Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228761	6.8	警告	XOOPS	-	XOOPS 用の icontent モジュールにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-3057	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228762	4.3	警告	WebSVN	-	WebSVN の filedetails.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-3056	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228763	7.5	危険	postnuke software foundation	-	PostNuke 用の PNphpBB2 モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-3052	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228764	7.5	危険	revokesoft	-	RevokeSoft RevokeBB の inc/class_users.php における SQL インジェクションの脆弱性	-	CVE-2007-3051	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228765	10	危険	Vonage	-	Vonage VoIP Telephone Adapter における管理アクセス権限を取得される脆弱性	-	CVE-2007-3047	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228766	4.3	警告	シマンテック	-	Symantec Client Security および SAV CE などで使用される Symantec Reporting Server における総当たり攻撃を実行される脆弱性	-	CVE-2007-3022	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228767	7.5	危険	シマンテック	-	Symantec Client Security および SAV CE などで使用される Symantec Reporting Server における任意の実行可能なファイルを作成される脆弱性	-	CVE-2007-3021	2012-12-20 18:19	2007-06-5	Show	GitHub Exploit DB Packet Storm

228768	9.3	危険	zenturi	-	Zenturi ProgramChecker の sasatl.dll におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-2987	2012-12-20 18:19	2007-06-1	Show	GitHub Exploit DB Packet Storm

228769	7.8	危険	techno dreams	-	Techno Dreams Web Directory / Search Engine におけるデータベースをダウンロードされる脆弱性	-	CVE-2007-2979	2012-12-20 18:19	2007-05-31	Show	GitHub Exploit DB Packet Storm

228770	7.5	危険	Wanewsletter	-	WAnewsletter の newsletter.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2007-2969	2012-12-20 18:19	2007-05-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200611	5.4	MEDIUM Network	jenkins	custom_job_icon	Jenkins Custom Job Icon Plugin 0.2 and earlier does not escape the job descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Confi…	CWE-79 Cross-site Scripting	CVE-2020-2264	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200612	5.4	MEDIUM Network	jenkins	radiator_view	Jenkins Radiator View Plugin 1.29 and earlier does not escape the full name of the jobs in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/C…	CWE-79 Cross-site Scripting	CVE-2020-2263	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200613	5.4	MEDIUM Network	jenkins	android_lint	Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide…	CWE-79 Cross-site Scripting	CVE-2020-2262	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200614	8.8	HIGH Network	jenkins	perfecto	Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jenkins controller, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller	CWE-78 OS Command	CVE-2020-2261	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200615	4.3	MEDIUM Network	jenkins	perfecto	A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials.	CWE-862 Missing Authorization	CVE-2020-2260	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200616	5.4	MEDIUM Network	jenkins	computer_queue	Jenkins computer-queue-plugin Plugin 1.5 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Con…	CWE-79 Cross-site Scripting	CVE-2020-2259	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200617	4.3	MEDIUM Network	jenkins	health_advisor_by_cloudbees	Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpo…	CWE-863 Incorrect Authorization	CVE-2020-2258	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200618	5.4	MEDIUM Network	jenkins	validating_string_parameter	Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with…	CWE-79 Cross-site Scripting	CVE-2020-2257	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200619	5.4	MEDIUM Network	jenkins	pipeline_maven_integration	Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting (XSS) vulnerabil…	CWE-79 Cross-site Scripting	CVE-2020-2256	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200620	4.3	MEDIUM Network	jenkins	blue_ocean	A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.	CWE-862 Missing Authorization	CVE-2020-2255	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm