Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228401 10 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の SNMP Agent における脆弱性 - CVE-2006-6470 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
228402 5.8 警告 Xerox - Xerox WorkCentre および WorkCentre Pro における脆弱性 - CVE-2006-6469 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
228403 5.8 警告 Xerox - Xerox WorkCentre および WorkCentre Pro における脆弱性 - CVE-2006-6468 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
228404 5.8 警告 Xerox - Xerox WorkCentre および WorkCentre Pro におけるディレクトリのアクセス権を取得される脆弱性 - CVE-2006-6467 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
228405 6.8 警告 wikyblog - WikyBlog の WBmap.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6466 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
228406 7.8 危険 YourFreeWorld.com - Yourfreeworld Stylish Text Ads Script の tr1.php におけるインストールパスを取得される脆弱性 - CVE-2006-6461 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
228407 10 危険 short url
url tracker script		 - Yourfreeworld.com Short Url & Url Tracker Script における重要な情報を取得される脆弱性 - CVE-2006-6460 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
228408 6.8 警告 phpBB - PhpBB Toplist の toplist.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6459 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
228409 5 警告 Tiki Software Community Association - Tikiwiki の tiki-wiki_rss.php における重要な情報 (MySQL ユーザ名およびパスワード) を取得される脆弱性 CWE-200
情報漏えい 		CVE-2006-6457 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
228410 6.8 警告 swsoft - SWsoft Plesk におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6451 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199681 8.8 HIGH
Network 		orbisius child_theme_creator The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. CWE-352
 Origin Validation Error 		CVE-2020-28649 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
199682 8.8 HIGH
Network 		nagios nagios_xi Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. CWE-20
 Improper Input Validation  		CVE-2020-28648 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
199683 9.8 CRITICAL
Network 		infinitewp infinitewp In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks. CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2020-28642 2024-11-21 14:23 2020-11-16 Show GitHub Exploit DB Packet Storm
199684 9.8 CRITICAL
Network 		dyne tomb ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb {W] Detected DISPLAY, but only … CWE-287
Improper Authentication 		CVE-2020-28638 2024-11-21 14:23 2020-11-14 Show GitHub Exploit DB Packet Storm
199685 8.8 HIGH
Network 		togglz togglz The console in Togglz before 2.9.4 allows CSRF. CWE-352
 Origin Validation Error 		CVE-2020-28191 2024-11-21 14:22 2022-12-27 Show GitHub Exploit DB Packet Storm
199686 7.8 HIGH
Local 		beyondtrust privilege_management_for_windows In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp. CWE-427
 Uncontrolled Search Path Element 		CVE-2020-28369 2024-11-21 14:22 2023-12-13 Show GitHub Exploit DB Packet Storm
199687 7.1 HIGH
Local 		swtpm_project swtpm In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall. CWE-59
Link Following 		CVE-2020-28407 2024-11-21 14:22 2023-11-3 Show GitHub Exploit DB Packet Storm
199688 6.5 MEDIUM
Network 		libdwarf_project libdwarf libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. CWE-476
 NULL Pointer Dereference 		CVE-2020-28163 2024-11-21 14:22 2023-04-16 Show GitHub Exploit DB Packet Storm
199689 9.8 CRITICAL
Network 		npos-tesseract_project npos-tesseract This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js. CWE-77
Command Injection 		CVE-2020-28453 2024-11-21 14:22 2022-08-2 Show GitHub Exploit DB Packet Storm
199690 9.8 CRITICAL
Network 		image-tiler_project image-tiler This affects the package image-tiler before 2.0.2. CWE-77
Command Injection 		CVE-2020-28451 2024-11-21 14:22 2022-08-2 Show GitHub Exploit DB Packet Storm