Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 2:09 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229691 7.5 危険 scriptphp - AnnonceScriptHP における SQL インジェクションの脆弱性 - CVE-2006-6478 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
229692 10 危険 Xerox - Xerox WorkCentre および WorkCentre Pro における脆弱性 - CVE-2006-6473 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229693 10 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の httpd.conf ファイルにおける脆弱性 - CVE-2006-6472 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229694 10 危険 Xerox - Xerox WorkCentre および WorkCentre Pro における不特定のファイルアクセス権を許可される脆弱性 - CVE-2006-6471 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229695 10 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の SNMP Agent における脆弱性 - CVE-2006-6470 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229696 5.8 警告 Xerox - Xerox WorkCentre および WorkCentre Pro における脆弱性 - CVE-2006-6469 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229697 5.8 警告 Xerox - Xerox WorkCentre および WorkCentre Pro における脆弱性 - CVE-2006-6468 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229698 5.8 警告 Xerox - Xerox WorkCentre および WorkCentre Pro におけるディレクトリのアクセス権を取得される脆弱性 - CVE-2006-6467 2012-12-20 18:02 2006-11-30 Show GitHub Exploit DB Packet Storm
229699 6.8 警告 wikyblog - WikyBlog の WBmap.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6466 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
229700 7.8 危険 YourFreeWorld.com - Yourfreeworld Stylish Text Ads Script の tr1.php におけるインストールパスを取得される脆弱性 - CVE-2006-6461 2012-12-20 18:02 2006-12-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
199841 9.8 CRITICAL
Network 		spotweb_project spotweb Time-based SQL injection exists in Spotweb 1.4.9 via the query string. CWE-89
SQL Injection 		CVE-2020-35545 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
199842 8.1 HIGH
Network 		fasterxml
netapp
debian
oracle 		jackson-databind
service_level_manager
debian_linux
webcenter_portal
application_testing_suite
banking_platform
agile_plm
sd-wan_edge
communications_services_gatekeeper
ret… 		FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-35491 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
199843 8.1 HIGH
Network 		fasterxml
netapp
debian
oracle 		jackson-databind
service_level_manager
debian_linux
webcenter_portal
application_testing_suite
banking_platform
agile_plm
communications_services_gatekeeper
retail_merchandisi… 		FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-35490 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
199844 10.0 CRITICAL
Network 		rocklobster contact_form_7 The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters. CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-35489 2024-11-21 14:27 2020-12-18 Show GitHub Exploit DB Packet Storm
199845 5.3 MEDIUM
Network 		hashicorp vault HashiCorp Vault Enterprise’s Sentinel EGP policy feature incorrectly allowed requests to be processed in parent and sibling namespaces. Fixed in 1.5.6 and 1.6.1. NVD-CWE-noinfo
CVE-2020-35453 2024-11-21 14:27 2020-12-17 Show GitHub Exploit DB Packet Storm
199846 9.8 CRITICAL
Network 		opentsdb opentsdb A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is… CWE-78
OS Command  		CVE-2020-35476 2024-11-21 14:27 2020-12-16 Show GitHub Exploit DB Packet Storm
199847 9.8 CRITICAL
Network 		softwareag terracotta_server_oss The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remot… CWE-306
Missing Authentication for Critical Function 		CVE-2020-35469 2024-11-21 14:27 2020-12-16 Show GitHub Exploit DB Packet Storm
199848 9.8 CRITICAL
Network 		appbase streams The Appbase streams Docker image 2.1.2 contains a blank password for the root user. Systems deployed using affected versions of the streams container may allow a remote attacker to achieve root acces… CWE-306
Missing Authentication for Critical Function 		CVE-2020-35468 2024-11-21 14:27 2020-12-16 Show GitHub Exploit DB Packet Storm
199849 9.8 CRITICAL
Network 		docker docs The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achie… CWE-306
Missing Authentication for Critical Function 		CVE-2020-35467 2024-11-21 14:27 2020-12-16 Show GitHub Exploit DB Packet Storm
199850 9.8 CRITICAL
Network 		blackfire blackfire_docker_image The Blackfire Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Blackfire container may allow a remote attacker to achieve r… CWE-306
Missing Authentication for Critical Function 		CVE-2020-35466 2024-11-21 14:27 2020-12-16 Show GitHub Exploit DB Packet Storm