Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228851 7.5 危険 phphtmllib - phpHtmlLib の examples/widget8.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2614 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228852 8.3 危険 Wikka Development Team - WikkaWiki における任意の設定ファイルをアップロードされる脆弱性 - CVE-2007-2613 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228853 7.5 危険 Wikka Development Team - WikkaWiki の libs/Wakka.class.php における SQL インジェクションの脆弱性 - CVE-2007-2612 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228854 6.8 警告 wavelink media - TutorialCMS におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2600 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228855 7.5 危険 wavelink media - TutorialCMS における SQL インジェクションの脆弱性 - CVE-2007-2599 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228856 10 危険 Simplenews Project - SimpleNews の print.php における SQL インジェクションの脆弱性 - CVE-2007-2598 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228857 7.5 危険 telltargetcms - telltarget CMS における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2597 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228858 6.5 警告 rscript - RSAuction におけるユーザ自身のアカウントステータスを Suspended から Active に変更される脆弱性 - CVE-2007-2595 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228859 7.5 危険 phpmyportal - phpMyPortal の inc/articles.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2594 2012-12-20 18:19 2007-05-11 Show GitHub Exploit DB Packet Storm
228860 7.5 危険 vm watermark - Gallery 用の vm watermark における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2007-2575 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200561 5.5 MEDIUM
Local 		jenkins appspider Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins control… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2314 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200562 4.3 MEDIUM
Network 		jenkins azure_key_vault A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. - CVE-2020-2313 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200563 6.5 MEDIUM
Network 		jenkins sqlplus_script_runner Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs. - CVE-2020-2312 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200564 4.3 MEDIUM
Network 		jenkins aws_global_configuration A missing permission check in Jenkins AWS Global Configuration Plugin 1.5 and earlier allows attackers with Overall/Read permission to replace the global AWS configuration. - CVE-2020-2311 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200565 4.3 MEDIUM
Network 		jenkins ansible Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. - CVE-2020-2310 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200566 4.3 MEDIUM
Network 		jenkins kubernetes A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. - CVE-2020-2309 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200567 4.3 MEDIUM
Network 		jenkins kubernetes A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names. - CVE-2020-2308 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200568 4.3 MEDIUM
Network 		jenkins kubernetes Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables. - CVE-2020-2307 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200569 4.3 MEDIUM
Network 		jenkins mercurial A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of names of configured Mercurial installations. - CVE-2020-2306 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200570 6.5 MEDIUM
Network 		jenkins mercurial Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. - CVE-2020-2305 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm