Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 3, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229421 6.8 警告 SAMEDIA O.E. - SAMEDIA LandShop の ls.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5915 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229422 7.5 危険 SAMEDIA O.E. - SAMEDIA LandShop の ls.php における SQL インジェクションの脆弱性 - CVE-2006-5914 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229423 6.4 警告 web directory pro - Web Directory Pro におけるコンフィギュレーションを変更される脆弱性 - CVE-2006-5905 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229424 7.5 危険 rahul jonna - Rahul Jonna GSpace における仮想ファイルシステム操作を実行される脆弱性 - CVE-2006-5903 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229425 7.5 危険 viksoe - viksoe GMail Drive シェルエクステンションにおける仮想ファイルシステムのアクションを実行される脆弱性 - CVE-2006-5902 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229426 6.8 警告 Zend Technologies Ltd. - Zend Framework Preview の incubator/tests/Zend/Http/_files/testRedirections.php サンプルコードにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5900 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229427 5 警告 php heaven - PhpMyChat の localization/languages.lib.php3 におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5898 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229428 5 警告 php heaven - PhpMyChat Plus におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-5897 2012-12-20 18:02 2006-11-15 Show GitHub Exploit DB Packet Storm
229429 5 警告 remlab - REMLAB Web Mech Designer におけるスクリプトのフルパスを取得される脆弱性 - CVE-2006-5896 2012-12-20 18:02 2006-11-27 Show GitHub Exploit DB Packet Storm
229430 6.8 警告 rama cms - Rama CMS の lang.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5894 2012-12-20 18:02 2006-11-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 3, 2026, 4:06 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199531 3.3 LOW
Local 		jenkins couchdb-statistics Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the … CWE-522
 Insufficiently Protected Credentials 		CVE-2020-2291 2024-11-21 14:25 2020-10-8 Show GitHub Exploit DB Packet Storm
199532 5.4 MEDIUM
Network 		jenkins active_choices Jenkins Active Choices Plugin 2.4 and earlier does not escape some return values of sandboxed scripts for Reactive Reference Parameters, resulting in a stored cross-site scripting (XSS) vulnerability… CWE-79
Cross-site Scripting 		CVE-2020-2290 2024-11-21 14:25 2020-10-8 Show GitHub Exploit DB Packet Storm
199533 5.4 MEDIUM
Network 		jenkins active_choices Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers wit… CWE-79
Cross-site Scripting 		CVE-2020-2289 2024-11-21 14:25 2020-10-8 Show GitHub Exploit DB Packet Storm
199534 5.3 MEDIUM
Network 		jenkins audit_trail In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling. - CVE-2020-2288 2024-11-21 14:25 2020-10-8 Show GitHub Exploit DB Packet Storm
199535 5.3 MEDIUM
Network 		jenkins audit_trail Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attac… - CVE-2020-2287 2024-11-21 14:25 2020-10-8 Show GitHub Exploit DB Packet Storm
199536 8.8 HIGH
Network 		jenkins role-based_authorization_strategy Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an … - CVE-2020-2286 2024-11-21 14:25 2020-10-8 Show GitHub Exploit DB Packet Storm
199537 4.3 MEDIUM
Network 		jenkins liquibase_runner A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. CWE-862
 Missing Authorization 		CVE-2020-2285 2024-11-21 14:25 2020-09-23 Show GitHub Exploit DB Packet Storm
199538 7.1 HIGH
Network 		jenkins liquibase_runner Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. CWE-611
XXE 		CVE-2020-2284 2024-11-21 14:25 2020-09-23 Show GitHub Exploit DB Packet Storm
199539 5.4 MEDIUM
Network 		jenkins liquibase_runner Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset fil… CWE-79
Cross-site Scripting 		CVE-2020-2283 2024-11-21 14:25 2020-09-23 Show GitHub Exploit DB Packet Storm
199540 4.3 MEDIUM
Network 		jenkins implied_labels Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin. CWE-862
 Missing Authorization 		CVE-2020-2282 2024-11-21 14:25 2020-09-23 Show GitHub Exploit DB Packet Storm