Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 9, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230031	5.8	警告	Xerox	-	Xerox WorkCentre および WorkCentre Pro における脆弱性	-	CVE-2006-6468	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

230032	5.8	警告	Xerox	-	Xerox WorkCentre および WorkCentre Pro におけるディレクトリのアクセス権を取得される脆弱性	-	CVE-2006-6467	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

230033	6.8	警告	wikyblog	-	WikyBlog の WBmap.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6466	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

230034	7.8	危険	YourFreeWorld.com	-	Yourfreeworld Stylish Text Ads Script の tr1.php におけるインストールパスを取得される脆弱性	-	CVE-2006-6461	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

230035	10	危険	short url url tracker script	-	Yourfreeworld.com Short Url & Url Tracker Script における重要な情報を取得される脆弱性	-	CVE-2006-6460	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

230036	6.8	警告	phpBB	-	PhpBB Toplist の toplist.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6459	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

230037	5	警告	Tiki Software Community Association	-	Tikiwiki の tiki-wiki_rss.php における重要な情報 (MySQL ユーザ名およびパスワード) を取得される脆弱性	CWE-200 情報漏えい	CVE-2006-6457	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

230038	6.8	警告	swsoft	-	SWsoft Plesk におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6451	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230039	6.4	警告	vt-forum	-	Vt-Forum Lite におけるデータベースをダウンロードされる脆弱性	-	CVE-2006-6449	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230040	7.5	危険	vt-forum	-	Vt-Forum Lite における SQL インジェクションの脆弱性	-	CVE-2006-6448	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197751	6.1	MEDIUM Network	cybozu	garoon	Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'.	CWE-79 Cross-site Scripting	CVE-2020-5564	2024-11-21 14:34	2020-04-28	Show	GitHub Exploit DB Packet Storm

197752	5.3	MEDIUM Network	cybozu	garoon	Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in the affected product via the API.	CWE-287 Improper Authentication	CVE-2020-5563	2024-11-21 14:34	2020-04-28	Show	GitHub Exploit DB Packet Storm

197753	4.9	MEDIUM Network	cybozu	garoon	Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows a remote attacker with an administrative privilege to issue arbitrary HTTP requests to other web servers via V-…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-5562	2024-11-21 14:34	2020-04-28	Show	GitHub Exploit DB Packet Storm

197754	8.1	HIGH Adjacent	f5	big-iq_centralized_management	In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanisms do not use any form of authentication for connecting to the peer.	CWE-306 Missing Authentication for Critical Function	CVE-2020-5870	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

197755	9.1	CRITICAL Network	f5	big-iq_centralized_management	In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit.	CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel	CVE-2020-5869	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

197756	9.8	CRITICAL Network	f5	big-iq_centralized_management	In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote user to execute shell commands on affected systems using HTTP requests to the BIG-IQ user interface.	CWE-78 OS Command	CVE-2020-5868	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

197757	8.1	HIGH Network	f5 netapp	nginx_controller cloud_backup	In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages	CWE-319 CWE-494 Cleartext Transmission of Sensitive Information Download of Code Without Integrity Check	CVE-2020-5867	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

197758	5.5	MEDIUM Local	f5	nginx_controller	In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments.	CWE-200 Information Exposure	CVE-2020-5866	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

197759	4.8	MEDIUM Network	f5 netapp	nginx_controller cloud_backup	In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via …	CWE-319 Cleartext Transmission of Sensitive Information	CVE-2020-5865	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm

197760	7.4	HIGH Network	f5	nginx_controller	In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verification by default.	CWE-295 Improper Certificate Validation	CVE-2020-5864	2024-11-21 14:34	2020-04-24	Show	GitHub Exploit DB Packet Storm