Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227231 6.4 警告 socialengine - Social Engine におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2007-6581 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
227232 7.5 危険 wallpaper - Wallpaper Site における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6580 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
227233 10 危険 Xfce - Xfce の Widget Library におけるメモリ二重解放の脆弱性 CWE-119
バッファエラー 		CVE-2007-6532 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
227234 5 警告 Xfce - Xfce の Panel コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2007-6531 2012-12-20 18:34 2008-01-9 Show GitHub Exploit DB Packet Storm
227235 7.5 危険 zeak.net - PHP ZLink の go.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6578 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
227236 7.5 危険 zsuite - zBlog の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-6577 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
227237 7.8 危険 qksoft - QK SMTP Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2007-6573 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
227238 4.3 警告 サン・マイクロシステムズ - Windows 上で稼動している Sun Java System Web Proxy Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6571 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
227239 4.3 警告 サン・マイクロシステムズ - Sun Java System Web Proxy Server の View URL Database 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2007-6570 2012-12-20 18:34 2007-12-21 Show GitHub Exploit DB Packet Storm
227240 7.5 危険 xzeroscripts - XZero Community Classifieds の config.inc.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-6568 2012-12-20 18:34 2007-12-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199471 6.5 MEDIUM
Network 		jfrog artifactory Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to t… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2164 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199472 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column h… CWE-79
Cross-site Scripting 		CVE-2020-2163 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199473 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2162 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199474 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored X… CWE-79
Cross-site Scripting 		CVE-2020-2161 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199475 8.8 HIGH
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL. CWE-352
 Origin Validation Error 		CVE-2020-2160 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199476 8.8 HIGH
Network 		jenkins cryptomove Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. CWE-78
OS Command  		CVE-2020-2159 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199477 8.8 HIGH
Network 		jenkins literate Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-2158 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199478 4.3 MEDIUM
Network 		jenkins skytap_cloud_ci Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2157 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199479 4.3 MEDIUM
Network 		jenkins deployhub Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2156 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199480 5.3 MEDIUM
Network 		jenkins openshift_deployer Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2155 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm