Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230061	7.5	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro の Web User Interface における任意のコマンドを実行される脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2006-6427	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230062	6.8	警告	thinkedit	-	ThinkEdit の design/thinkedit/render.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6426	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230063	6	警告	phpBB	-	phpBB のプライベートメッセージボックス実装 (privmsg.php) におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6421	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230064	6.8	警告	Widget Factory Limited	-	Joomla! 用の Ryan Demmer JCE におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6420	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230065	7.5	危険	Widget Factory Limited	-	Joomla! 用の Ryan Demmer JCE における任意のローカルファイルをインクルードされる脆弱性	-	CVE-2006-6419	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230066	7.5	危険	phpleague - univert	-	PhpLeague - Univert PhpLeague における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6416	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

230067	4.6	警告	VMware	-	VMWare の ActiveX コントロールにおけるバッファオーバーフローの脆弱性	-	CVE-2006-6410	2012-12-20 18:02	2006-12-9	Show	GitHub Exploit DB Packet Storm

230068	5	警告	softwin	-	SMB の BitDefender Mail Protection におけるウィルス検出を回避される脆弱性	-	CVE-2006-6405	2012-12-20 18:02	2006-12-9	Show	GitHub Exploit DB Packet Storm

230069	7.5	危険	superfreaker studios	-	Superfreaker Studios UPublisher における SQL インジェクションの脆弱性	-	CVE-2006-6399	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230070	7.5	危険	superfreaker studios	-	Superfreaker Studios UPublisher における SQL インジェクションの脆弱性	-	CVE-2006-6398	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197631	7.5	HIGH Network	weseek	growi	Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series),…	CWE-20 CWE-400 Improper Input Validation Uncontrolled Resource Consumption	CVE-2020-5682	2024-11-21 14:34	2020-12-16	Show	GitHub Exploit DB Packet Storm

197632	7.4	HIGH Adjacent	mitsubishielectric	melsec_iq-f_fx5u_cpu_firmware	Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on progr…	NVD-CWE-noinfo	CVE-2020-5665	2024-11-21 14:34	2020-12-14	Show	GitHub Exploit DB Packet Storm

197633	9.8	CRITICAL Network	soliton	filezen	Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitr…	CWE-22 Path Traversal	CVE-2020-5639	2024-11-21 14:34	2020-12-14	Show	GitHub Exploit DB Packet Storm

197634	6.8	MEDIUM Adjacent	necplatforms	aterm_sa3500g_firmware	Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program.	CWE-354 Improper Validation of Integrity Check Value	CVE-2020-5637	2024-11-21 14:34	2020-12-14	Show	GitHub Exploit DB Packet Storm

197635	6.8	MEDIUM Adjacent	necplatforms	aterm_sa3500g_firmware	Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command…	CWE-78 OS Command	CVE-2020-5636	2024-11-21 14:34	2020-12-14	Show	GitHub Exploit DB Packet Storm

197636	8.8	HIGH Adjacent	necplatforms	aterm_sa3500g_firmware	Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command executio…	CWE-78 OS Command	CVE-2020-5635	2024-11-21 14:34	2020-12-14	Show	GitHub Exploit DB Packet Storm

197637	5.3	MEDIUM Network	f5	big-ip_advanced_firewall_manager	On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the ad…	CWE-79 Cross-site Scripting	CVE-2020-5950	2024-11-21 14:34	2020-12-12	Show	GitHub Exploit DB Packet Storm

197638	7.5	HIGH Network	f5	big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system …	On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.	NVD-CWE-noinfo	CVE-2020-5949	2024-11-21 14:34	2020-12-12	Show	GitHub Exploit DB Packet Storm

197639	9.6	CRITICAL Network	f5	big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system …	On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, w…	CWE-79 Cross-site Scripting	CVE-2020-5948	2024-11-21 14:34	2020-12-12	Show	GitHub Exploit DB Packet Storm

197640	9.8	CRITICAL Network	eat_spray_love_project	eat_spray_love	The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.	CWE-669 Incorrect Resource Transfer Between Spheres	CVE-2020-5800	2024-11-21 14:34	2020-12-7	Show	GitHub Exploit DB Packet Storm