Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 11, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230321	7.5	危険	phpbb plusxl	-	PlusXL および phpBB モジュールの mods/iai/includes/constants.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5387	2012-12-20 18:02	2006-10-18	Show	GitHub Exploit DB Packet Storm

230322	7.5	危険	spamoborona	-	SpamOborona の admin/admin_spam.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5385	2012-12-20 18:02	2006-10-18	Show	GitHub Exploit DB Packet Storm

230323	7.5	危険	phpbb prillian	-	phpBB 用の Prillian French モジュールにおける PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5326	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230324	7.5	危険	Tincan	-	phplist における SQL インジェクションの脆弱性	-	CVE-2006-5322	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230325	4.3	警告	Tincan	-	phplist におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5321	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230326	5	警告	toxi	-	Foafgen の redir.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5319	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230327	7.8	危険	phplibre	-	registroTL におけるデータベースをダウンロードされる脆弱性	-	CVE-2006-5316	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230328	6.8	警告	phpBB	-	phpBB 用の Journals System モジュールにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5306	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230329	5.1	警告	phpBB	-	lat2cyr および phpbb の lat2cyr.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5305	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

230330	2.1	注意	securecomputing	-	Secure Computing SafeWord RemoteAccess における UserCenter Web ポータルパスワードなどを取得される脆弱性	-	CVE-2006-5303	2012-12-20 18:02	2006-10-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198261	4.3	MEDIUM Network	ibm	security_identity_governance_and_intelligence	IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:…	CWE-59 Link Following	CVE-2020-4966	2024-11-21 14:33	2021-01-21	Show	GitHub Exploit DB Packet Storm

198262	9.8	CRITICAL Network	ibm	security_identity_governance_and_intelligence	IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. IBM…	CWE-306 Missing Authentication for Critical Function	CVE-2020-4958	2024-11-21 14:33	2021-01-21	Show	GitHub Exploit DB Packet Storm

198263	7.8	HIGH Local	ibm	spectrum_lsf spectrum_lsf_suite	IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a user on the local network who has privileges to submit LSF jobs to execute arbitrary commands. IBM X-Force ID: 192586.	CWE-287 CWE-798 Improper Authentication Use of Hard-coded Credentials	CVE-2020-4983	2024-11-21 14:33	2021-01-21	Show	GitHub Exploit DB Packet Storm

198264	8.8	HIGH Network	ibm	security_guardium	IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete inform…	CWE-89 SQL Injection	CVE-2020-4921	2024-11-21 14:33	2021-01-21	Show	GitHub Exploit DB Packet Storm

198265	5.5	MEDIUM Local	ibm	aix vios	IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit a vulnerability in the gencore user command to create arbitrary files in any directory. IBM X-Force ID: 190911.	NVD-CWE-noinfo	CVE-2020-4887	2024-11-21 14:33	2021-01-21	Show	GitHub Exploit DB Packet Storm

198266	7.8	HIGH Local	ibm	security_guardium	IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on the system as an unprivileged user, caused by command injection vulnerability. IBM X-Force ID: 186700.	CWE-77 Command Injection	CVE-2020-4688	2024-11-21 14:33	2021-01-21	Show	GitHub Exploit DB Packet Storm

198267	7.5	HIGH Network	ibm	planning_analytics	IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted …	CWE-346 Origin Validation Error	CVE-2020-4881	2024-11-21 14:33	2021-01-20	Show	GitHub Exploit DB Packet Storm

198268	5.3	MEDIUM Network	ibm	planning_analytics	IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.	CWE-863 Incorrect Authorization	CVE-2020-4873	2024-11-21 14:33	2021-01-20	Show	GitHub Exploit DB Packet Storm

198269	5.5	MEDIUM Local	ibm	planning_analytics	IBM Planning Analytics 2.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 190834.	CWE-922 Insecure Storage of Sensitive Information	CVE-2020-4871	2024-11-21 14:33	2021-01-20	Show	GitHub Exploit DB Packet Storm

198270	5.4	MEDIUM Network	ibm	api_connect	IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func…	CWE-79 Cross-site Scripting	CVE-2020-4838	2024-11-21 14:33	2021-01-13	Show	GitHub Exploit DB Packet Storm