Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229051 7.5 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の Web User Interface における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2006-6427 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229052 6.8 警告 thinkedit - ThinkEdit の design/thinkedit/render.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6426 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229053 6 警告 phpBB - phpBB のプライベートメッセージボックス実装 (privmsg.php) におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6421 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229054 6.8 警告 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6420 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229055 7.5 危険 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE における任意のローカルファイルをインクルードされる脆弱性 - CVE-2006-6419 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229056 7.5 危険 phpleague - univert - PhpLeague - Univert PhpLeague における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6416 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
229057 4.6 警告 VMware - VMWare の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2006-6410 2012-12-20 18:02 2006-12-9 Show GitHub Exploit DB Packet Storm
229058 5 警告 softwin - SMB の BitDefender Mail Protection におけるウィルス検出を回避される脆弱性 - CVE-2006-6405 2012-12-20 18:02 2006-12-9 Show GitHub Exploit DB Packet Storm
229059 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher における SQL インジェクションの脆弱性 - CVE-2006-6399 2012-12-20 18:02 2006-12-7 Show GitHub Exploit DB Packet Storm
229060 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher における SQL インジェクションの脆弱性 - CVE-2006-6398 2012-12-20 18:02 2006-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199181 3.3 LOW
Local 		jenkins team_foundation_server Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with acces… CWE-311
Missing Encryption of Sensitive Data 		CVE-2020-2249 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199182 6.1 MEDIUM
Network 		jenkins jsgames Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code, resulting in a reflected cross-site scripting (XSS) vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2248 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199183 6.5 MEDIUM
Network 		jenkins klocwork_analysis Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. CWE-611
XXE 		CVE-2020-2247 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199184 5.4 MEDIUM
Network 		jenkins valgrind Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgr… CWE-79
Cross-site Scripting 		CVE-2020-2246 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199185 7.1 HIGH
Network 		jenkins valgrind Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. CWE-611
XXE 		CVE-2020-2245 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199186 5.4 MEDIUM
Network 		jenkins build_failure_analyzer Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers … CWE-79
Cross-site Scripting 		CVE-2020-2244 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199187 5.4 MEDIUM
Network 		jenkins cadence_vmanager Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Upda… CWE-79
Cross-site Scripting 		CVE-2020-2243 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199188 6.5 MEDIUM
Network 		jenkins database A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified… CWE-862
 Missing Authorization 		CVE-2020-2242 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199189 8.8 HIGH
Network 		jenkins database A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials. CWE-352
 Origin Validation Error 		CVE-2020-2241 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm
199190 8.8 HIGH
Network 		jenkins database A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts. CWE-352
 Origin Validation Error 		CVE-2020-2240 2024-11-21 14:25 2020-09-1 Show GitHub Exploit DB Packet Storm