Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230061 7.5 危険 Xerox - Xerox WorkCentre および WorkCentre Pro の Web User Interface における任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2006-6427 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230062 6.8 警告 thinkedit - ThinkEdit の design/thinkedit/render.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6426 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230063 6 警告 phpBB - phpBB のプライベートメッセージボックス実装 (privmsg.php) におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6421 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230064 6.8 警告 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6420 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230065 7.5 危険 Widget Factory Limited - Joomla! 用の Ryan Demmer JCE における任意のローカルファイルをインクルードされる脆弱性 - CVE-2006-6419 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230066 7.5 危険 phpleague - univert - PhpLeague - Univert PhpLeague における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6416 2012-12-20 18:02 2006-12-10 Show GitHub Exploit DB Packet Storm
230067 4.6 警告 VMware - VMWare の ActiveX コントロールにおけるバッファオーバーフローの脆弱性 - CVE-2006-6410 2012-12-20 18:02 2006-12-9 Show GitHub Exploit DB Packet Storm
230068 5 警告 softwin - SMB の BitDefender Mail Protection におけるウィルス検出を回避される脆弱性 - CVE-2006-6405 2012-12-20 18:02 2006-12-9 Show GitHub Exploit DB Packet Storm
230069 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher における SQL インジェクションの脆弱性 - CVE-2006-6399 2012-12-20 18:02 2006-12-7 Show GitHub Exploit DB Packet Storm
230070 7.5 危険 superfreaker studios - Superfreaker Studios UPublisher における SQL インジェクションの脆弱性 - CVE-2006-6398 2012-12-20 18:02 2006-12-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211011 5.5 MEDIUM
Local 		hdfgroup hdf5 An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service. CWE-125
Out-of-bounds Read 		CVE-2020-10811 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211012 5.5 MEDIUM
Local 		hdfgroup hdf5 An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service. CWE-476
 NULL Pointer Dereference 		CVE-2020-10810 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211013 5.5 MEDIUM
Local 		hdfgroup hdf5 An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 b… CWE-787
 Out-of-bounds Write 		CVE-2020-10809 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211014 8.8 HIGH
Network 		vestacp vesta_control_panel Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demon… CWE-78
OS Command  		CVE-2020-10808 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211015 5.3 MEDIUM
Network 		mitre caldera auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged "localhost" string in the HTTP Host header. CWE-290
 Authentication Bypass by Spoofing 		CVE-2020-10807 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211016 9.8 CRITICAL
Network 		ez ez_publish-kernel
ez_publish-legacy 		eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to ex… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-10806 2024-11-21 13:56 2020-03-23 Show GitHub Exploit DB Packet Storm
211017 5.4 MEDIUM
Network 		phpmyadmin
debian
fedoraproject
opensuse
suse 		phpmyadmin
debian_linux
fedora
leap
backports_sle
package_hub 		In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results… CWE-79
CWE-89
Cross-site Scripting
SQL Injection 		CVE-2020-10803 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm
211018 8.0 HIGH
Network 		phpmyadmin
debian
fedoraproject
opensuse
suse 		phpmyadmin
debian_linux
fedora
leap
backports_sle
package_hub 		In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search act… CWE-89
SQL Injection 		CVE-2020-10802 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm
211019 8.0 HIGH
Network 		phpmyadmin
fedoraproject
opensuse
suse 		phpmyadmin
fedora
leap
backports_sle
package_hub 		In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/Use… CWE-89
SQL Injection 		CVE-2020-10804 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm
211020 8.1 HIGH
Network 		lix_project lix lix through 15.8.7 allows man-in-the-middle attackers to execute arbitrary code by modifying the HTTP client-server data stream so that the Location header is associated with attacker-controlled exec… NVD-CWE-noinfo
CVE-2020-10800 2024-11-21 13:56 2020-03-22 Show GitHub Exploit DB Packet Storm