Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228861 7.5 危険 phptree - PHPtree の plugin/HP_DEV/cms2.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2573 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228862 7.5 危険 XOOPS - XOOPS 用の wfquotes モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2007-2571 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228863 7.5 危険 practical creative and code - Friendly における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2569 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228864 9.3 危険 vcdgear - VCDGear におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2568 2012-12-20 18:19 2007-05-16 Show GitHub Exploit DB Packet Storm
228865 9.3 危険 taltech - Taltech Tal Bar Code ActiveX コントロールの SaveBarCode 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2567 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228866 5 警告 taltech - Taltech Tal Bar Code ActiveX コントロールの SaveBarCode 関数におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2566 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228867 10 危険 sienzo - Sienzo DMM ActiveX コントロール におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2564 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228868 9.3 危険 versalsoft - VersalSoft HTTP File Upload ActiveX コントロール の AddFile 関数におけるバッファオーバーフローの脆弱性 - CVE-2007-2563 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228869 4.3 警告 podium cms - Podium CMS の Default.aspx におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2007-2555 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
228870 5 警告 Wikka Development Team - WikkaWiki の RecentChanges 機能における非公開ページの名前などを取得される脆弱性 CWE-200
情報漏えい 		CVE-2007-2552 2012-12-20 18:19 2007-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
200561 5.5 MEDIUM
Local 		jenkins appspider Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins control… CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2314 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200562 4.3 MEDIUM
Network 		jenkins azure_key_vault A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. - CVE-2020-2313 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200563 6.5 MEDIUM
Network 		jenkins sqlplus_script_runner Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs. - CVE-2020-2312 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200564 4.3 MEDIUM
Network 		jenkins aws_global_configuration A missing permission check in Jenkins AWS Global Configuration Plugin 1.5 and earlier allows attackers with Overall/Read permission to replace the global AWS configuration. - CVE-2020-2311 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200565 4.3 MEDIUM
Network 		jenkins ansible Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. - CVE-2020-2310 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200566 4.3 MEDIUM
Network 		jenkins kubernetes A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. - CVE-2020-2309 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200567 4.3 MEDIUM
Network 		jenkins kubernetes A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names. - CVE-2020-2308 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200568 4.3 MEDIUM
Network 		jenkins kubernetes Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables. - CVE-2020-2307 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200569 4.3 MEDIUM
Network 		jenkins mercurial A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of names of configured Mercurial installations. - CVE-2020-2306 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm
200570 6.5 MEDIUM
Network 		jenkins mercurial Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. - CVE-2020-2305 2024-11-21 14:25 2020-11-5 Show GitHub Exploit DB Packet Storm