Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228421 7.8 危険 r2k - R2K Gallery の galeria.php におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2642 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
228422 7.5 危険 w1l3d4 - W1L3D4 Philboard の W1L3D4_bolum.asp における SQL インジェクションの脆弱性 - CVE-2007-2641 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
228423 10 危険 prosysinfo - TFTPdWin におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2639 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
228424 10 危険 positive software - H-Sphere SiteStudio におけるディレクトリトラバーサルの脆弱性 - CVE-2007-2633 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
228425 7.5 危険 SquirrelMail Project - SquirrelMail におけるクロスサイトリクエストフォージェリの脆弱性 - CVE-2007-2631 2012-12-20 18:19 2007-05-13 Show GitHub Exploit DB Packet Storm
228426 6.8 警告 WordPress.org - WordPress の sidebar.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2627 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228427 7.5 危険 taskdriver - TaskDriver における SQL インジェクションの脆弱性 - CVE-2007-2622 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228428 4.6 警告 シマンテック - Symantec pcAnywhere における資格情報を取得される脆弱性 - CVE-2007-2619 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228429 2.1 注意 サン・マイクロシステムズ - Sun Solaris の SRS Net Connect Software Proxy Core パッケージにおける任意のファイルの最初の行を読まれる脆弱性 - CVE-2007-2617 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228430 7.5 危険 phphtmllib - phpHtmlLib の examples/widget8.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2614 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200801 6.5 MEDIUM
Network 		jenkins harvest_scm Jenkins Harvest SCM Plugin 0.5.1 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system. CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2130 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200802 6.5 MEDIUM
Network 		jenkins eagle_tester Jenkins Eagle Tester Plugin 1.0.9 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file syste… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2129 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200803 4.3 MEDIUM
Network 		jenkins ecx_copy_data_management Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or a… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2128 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200804 4.3 MEDIUM
Network 		jenkins bmc_release_package_and_deployment Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access t… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2127 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200805 4.3 MEDIUM
Network 		jenkins digitalocean Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system. CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2126 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200806 4.3 MEDIUM
Network 		jenkins debian_package_builder Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the … CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2125 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200807 4.3 MEDIUM
Network 		jenkins dynamic_extended_choice_parameter Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permi… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2124 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200808 8.8 HIGH
Network 		jenkins radargun Jenkins RadarGun Plugin 1.7 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-2123 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200809 5.4 MEDIUM
Network 		jenkins brakeman Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able … CWE-79
Cross-site Scripting 		CVE-2020-2122 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm
200810 8.8 HIGH
Network 		jenkins google_kubernetes_engine Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. NVD-CWE-noinfo
CVE-2020-2121 2024-11-21 14:24 2020-02-13 Show GitHub Exploit DB Packet Storm