Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
227221	7.5	危険	W-Agora	-	w-Agora の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6647	2012-12-20 18:34	2008-01-4	Show	GitHub Exploit DB Packet Storm

227222	6.8	警告	xml2owl	-	xml2owl の showCode.php における任意のコマンドを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2007-6632	2012-12-20 18:34	2008-01-3	Show	GitHub Exploit DB Packet Storm

227223	6.8	警告	pnphpbb	-	PNphpBB2 の printview.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6624	2012-12-20 18:34	2008-01-3	Show	GitHub Exploit DB Packet Storm

227224	5	警告	zeuscms	-	ZeusCMS における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6623	2012-12-20 18:34	2008-01-3	Show	GitHub Exploit DB Packet Storm

227225	7.5	危険	zeuscms	-	ZeusCMS の security.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6622	2012-12-20 18:34	2008-01-3	Show	GitHub Exploit DB Packet Storm

227226	4.3	警告	simpleforum	-	SimpleForum の simpleforum.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6616	2012-12-20 18:34	2008-01-3	Show	GitHub Exploit DB Packet Storm

227227	5.8	警告	skyfex	-	SkyFex Client の SkyFexClient.ocx におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6605	2012-12-20 18:34	2007-12-31	Show	GitHub Exploit DB Packet Storm

227228	5	警告	xcms	-	XCMS の index.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-6604	2012-12-20 18:34	2007-12-31	Show	GitHub Exploit DB Packet Storm

227229	4.3	警告	phpcredo	-	PHCDownload におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6588	2012-12-20 18:34	2007-12-28	Show	GitHub Exploit DB Packet Storm

227230	7.5	危険	Plogger Project	-	Plogger の plog-rss.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-6587	2012-12-20 18:34	2007-11-3	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
199471	6.5	MEDIUM Network	jfrog	artifactory	Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to t…	CWE-522 Insufficiently Protected Credentials	CVE-2020-2164	2024-11-21 14:24	2020-03-26	Show	GitHub Exploit DB Packet Storm

199472	5.4	MEDIUM Network	jenkins	jenkins	Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column h…	CWE-79 Cross-site Scripting	CVE-2020-2163	2024-11-21 14:24	2020-03-26	Show	GitHub Exploit DB Packet Storm

199473	5.4	MEDIUM Network	jenkins	jenkins	Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.	CWE-79 Cross-site Scripting	CVE-2020-2162	2024-11-21 14:24	2020-03-26	Show	GitHub Exploit DB Packet Storm

199474	5.4	MEDIUM Network	jenkins	jenkins	Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored X…	CWE-79 Cross-site Scripting	CVE-2020-2161	2024-11-21 14:24	2020-03-26	Show	GitHub Exploit DB Packet Storm

199475	8.8	HIGH Network	jenkins	jenkins	Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.	CWE-352 Origin Validation Error	CVE-2020-2160	2024-11-21 14:24	2020-03-26	Show	GitHub Exploit DB Packet Storm

199476	8.8	HIGH Network	jenkins	cryptomove	Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins.	CWE-78 OS Command	CVE-2020-2159	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

199477	8.8	HIGH Network	jenkins	literate	Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.	CWE-502 Deserialization of Untrusted Data	CVE-2020-2158	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

199478	4.3	MEDIUM Network	jenkins	skytap_cloud_ci	Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-2157	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

199479	4.3	MEDIUM Network	jenkins	deployhub	Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-2156	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

199480	5.3	MEDIUM Network	jenkins	openshift_deployer	Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-2155	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm