Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 18, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230951	5	警告	scriptsez.net	-	Scriptsez.net E-Dating System の cindex.php におけるフルパスを取得される脆弱性	-	CVE-2006-7060	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230952	4.3	警告	scriptsez.net	-	Scriptsez.net E-Dating System におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-7059	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230953	4.3	警告	Ando Saabas	-	Sphider におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7058	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230954	7.5	危険	Ando Saabas	-	Sphider の search.php における SQL インジェクションの脆弱性	-	CVE-2006-7057	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230955	6.8	警告	sweetphp	-	TotalCalendar の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-7055	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230956	6.8	警告	Wikka Development Team	-	WikkaWiki におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-7050	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230957	7.5	危険	Wikka Development Team	-	WikkaWiki の Method メソッドにおけるアクセス制限を回避される脆弱性	-	CVE-2006-7049	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230958	5	警告	shoutpro	-	Shoutpro の include.php における禁止 IP 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2006-7047	2012-12-20 18:18	2007-02-23	Show	GitHub Exploit DB Packet Storm

230959	7.8	危険	super link exchange script	-	Super Link Exchange Script の make_thumbnail.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-7035	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

230960	7.5	危険	super link exchange script	-	Super Link Exchange Script の directory.php における SQL インジェクションの脆弱性	-	CVE-2006-7034	2012-12-20 18:18	2007-02-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 18, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
212491	9.8	CRITICAL Network	advantech	webaccess	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data,…	CWE-787 Out-of-bounds Write	CVE-2020-12002	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

212492	7.5	HIGH Network	zohocorp	manageengine_opmanager	Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.	CWE-22 Path Traversal	CVE-2020-12116	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

212493	7.8	HIGH Local	solarwinds	managed_service_provider_patch_management_engine	An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds …	CWE-276 Incorrect Default Permissions	CVE-2020-12608	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

212494	5.3	MEDIUM Network	gitlab	gitlab	GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet.	CWE-22 Path Traversal	CVE-2020-12448	2024-11-21 13:59	2020-05-8	Show	GitHub Exploit DB Packet Storm

212495	6.5	MEDIUM Network	gnu debian fedoraproject opensuse canonical	mailman debian_linux fedora leap backports_sle ubuntu_linux	/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.	CWE-74 Injection	CVE-2020-12108	2024-11-21 13:59	2020-05-7	Show	GitHub Exploit DB Packet Storm

212496	7.8	HIGH Local	avira	software_updater	An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary fil…	NVD-CWE-noinfo	CVE-2020-12463	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

212497	5.3	MEDIUM Network	grin	grin	Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain.	CWE-404 Improper Resource Shutdown or Release	CVE-2020-12439	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

212498	4.9	MEDIUM Network	silver-peak	unity_edgeconnect_for_google_cloud_platform unity_edgeconnect_for_azure unity_edgeconnect_for_amazon_web_services unity_orchestrator vx-500_firmware vx-1000_firmware vx-2000_firmwar…	The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untruste…	CWE-295 Improper Certificate Validation	CVE-2020-12144	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

212499	4.9	MEDIUM Network	silver-peak	unity_edgeconnect_for_google_cloud_platform unity_edgeconnect_for_azure unity_edgeconnect_for_amazon_web_services unity_orchestrator vx-500_firmware vx-1000_firmware vx-2000_firmwar…	The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.	CWE-295 Improper Certificate Validation	CVE-2020-12143	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm

212500	4.9	MEDIUM Network	silver-peak	unity_edgeconnect_for_google_cloud_platform unity_edgeconnect_for_azure unity_edgeconnect_for_amazon_web_services unity_orchestrator vx-500_firmware vx-1000_firmware vx-2000_firmwar…	1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could …	CWE-668 Exposure of Resource to Wrong Sphere	CVE-2020-12142	2024-11-21 13:59	2020-05-6	Show	GitHub Exploit DB Packet Storm