Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 9, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230361 7.5 危険 phpgreetz - phpGreetz の includes/footer.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5192 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
230362 5.1 警告 phpBB - phpBB 用の Nivisec Static Topics モジュールにおける PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-5191 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
230363 5 警告 webgeneius - webGENEius GOOP Gallery の download.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-5188 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
230364 5.1 警告 phpmyprofiler - phpMyProfiler の functions.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5186 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
230365 7.5 危険 pkr internet - PKR Internet Taskjitsu における SQL インジェクションの脆弱性 - CVE-2006-5184 2012-12-20 18:02 2006-09-27 Show GitHub Exploit DB Packet Storm
230366 5.1 警告 powerportal - John Himmelman PowerPortal におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5169 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
230367 4.3 警告 Pebble - Simon Brown Pebble の検索機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-5168 2012-12-20 18:02 2006-10-10 Show GitHub Exploit DB Packet Storm
230368 5.1 警告 skrypty - Skrypty PPA Gallery の inc/functions.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-5165 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
230369 6.8 警告 sum effect software - Sum Effect Software digiSHOP の cart.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-5164 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
230370 5.1 警告 トレンドマイクロ - TrendMicro OSCE の ActiveX コントロールにおけるフォーマットストリングの脆弱性 - CVE-2006-5157 2012-12-20 18:02 2006-10-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 9, 2026, 5:07 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
198661 7.8 HIGH
Local 		vmware horizon_client VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system whe… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-3961 2024-11-21 14:32 2020-06-16 Show GitHub Exploit DB Packet Storm
198662 7.5 HIGH
Network 		ibm spectrum_protect_client
spectrum_protect_for_space_management 		IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.… CWE-287
Improper Authentication 		CVE-2020-4494 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198663 6.5 MEDIUM
Network 		ibm spectrum_protect_plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 1… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2020-4477 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198664 6.5 MEDIUM
Network 		ibm spectrum_protect_plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote serv… CWE-306
Missing Authentication for Critical Function 		CVE-2020-4471 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198665 8.0 HIGH
Network 		ibm spectrum_protect_plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2020-4470 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198666 9.8 CRITICAL
Network 		ibm spectrum_protect_plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulner… CWE-78
OS Command  		CVE-2020-4469 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198667 9.8 CRITICAL
Network 		ibm spectrum_protect_plus IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to e… CWE-798
 Use of Hard-coded Credentials 		CVE-2020-4216 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198668 5.4 MEDIUM
Network 		ibm spectrum_protect_client
spectrum_protect_for_space_management 		IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.… CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2020-4406 2024-11-21 14:32 2020-06-15 Show GitHub Exploit DB Packet Storm
198669 3.1 LOW
Network 		wordpress
fedoraproject
debian 		wordpress
fedora
debian_linux 		In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misus… - CVE-2020-4050 2024-11-21 14:32 2020-06-13 Show GitHub Exploit DB Packet Storm
198670 2.4 LOW
Network 		wordpress
fedoraproject
debian 		wordpress
fedora
debian_linux 		In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does requi… - CVE-2020-4049 2024-11-21 14:32 2020-06-13 Show GitHub Exploit DB Packet Storm