Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230071	5	警告	ulrik petersen	-	Ulrik Petersen Emdros Database Engine におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6395	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230072	7.5	危険	plx web studio	-	plx Web Studio plx Pay の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6392	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230073	6.8	警告	positive software	-	Positive Software H-Sphere のコントロールパネルにおける任意のファイルにログデータを追加される脆弱性	-	CVE-2006-6382	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230074	7.5	危険	ultimate helpdesk	-	Ultimate HelpDesk の getfile.asp におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6381	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230075	6.8	警告	ultimate helpdesk	-	Ultimate HelpDesk の index.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6380	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230076	7.5	危険	widcomm	-	BTSaveMySql における設定情報を取得される脆弱性	-	CVE-2006-6378	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230077	7.5	危険	uploadscript	-	Uploadscript における admin パスワードハッシュを取得される脆弱性	-	CVE-2006-6377	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230078	6.8	警告	Simple Machines	-	SMF の display.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6375	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230079	7.5	危険	The phpMyAdmin Project	-	PhpMyAdmin における CRLF インジェクションの脆弱性	-	CVE-2006-6374	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

230080	5	警告	The phpMyAdmin Project	-	PhpMyAdmin における重要な情報を取得される脆弱性	-	CVE-2006-6373	2012-12-20 18:02	2006-12-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
197611	8.8	HIGH Network	infoscience	elc_analytics logstorage	Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file.	CWE-78 OS Command	CVE-2020-5626	2024-11-21 14:34	2021-01-28	Show	GitHub Exploit DB Packet Storm

197612	6.0	MEDIUM Network	vmware	spring_cloud_task	In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.	CWE-89 SQL Injection	CVE-2020-5428	2024-11-21 14:34	2021-01-28	Show	GitHub Exploit DB Packet Storm

197613	7.2	HIGH Network	vmware	spring_cloud_data_flow	In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.	CWE-89 SQL Injection	CVE-2020-5427	2024-11-21 14:34	2021-01-28	Show	GitHub Exploit DB Packet Storm

197614	7.5	HIGH Network	nec	univerge_sv9500_firmware univerge_sv8500_firmware	Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to access the remote system maintenance feature an…	CWE-287 Improper Authentication	CVE-2020-5686	2024-11-21 14:34	2021-01-13	Show	GitHub Exploit DB Packet Storm

197615	9.8	CRITICAL Network	nec	univerge_sv9500_firmware univerge_sv8500_firmware	UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted req…	CWE-78 OS Command	CVE-2020-5685	2024-11-21 14:34	2021-01-13	Show	GitHub Exploit DB Packet Storm

197616	9.8	CRITICAL Network	nec	baseboard_management_controller	Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen), Express5800/T110j-S (2nd-Gen), iStorage NS100Ti, and Express5800/GT110j) where Baseboard Management Control…	CWE-287 Improper Authentication	CVE-2020-5633	2024-11-21 14:34	2021-01-13	Show	GitHub Exploit DB Packet Storm

197617	8.8	HIGH Network	marvell	qconvergeconslole_gui	In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml. OS-level users on the QCC host who are not authorized to use QCC may use the plaintext credential…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-5805	2024-11-21 14:34	2021-01-9	Show	GitHub Exploit DB Packet Storm

197618	8.1	HIGH Network	marvell	qconvergeconslole_gui	Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. The deleteEventLogFile method of the GWTTestServiceImpl class lacks proper validation of a user-supplied path p…	CWE-22 Path Traversal	CVE-2020-5804	2024-11-21 14:34	2021-01-9	Show	GitHub Exploit DB Packet Storm

197619	6.5	MEDIUM Network	umbraco	umbraco_cms	An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and e…	CWE-22 Path Traversal	CVE-2020-5811	2024-11-21 14:34	2020-12-31	Show	GitHub Exploit DB Packet Storm

197620	5.4	MEDIUM Network	umbraco	umbraco_cms	A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user authorized to upload media can upload a malicious .svg file which act as a stored XSS payload.	CWE-79 Cross-site Scripting	CVE-2020-5810	2024-11-21 14:34	2020-12-31	Show	GitHub Exploit DB Packet Storm