Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
231571 5 警告 phpmygallery - PHPmyGallery の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5598 2012-12-20 18:52 2008-12-16 Show GitHub Exploit DB Packet Storm
231572 4.3 警告 phpPgAdmin - phpPgAdmin の libraries/lib.inc.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-5587 2012-12-20 18:52 2008-12-16 Show GitHub Exploit DB Packet Storm
231573 4.3 警告 ProjectPier - ProjectPier におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5584 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231574 6.8 警告 ProjectPier - ProjectPier の index.php におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-5583 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231575 7.5 危険 scssboard - sCssBoard の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5578 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231576 7.5 危険 scssboard - sCssBoard の index.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-5577 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231577 7.5 危険 scssboard - sCssBoard の admin/forums.php における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-5576 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231578 7.5 危険 proclanmanager - Pro Clan Manager におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2008-5575 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231579 7.5 危険 unscripts - Webmaster Marketplace の member.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-5574 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
231580 4.3 警告 phpeppershop - PHPepperShop におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-5569 2012-12-20 18:52 2008-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
210081 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability. CWE-79
Cross-site Scripting 		CVE-2020-2162 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
210082 5.4 MEDIUM
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored X… CWE-79
Cross-site Scripting 		CVE-2020-2161 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
210083 8.8 HIGH
Network 		jenkins jenkins Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL. CWE-352
 Origin Validation Error 		CVE-2020-2160 2024-11-21 14:24 2020-03-26 Show GitHub Exploit DB Packet Storm
210084 8.8 HIGH
Network 		jenkins cryptomove Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. CWE-78
OS Command  		CVE-2020-2159 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
210085 8.8 HIGH
Network 		jenkins literate Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-2158 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
210086 4.3 MEDIUM
Network 		jenkins skytap_cloud_ci Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2157 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
210087 4.3 MEDIUM
Network 		jenkins deployhub Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2156 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
210088 5.3 MEDIUM
Network 		jenkins openshift_deployer Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2155 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
210089 5.5 MEDIUM
Local 		jenkins zephyr_for_jira_test_management Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system. CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2020-2154 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm
210090 4.3 MEDIUM
Network 		jenkins backlog Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2020-2153 2024-11-21 14:24 2020-03-10 Show GitHub Exploit DB Packet Storm