Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 2, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229461	7.5	危険	phpdynasite	-	phpDynaSite における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5760	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229462	5	警告	rhadrix	-	Rhadrix If-CMS の index.php における Web サーバのフルパスを取得される脆弱性	-	CVE-2006-5759	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229463	2.1	注意	PunBB	-	PunBB における SQL インジェクションの脆弱性	-	CVE-2006-5738	2012-12-20 18:02	2006-10-15	Show	GitHub Exploit DB Packet Storm

229464	7.2	危険	PunBB	-	PunBB における許可されない操作を実行される脆弱性	-	CVE-2006-5737	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229465	5.1	警告	PunBB	-	PunBB の search.php における SQL インジェクションの脆弱性	-	CVE-2006-5736	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229466	7.5	危険	PunBB	-	PunBB の include/common.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5735	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229467	7.5	危険	postnuke software foundation	-	PostNuke の error.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5733	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229468	5	警告	tgs-cms	-	T.G.S. CMS の logout.php における SQL インジェクションの脆弱性	-	CVE-2006-5732	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229469	6.5	警告	yazd	-	Yazd Discussion Forum における任意のフォーラム内へメッセージを返信される脆弱性	-	CVE-2006-5729	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

229470	5.1	警告	sazcart	-	sazcart の admin/controls/cart.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5727	2012-12-20 18:02	2006-11-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 2, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198531	8.1	HIGH Network	netapp debian oracle fasterxml	cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_…	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.	CWE-502 Deserialization of Untrusted Data	CVE-2020-36184	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198532	8.1	HIGH Network	netapp debian oracle fasterxml	service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_and_revenue_mana…	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.	CWE-502 Deserialization of Untrusted Data	CVE-2020-36181	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198533	9.8	CRITICAL Network	tp-link	tl-wr840n_firmware	oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for…	CWE-78 OS Command	CVE-2020-36178	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198534	9.8	CRITICAL Network	wolfssl	wolfssl	RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.	CWE-787 Out-of-bounds Write	CVE-2020-36177	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198535	7.5	HIGH Network	ithemes	ithemes_security	The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs.	CWE-287 Improper Authentication	CVE-2020-36176	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198536	5.3	MEDIUM Network	ninjaforms	ninja_forms	The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.	CWE-20 Improper Input Validation	CVE-2020-36175	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198537	6.5	MEDIUM Network	ninjaforms	ninja_forms	The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.	CWE-352 Origin Validation Error	CVE-2020-36174	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198538	5.3	MEDIUM Network	ninjaforms	ninja_forms	The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.	CWE-116 Improper Encoding or Escaping of Output	CVE-2020-36173	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198539	6.1	MEDIUM Network	advancedcustomfields	advanced_custom_fields	The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS.	CWE-79 Cross-site Scripting	CVE-2020-36172	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm

198540	6.1	MEDIUM Network	elementor	website_builder	The Elementor Website Builder plugin before 3.0.14 for WordPress does not properly restrict SVG uploads.	CWE-79 Cross-site Scripting	CVE-2020-36171	2024-11-21 14:28	2021-01-7	Show	GitHub Exploit DB Packet Storm