Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251981	7.5	危険	Vtiger	-	vTiger CRM の Calendar モジュールにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-4559	2011-11-30 16:22	2011-11-28	Show	GitHub Exploit DB Packet Storm

251982	4.3	警告	Contao	-	Contao におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4335	2011-11-29 16:28	2011-11-28	Show	GitHub Exploit DB Packet Storm

251983	4.3	警告	Dolibarr ERP & CRM	-	Dolibarr におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4329	2011-11-29 16:27	2011-11-8	Show	GitHub Exploit DB Packet Storm

251984	4.3	警告	Ruby on Rails project	-	Ruby on Rails におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4319	2011-11-29 16:26	2011-11-28	Show	GitHub Exploit DB Packet Storm

251985	4.3	警告	Combodo	-	Combodo iTop におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-4275	2011-11-29 16:23	2011-11-26	Show	GitHub Exploit DB Packet Storm

251986	9.3	危険	SunPlus Electronics	-	DVR Remote ActiveX コントロールの DVRemoteAx.ax における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-3828	2011-11-29 16:22	2011-11-26	Show	GitHub Exploit DB Packet Storm

251987	6.8	警告	IBM	-	IBM TS3100 および TS3200 テープ・ライブラリにおける認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2011-1372	2011-11-29 16:15	2011-11-23	Show	GitHub Exploit DB Packet Storm

251988	1.9	注意	ヒューレット・パッカード IBM	-	IBM WebSphere MQ における listener プロセス強制終了の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1378	2011-11-29 16:14	2011-11-26	Show	GitHub Exploit DB Packet Storm

251989	5	警告	シスコシステムズ	-	Cisco Secure Access Control System における任意のユーザのパスワードを変更される脆弱性	CWE-255 証明書・パスワード管理	CVE-2011-0951	2011-11-29 10:38	2011-03-30	Show	GitHub Exploit DB Packet Storm

251990	5	警告	シスコシステムズ	-	Cisco Network Access Control Guest Server におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-0963	2011-11-29 10:37	2011-03-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254961	7.2	HIGH Network	sap	netweaver_internet_transaction_server business_application_software_integrated_solution	SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be execute…	CWE-94 Code Injection	CVE-2017-16682	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254962	6.1	MEDIUM Network	sap	business_intelligence_promotion_management_application	Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded.	CWE-79 Cross-site Scripting	CVE-2017-16681	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254963	6.1	MEDIUM Network	sap	sap_kernel	URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45…	CWE-601 Open Redirect	CVE-2017-16679	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254964	4.7	MEDIUM Network	sap	netweaver_knowledge_management_configuration_service epbc2 epbc kmc-bc	Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attack…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-16678	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254965	6.5	MEDIUM Network	sap	business_application_software_integrated_solution	SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verific…	CWE-20 Improper Input Validation	CVE-2017-16691	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254966	7.8	HIGH Local	sap	plant_connectivity	A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs…	CWE-426 Untrusted Search Path	CVE-2017-16690	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254967	7.5	HIGH Network	sap	hana_extended_application_services	Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1) Certain HTTP/REST endpoints of controller service are missing user input validation which could al…	CWE-74 Injection	CVE-2017-16680	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254968	6.1	MEDIUM Network	phoenixcontact	fl_comserver_basic_232_firmware fl_comserver_uni_422_firmware fl_comserver_bas_485-t_firmware fl_com_server_rs232_firmware fl_com_server_rs485_firmware psi-modem\/eth_firmware fl_co…	A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SER…	CWE-79 Cross-site Scripting	CVE-2017-16723	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

254969	4.8	MEDIUM Network	integrationmatters tibco	njams businessworks_process_monitor	Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authent…	CWE-79 Cross-site Scripting	CVE-2017-16789	2024-11-21 12:16	2017-12-11	Show	GitHub Exploit DB Packet Storm

254970	7.5	HIGH Network	amag	en-1dbc_firmware std_firmware en-2dbc_firmware	Incorrect access control in AMAG Symmetry Door Edge Network Controllers (EN-1DBC Boot App 23611 03.60 and STD App 23603 03.60; EN-2DBC Boot App 24451 01.00 and STD App 2461 01.00) enables remote atta…	CWE-306 Missing Authentication for Critical Function	CVE-2017-16241	2024-11-21 12:16	2017-12-10	Show	GitHub Exploit DB Packet Storm