Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 2:21 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229951	7.5	危険	rediff	-	Rediff Bol Downloader OCX コントロールにおける重要な情報 (ユーザ名およびパス名) を取得される脆弱性	-	CVE-2006-6838	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229952	6.8	警告	sergey oblomov	-	Total Commander 用の ISO プラグインの LoadTree などの関数におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2006-6837	2012-12-20 18:02	2006-12-31	Show	GitHub Exploit DB Packet Storm

229953	7.5	危険	yrch	-	Yrch! の plugins/metasearch/plug.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6823	2012-12-20 18:02	2006-12-29	Show	GitHub Exploit DB Packet Storm

229954	7.5	危険	vladimir menshakov	-	Vladimir Menshakov buratinable templator の process.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6809	2012-12-20 18:02	2006-12-29	Show	GitHub Exploit DB Packet Storm

229955	6.8	警告	WordPress.org	-	WordPress の wp-admin/templates.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6808	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

229956	7.5	危険	softwebsnepal	-	Softwebs Nepal Ananda Real Estate の list.asp における SQL インジェクションの脆弱性	-	CVE-2006-6807	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

229957	6.8	警告	sh-news	-	SH-News の misc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6801	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

229958	7.5	危険	The Cacti Group	-	Cacti における SQL インジェクションの脆弱性	-	CVE-2006-6799	2012-12-20 18:02	2006-12-28	Show	GitHub Exploit DB Packet Storm

229959	7.5	危険	PHP Outburst	-	UPB の chat/login.php における任意の PHP コードを挿入される脆弱性	-	CVE-2006-6790	2012-12-20 18:02	2006-12-27	Show	GitHub Exploit DB Packet Storm

229960	7.5	危険	phpbbxtra	-	Phpbbxtra の includes/archive/archive_topic.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6789	2012-12-20 18:02	2006-12-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
210901	6.8	MEDIUM Network	torchbox	wagtail	In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting (XSS) vulnerability exists on the page revision comparison view within the Wagtail admin interface. A user with a limited-permission…	-	CVE-2020-11001	2024-11-21 13:56	2020-04-15	Show	GitHub Exploit DB Packet Storm

210902	4.3	MEDIUM Network	gitlab	gitlab	GitLab EE/CE 9.0 to 12.9 allows a maintainer to modify other maintainers' pipeline trigger descriptions within the same project.	NVD-CWE-noinfo	CVE-2020-10981	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210903	9.8	CRITICAL Network	gitlab	gitlab	GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-10980	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210904	4.3	MEDIUM Network	gitlab	gitlab	GitLab EE/CE 11.10 to 12.9 is leaking information on restricted CI pipelines metrics to unauthorized users.	NVD-CWE-noinfo	CVE-2020-10979	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210905	5.3	MEDIUM Network	gitlab	gitlab	GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL API.	NVD-CWE-noinfo	CVE-2020-10978	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210906	8.8	HIGH Network	dropwizard	dropwizard_validation	dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote code execution vulnerability. A server-side template injection was identified in the self-validating feature enabling attackers to …	CWE-74 Injection	CVE-2020-11002	2024-11-21 13:56	2020-04-11	Show	GitHub Exploit DB Packet Storm

210907	5.5	MEDIUM Local	gitlab	gitlab	GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.	CWE-22 Path Traversal	CVE-2020-10977	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210908	7.5	HIGH Network	gitlab	gitlab	GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget.	CWE-200 Information Exposure	CVE-2020-10976	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210909	4.3	MEDIUM Network	gitlab	gitlab	GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerabilities to unauthorized users on the vulnerability feedback page.	NVD-CWE-noinfo	CVE-2020-10975	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

210910	5.5	MEDIUM Local	codeblocks	code\	A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file.	CWE-120 Classic Buffer Overflow	CVE-2020-10814	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm