Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230061 7.5 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の Web User Interface における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2006-6427 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230062 6.8 警告 thinkedit - ThinkEdit の design/thinkedit/render.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6426 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230063 6 警告 phpBB - phpBB のプライベートメッセージボックス実装 (privmsg.php) におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6421 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230064 6.8 警告 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6420 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230065 7.5 危険 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE における任意のローカルファイルをインクルードされる脆弱性 - CVE-2006-6419 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230066 7.5 危険 phpleague - univert - PhpLeague - Univert PhpLeague における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6416 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230067 4.6 警告 VMware - VMWare の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2006-6410 2012-12-20 18:02 2006-12-9 Show GitHub Exploit DB Packet Storm
230068 5 警告 softwin - SMB の BitDefender Mail Protection におけるウィルス検出を回避される脆弱性 - CVE-2006-6405 2012-12-20 18:02 2006-12-9 Show GitHub Exploit DB Packet Storm
230069 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher における SQL インジェクションの脆弱性 - CVE-2006-6399 2012-12-20 18:02 2006-12-7 Show GitHub Exploit DB Packet Storm
230070 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher における SQL インジェクションの脆弱性 - CVE-2006-6398 2012-12-20 18:02 2006-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
197641 6.8 MEDIUM
Physics 		dell inspiron_7347_bios Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwriting th… CWE-416
 Use After Free 		CVE-2020-5376 2024-11-21 14:34 2020-09-3 Show GitHub Exploit DB Packet Storm
197642 8.8 HIGH
Network 		dell emc_powerscale_onefs
emc_isilon_onefs 		Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerabili… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-5369 2024-11-21 14:34 2020-09-3 Show GitHub Exploit DB Packet Storm
197643 7.5 HIGH
Network 		tradingtechnologies trading_technologies_messaging A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling when calling strcpy_s() with an invalid parameter (i.e., a long src string parameter) as a part of p… NVD-CWE-Other
CVE-2020-5779 2024-11-21 14:34 2020-09-3 Show GitHub Exploit DB Packet Storm
197644 7.5 HIGH
Network 		tradingtechnologies trading_technologies_messaging A flaw exists in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthe… CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error') 
 Improper Input Validation  		CVE-2020-5778 2024-11-21 14:34 2020-09-3 Show GitHub Exploit DB Packet Storm
197645 7.5 HIGH
Network 		shadan-kun server_security_type Shadankun Server Security Type (excluding normal blocking method types) Ver.1.5.3 and earlier allows remote attackers to cause a denial of service which may result in not being able to add newly dete… NVD-CWE-Other
CVE-2020-5622 2024-11-21 14:34 2020-09-2 Show GitHub Exploit DB Packet Storm
197646 9.8 CRITICAL
Network 		magmi_project magmi MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger … CWE-287
Improper Authentication 		CVE-2020-5777 2024-11-21 14:34 2020-09-2 Show GitHub Exploit DB Packet Storm
197647 8.8 HIGH
Network 		magmi_project magmi Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session fo… CWE-352
 Origin Validation Error 		CVE-2020-5776 2024-11-21 14:34 2020-09-2 Show GitHub Exploit DB Packet Storm
197648 6.7 MEDIUM
Local 		pivotal_software
vmware 		rabbitmq RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the Rabbit… CWE-427
 Uncontrolled Search Path Element 		CVE-2020-5419 2024-11-21 14:34 2020-09-1 Show GitHub Exploit DB Packet Storm
197649 6.1 MEDIUM
Network 		riken xoonips Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2020-5625 2024-11-21 14:34 2020-08-28 Show GitHub Exploit DB Packet Storm
197650 9.8 CRITICAL
Network 		riken xoonips SQL injection vulnerability in the XooNIps 3.48 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2020-5624 2024-11-21 14:34 2020-08-28 Show GitHub Exploit DB Packet Storm