Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 12, 2026, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230861	7.5	危険	pnews systems	-	Joshua Wilson pNews System の includes/global.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5022	2012-12-20 18:02	2006-09-27	Show	GitHub Exploit DB Packet Storm

230862	7.5	危険	redblog	-	redgun RedBLoG における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5021	2012-12-20 18:02	2006-09-27	Show	GitHub Exploit DB Packet Storm

230863	7.5	危険	solidstate	-	SolidState における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5020	2012-12-20 18:02	2006-09-27	Show	GitHub Exploit DB Packet Storm

230864	7.5	危険	voice of web	-	Voodoo chat における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4993	2012-12-20 18:02	2006-09-25	Show	GitHub Exploit DB Packet Storm

230865	3.6	注意	RSAセキュリティ	-	RSA KeonCA Manager における悪意のある認証局動作を隠される脆弱性	-	CVE-2006-4991	2012-12-20 18:02	2006-09-25	Show	GitHub Exploit DB Packet Storm

230866	4.6	警告	シマンテック	-	Symantec Sygate NAC におけるコントロールメソッドを回避される脆弱性	-	CVE-2006-4981	2012-12-20 18:02	2006-09-25	Show	GitHub Exploit DB Packet Storm

230867	5	警告	walter beschmout	-	Walter Beschmout PhpQuiz の cfgphpquiz/install.php における config.inc.php の任意の PHP コードを挿入される脆弱性	-	CVE-2006-4979	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

230868	7.5	危険	walter beschmout	-	Walter Beschmout PhpQuiz における SQL インジェクションの脆弱性	-	CVE-2006-4978	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

230869	5	警告	walter beschmout	-	Walter Beschmout PhpQuiz の back/upload_img.php などにおける任意の PHP コードをアップロードされる脆弱性	-	CVE-2006-4977	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

230870	2.6	注意	Yahoo!	-	WAP 用の Yahoo! Messenger における任意の Web スクリプトまたは HTML を挿入される脆弱性	-	CVE-2006-4975	2012-12-20 18:02	2006-09-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 12, 2026, 5:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211761	5.5	MEDIUM Local	gitlab	gitlab	GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.	CWE-22 Path Traversal	CVE-2020-10977	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

211762	7.5	HIGH Network	gitlab	gitlab	GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget.	CWE-200 Information Exposure	CVE-2020-10976	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

211763	4.3	MEDIUM Network	gitlab	gitlab	GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerabilities to unauthorized users on the vulnerability feedback page.	NVD-CWE-noinfo	CVE-2020-10975	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

211764	5.5	MEDIUM Local	codeblocks	code\	A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file.	CWE-120 Classic Buffer Overflow	CVE-2020-10814	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

211765	6.5	MEDIUM Network	greenbrowser_project	greenbrowser	GreenBrowser before version 1.2 has a vulnerability where apps that rely on URL Parsing to verify that a given URL is pointing to a trust server may be susceptible to many different ways to get URL p…	NVD-CWE-Other	CVE-2020-11000	2024-11-21 13:56	2020-04-9	Show	GitHub Exploit DB Packet Storm

211766	5.6	MEDIUM Network	qemu	qemu	hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.	CWE-787 Out-of-bounds Write	CVE-2020-11102	2024-11-21 13:56	2020-04-7	Show	GitHub Exploit DB Packet Storm

211767	5.3	MEDIUM Network	mediawiki	mediawiki	In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content…	CWE-74 Injection	CVE-2020-10960	2024-11-21 13:56	2020-04-4	Show	GitHub Exploit DB Packet Storm

211768	8.8	HIGH Network	apachefriends	xampp	An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (includ…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2020-11107	2024-11-21 13:56	2020-04-3	Show	GitHub Exploit DB Packet Storm

211769	8.8	HIGH Network	haproxy debian redhat fedoraproject canonical opensuse	haproxy debian_linux openshift_container_platform fedora ubuntu_linux leap	In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2…	CWE-787 Out-of-bounds Write	CVE-2020-11100	2024-11-21 13:56	2020-04-3	Show	GitHub Exploit DB Packet Storm

211770	9.8	CRITICAL Network	alienform2_project	alienform2	Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An unauthenticated, re…	CWE-94 Code Injection	CVE-2020-10948	2024-11-21 13:56	2020-04-2	Show	GitHub Exploit DB Packet Storm