Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228291	6.8	警告	tweakfs	-	FSX 用の Create and Extract Zips TweakFS Zip Utility におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-1458	2012-12-20 19:29	2010-04-20	Show	GitHub Exploit DB Packet Storm

228292	4.3	警告	Piwik	-	Piwik の Login フォームにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1453	2012-12-20 19:29	2010-04-15	Show	GitHub Exploit DB Packet Storm

228293	5	警告	レッドハット	-	Red Hat JBoss Enterprise Application Platform における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1429	2012-12-20 19:29	2010-04-27	Show	GitHub Exploit DB Packet Storm

228294	4.3	警告	PreProject.com	-	Pre Classified Listings ASP の signup.asp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1371	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

228295	7.5	危険	PreProject.com	-	Pre Classified Listings ASP の detailad.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1370	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

228296	7.5	危険	PreProject.com	-	Pre Classified Listings ASP の signup.asp における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1369	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

228297	4.3	警告	Uiga	-	Uiga Fan Club の admin/admin_login.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-1367	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

228298	7.5	危険	Uiga	-	Uiga Fan Club の admin/admin_login.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1366	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

228299	7.5	危険	Uiga	-	Uiga Fan Club の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1365	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

228300	7.5	危険	Uiga	-	Uiga Personal Portal の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-1364	2012-12-20 19:29	2010-04-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
207611	5.3	MEDIUM Network	jenkins	repository_connector	Jenkins Repository Connector Plugin 1.2.6 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-2149	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207612	4.3	MEDIUM Network	jenkins	mac	A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.	CWE-863 Incorrect Authorization	CVE-2020-2148	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207613	4.3	MEDIUM Network	jenkins	mac	A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.	CWE-352 Origin Validation Error	CVE-2020-2147	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207614	7.4	HIGH Network	jenkins	mac	Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.	CWE-347 Improper Verification of Cryptographic Signature	CVE-2020-2146	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207615	5.5	MEDIUM Local	jenkins	zephyr_enterprise_test_management	Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system.	CWE-522 Insufficiently Protected Credentials	CVE-2020-2145	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207616	7.1	HIGH Network	jenkins	rundeck	Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.	CWE-611 XXE	CVE-2020-2144	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207617	5.3	MEDIUM Network	jenkins	logstash	Jenkins Logstash Plugin 2.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-2143	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207618	4.3	MEDIUM Network	jenkins	p4	A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds.	CWE-862 Missing Authorization	CVE-2020-2142	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207619	4.3	MEDIUM Network	jenkins	p4	A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce.	CWE-352 Origin Validation Error	CVE-2020-2141	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm

207620	6.1	MEDIUM Network	jenkins	audit_trail	Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.	CWE-79 Cross-site Scripting	CVE-2020-2140	2024-11-21 14:24	2020-03-10	Show	GitHub Exploit DB Packet Storm