Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230411	7.5	危険	pnews systems	-	Joshua Wilson pNews System の includes/global.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5022	2012-12-20 18:02	2006-09-27	Show	GitHub Exploit DB Packet Storm

230412	7.5	危険	redblog	-	redgun RedBLoG における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5021	2012-12-20 18:02	2006-09-27	Show	GitHub Exploit DB Packet Storm

230413	7.5	危険	solidstate	-	SolidState における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5020	2012-12-20 18:02	2006-09-27	Show	GitHub Exploit DB Packet Storm

230414	7.5	危険	voice of web	-	Voodoo chat における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4993	2012-12-20 18:02	2006-09-25	Show	GitHub Exploit DB Packet Storm

230415	3.6	注意	RSAセキュリティ	-	RSA KeonCA Manager における悪意のある認証局動作を隠される脆弱性	-	CVE-2006-4991	2012-12-20 18:02	2006-09-25	Show	GitHub Exploit DB Packet Storm

230416	4.6	警告	シマンテック	-	Symantec Sygate NAC におけるコントロールメソッドを回避される脆弱性	-	CVE-2006-4981	2012-12-20 18:02	2006-09-25	Show	GitHub Exploit DB Packet Storm

230417	5	警告	walter beschmout	-	Walter Beschmout PhpQuiz の cfgphpquiz/install.php における config.inc.php の任意の PHP コードを挿入される脆弱性	-	CVE-2006-4979	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

230418	7.5	危険	walter beschmout	-	Walter Beschmout PhpQuiz における SQL インジェクションの脆弱性	-	CVE-2006-4978	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

230419	5	警告	walter beschmout	-	Walter Beschmout PhpQuiz の back/upload_img.php などにおける任意の PHP コードをアップロードされる脆弱性	-	CVE-2006-4977	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

230420	2.6	注意	Yahoo!	-	WAP 用の Yahoo! Messenger における任意の Web スクリプトまたは HTML を挿入される脆弱性	-	CVE-2006-4975	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
198771	5.7	MEDIUM Network	wordpress fedoraproject debian	wordpress fedora debian_linux	In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has…	-	CVE-2020-4048	2024-11-21 14:32	2020-06-13	Show	GitHub Exploit DB Packet Storm

198772	6.8	MEDIUM Network	wordpress fedoraproject debian	wordpress fedora debian_linux	In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to sc…	-	CVE-2020-4047	2024-11-21 14:32	2020-06-13	Show	GitHub Exploit DB Packet Storm

198773	5.4	MEDIUM Network	wordpress debian fedoraproject	wordpress debian_linux fedora	In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected post…	CWE-79 Cross-site Scripting	CVE-2020-4046	2024-11-21 14:32	2020-06-13	Show	GitHub Exploit DB Packet Storm

198774	5.4	MEDIUM Network	ibm	api_connect	IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…	CWE-79 Cross-site Scripting	CVE-2020-4251	2024-11-21 14:32	2020-06-12	Show	GitHub Exploit DB Packet Storm

198775	7.5	HIGH Network	scuttlebutt	ssb-db	SSB-DB version 20.0.0 has an information disclosure vulnerability. The get() method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any me…	-	CVE-2020-4045	2024-11-21 14:32	2020-06-12	Show	GitHub Exploit DB Packet Storm

198776	9.8	CRITICAL Network	hcltech	hcl_digital_experience	"HCL Digital Experience is susceptible to Server Side Request Forgery."	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2020-4101	2024-11-21 14:32	2020-06-11	Show	GitHub Exploit DB Packet Storm

198777	5.4	MEDIUM Network	ibm	workload_scheduler	IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti…	CWE-79 Cross-site Scripting	CVE-2020-4380	2024-11-21 14:32	2020-06-11	Show	GitHub Exploit DB Packet Storm

198778	9.8	CRITICAL Network	phpmussel_project	phpmussel	phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution…	-	CVE-2020-4043	2024-11-21 14:32	2020-06-11	Show	GitHub Exploit DB Packet Storm

198779	7.5	HIGH Network	ibm	aspera_high-speed_transfer_server_for_cloud_pak_for_integration aspera_shares_on_demand aspera_server_on_demand aspera_faspex_on_demand aspera_application_platform_on_demand aspera_tra…	Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a s…	CWE-120 Classic Buffer Overflow	CVE-2020-4436	2024-11-21 14:32	2020-06-10	Show	GitHub Exploit DB Packet Storm

198780	7.5	HIGH Network	ibm	aspera_high-speed_transfer_server_for_cloud_pak_for_integration aspera_shares_on_demand aspera_server_on_demand aspera_faspex_on_demand aspera_application_platform_on_demand aspera_tra…	Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitr…	CWE-787 Out-of-bounds Write	CVE-2020-4435	2024-11-21 14:32	2020-06-10	Show	GitHub Exploit DB Packet Storm