Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
257121	4.3	警告	アップル	-	Apple Mac OS X のヘルプビューアにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1373	2010-07-8 18:27	2010-06-15	Show	GitHub Exploit DB Packet Storm

257122	3.3	注意	アップル	-	Apple Mac OS X の Folder Manager における任意のフォルダを削除される脆弱性	CWE-59 リンク解釈の問題	CVE-2010-0546	2010-07-8 18:27	2010-06-15	Show	GitHub Exploit DB Packet Storm

257123	4.4	警告	アップル	-	Apple Mac OS X の DesktopServices におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0545	2010-07-8 18:26	2010-06-15	Show	GitHub Exploit DB Packet Storm

257124	10	危険	ヒューレット・パッカード SGI IBM	-	rpc.pcnfsd の _msgout 関数における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-1039	2010-07-8 18:03	2010-05-18	Show	GitHub Exploit DB Packet Storm

257125	1.2	注意	IBM OpenBSD	-	OpenSSH における X11 転送ポートをハイジャックされる脆弱性	CWE-200 情報漏えい	CVE-2008-3259	2010-07-7 16:40	2008-07-22	Show	GitHub Exploit DB Packet Storm

257126	4.3	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail におけるユーザインターフェースを偽装される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1581	2010-07-6 19:19	2009-05-12	Show	GitHub Exploit DB Packet Storm

257127	6.8	警告	アップル SquirrelMail Project	-	SquirrelMail におけるセッション固定の脆弱性	CWE-287 不適切な認証	CVE-2009-1580	2010-07-6 19:18	2009-05-11	Show	GitHub Exploit DB Packet Storm

257128	6.8	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-1579	2010-07-6 19:18	2009-05-10	Show	GitHub Exploit DB Packet Storm

257129	4.3	警告	アップルサイバートラスト株式会社レッドハット SquirrelMail Project	-	SquirrelMail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1578	2010-07-6 19:18	2009-05-8	Show	GitHub Exploit DB Packet Storm

257130	8.5	危険	マイクロソフト	-	Microsoft IIS における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-1256	2010-07-5 17:52	2010-06-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
259421	9.8	CRITICAL Network	sap	business_intelligence_promotion_management_application	SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.	CWE-287 Improper Authentication	CVE-2017-16684	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259422	6.5	MEDIUM Network	sap	businessobjects	Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4.10 and 4.20, that could allow an attacker to prevent legitimate users from accessing a service.	NVD-CWE-noinfo	CVE-2017-16683	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259423	7.2	HIGH Network	sap	netweaver_internet_transaction_server business_application_software_integrated_solution	SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be execute…	CWE-94 Code Injection	CVE-2017-16682	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259424	6.1	MEDIUM Network	sap	business_intelligence_promotion_management_application	Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded.	CWE-79 Cross-site Scripting	CVE-2017-16681	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259425	6.1	MEDIUM Network	sap	sap_kernel	URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45…	CWE-601 Open Redirect	CVE-2017-16679	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259426	4.7	MEDIUM Network	sap	netweaver_knowledge_management_configuration_service epbc2 epbc kmc-bc	Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attack…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2017-16678	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259427	6.5	MEDIUM Network	sap	business_application_software_integrated_solution	SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verific…	CWE-20 Improper Input Validation	CVE-2017-16691	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259428	7.8	HIGH Local	sap	plant_connectivity	A malicious DLL preload attack possible on NwSapSetup and Installation self-extracting program for SAP Plant Connectivity 2.3 and 15.0. It is possible that SAPSetup / NwSapSetup.exe loads system DLLs…	CWE-426 Untrusted Search Path	CVE-2017-16690	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259429	7.5	HIGH Network	sap	hana_extended_application_services	Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1) Certain HTTP/REST endpoints of controller service are missing user input validation which could al…	CWE-74 Injection	CVE-2017-16680	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm

259430	6.1	MEDIUM Network	phoenixcontact	fl_comserver_basic_232_firmware fl_comserver_uni_422_firmware fl_comserver_bas_485-t_firmware fl_com_server_rs232_firmware fl_com_server_rs485_firmware psi-modem\/eth_firmware fl_co…	A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SER…	CWE-79 Cross-site Scripting	CVE-2017-16723	2024-11-21 12:16	2017-12-12	Show	GitHub Exploit DB Packet Storm