:52	2012-05-11	Show	GitHub Exploit DB Packet Storm

222559	4.3	警告	Vessio	-	Vessio NetBill におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6632	2014-01-21 14:26	2012-05-11	Show	GitHub Exploit DB Packet Storm

222560	6.8	警告	Vessio	-	Vessio NetBill の accounts/admin/index.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-6631	2014-01-21 14:24	2012-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
268511	5.5	MEDIUM Local	sap	hana_sps09	SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941.	CWE-200 Information Exposure	CVE-2016-6149	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268512	7.5	HIGH Network	sap	hana	SAP HANA DB 1.00.73.00.389160 allows remote attackers to cause a denial of service (process termination) or execute arbitrary code via vectors related to an IMPORT statement, aka SAP Security Note 22…	CWE-20 Improper Input Validation	CVE-2016-6148	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268513	9.8	CRITICAL Network	sap	trex	An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.	CWE-78 OS Command	CVE-2016-6147	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268514	5.3	MEDIUM Network	sap	hana_db	The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailed_error_on_c…	CWE-200 Information Exposure	CVE-2016-6145	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268515	8.1	HIGH Network	sap	hana	The SQL interface in SAP HANA before Revision 102 does not limit the number of login attempts for the SYSTEM user when the password_lock_for_system_user is not supported or is configured as "False," …	CWE-284 Improper Access Control	CVE-2016-6144	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268516	9.8	CRITICAL Network	sap	trex	SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.	CWE-284 Improper Access Control	CVE-2016-6140	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268517	9.8	CRITICAL Network	sap	trex	SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.	NVD-CWE-noinfo	CVE-2016-6139	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268518	9.8	CRITICAL Network	sap	trex	Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.	CWE-22 Path Traversal	CVE-2016-6138	2024-11-21 11:55	2016-08-5	Show	GitHub Exploit DB Packet Storm

268519	6.2	MEDIUM Local	xen citrix	xen xenserver	Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial …	CWE-20 Improper Input Validation	CVE-2016-6259	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm

268520	8.8	HIGH Local	xen citrix	xen xenserver	The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.	CWE-284 Improper Access Control	CVE-2016-6258	2024-11-21 11:55	2016-08-3	Show	GitHub Exploit DB Packet Storm