Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227321 10 危険 sweetphp - TotalCalendar の view_event.php における SQL インジェクションの脆弱性 - CVE-2007-3515 2012-12-20 18:19 2007-07-3 Show GitHub Exploit DB Packet Storm
227322 7.5 危険 シマンテック - Windows Servers 用の Symantec Backup Exec におけるヒープベースのバッファオーバーフローの脆弱性 - CVE-2007-3509 2012-12-20 18:19 2007-07-11 Show GitHub Exploit DB Packet Storm
227323 6.4 警告 qt-cute - QuickTalk フォーラムにおけるディレクトリトラバーサルの脆弱性 - CVE-2007-3505 2012-12-20 18:19 2007-07-2 Show GitHub Exploit DB Packet Storm
227324 10 危険 xeforum - Xeweb XEForum における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2007-3500 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
227325 6.4 警告 slackroll - SlackRoll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-3499 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
227326 4.3 警告 SAP - SAP NetWeaver Nw04 の BC-WD-JAV におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3496 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
227327 4.3 警告 SAP - SAP Basis コンポーネントの BC-MID-ICF におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3495 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
227328 7.5 危険 Progress Software Corporation - Progress Software OpenEdge の _mprosrv におけるバッファオーバーフローの脆弱性 - CVE-2007-3491 2012-12-20 18:19 2007-06-29 Show GitHub Exploit DB Packet Storm
227329 4.3 警告 Yandex - Yandex Server におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3485 2012-12-20 18:19 2007-06-28 Show GitHub Exploit DB Packet Storm
227330 10 危険 BlackBerry - Research in Motion BlackBerry Enterprise Server におけるマルウェアを読み込む脆弱性 - CVE-2007-3483 2012-12-20 18:19 2007-06-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199471 6.5 MEDIUM
Network 		jfrog artifactory Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to t… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2164 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199472 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column h… CWE-79
Cross-site Scripting 		CVE-2020-2163 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199473 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2162 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199474 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored X… CWE-79
Cross-site Scripting 		CVE-2020-2161 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199475 8.8 HIGH
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL. CWE-352
 Origin Validation Error 		CVE-2020-2160 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
199476 8.8 HIGH
Network 		jenkins cryptomove Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. CWE-78
OS Command  		CVE-2020-2159 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199477 8.8 HIGH
Network 		jenkins literate Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-2158 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199478 4.3 MEDIUM
Network 		jenkins skytap_cloud_ci Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2157 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199479 4.3 MEDIUM
Network 		jenkins deployhub Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2156 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
199480 5.3 MEDIUM
Network 		jenkins openshift_deployer Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2155 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm