Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 4:11 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249781 5.1 警告 dmitry sheiko - Dmitry Sheiko SAPID Gallery における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4065 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249782 7.5 危険 csaba godor - Csaba Godor SAPID Blog Beta における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4063 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249783 5.1 警告 dmitry sheiko - Dmitry Sheiko SAPID Shop の usr/extensions/get_tree.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4062 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249784 7.5 危険 ehmig - ME Download System における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4054 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249785 5.1 警告 ehmig - ME Download System の templates/header.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4053 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249786 7.5 危険 david walker - phpAMA の auto_check_renewals.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4050 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249787 7.5 危険 brad fears - Brad Fears phpCodeCabine の Beautifier/Core.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-4044 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249788 7.5 危険 chaossoft - GaesteChaos の eintragen.php における SQL インジェクションの脆弱性 - CVE-2006-4039 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249789 4.3 警告 chaossoft - GaesteChaos の eintragen.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-4038 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
249790 10 危険 fenestrae - Fenestrae Faxination Server における任意のコードを実行される脆弱性 - CVE-2006-4037 2012-06-26 15:37 2006-08-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
209271 9.8 CRITICAL
Network 		wordpress
fedoraproject
debian 		wordpress
fedora
debian_linux 		WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC. NVD-CWE-noinfo
CVE-2020-28035 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209272 6.1 MEDIUM
Network 		wordpress
fedoraproject
debian 		wordpress
fedora
debian_linux 		WordPress before 5.5.2 allows XSS associated with global variables. CWE-79
Cross-site Scripting 		CVE-2020-28034 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209273 7.5 HIGH
Network 		wordpress
fedoraproject
debian 		wordpress
fedora
debian_linux 		WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. NVD-CWE-noinfo
CVE-2020-28033 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209274 9.8 CRITICAL
Network 		wordpress
fedoraproject
debian 		wordpress
fedora
debian_linux 		WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php. CWE-502
 Deserialization of Untrusted Data 		CVE-2020-28032 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209275 4.3 MEDIUM
Network 		eramba eramba eramba through c2.8.1 allows HTTP Host header injection with (for example) resultant wkhtml2pdf PDF printing by authenticated users. CWE-20
CWE-74
 Improper Input Validation 
Injection 		CVE-2020-28031 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209276 7.5 HIGH
Network 		wireshark
debian
fedoraproject 		wireshark
debian_linux
fedora 		In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement. CWE-682
CWE-770
CWE-835
 Incorrect Calculation
 Allocation of Resources Without Limits or Throttling
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2020-28030 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209277 5.3 MEDIUM
Network 		sonarsource sonarqube In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. With an empty value for the -D sonar.login option, anonymous authentication is forced. This allo… CWE-287
Improper Authentication 		CVE-2020-28002 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209278 7.8 HIGH
Local 		wondershare dr.fone Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2020-27992 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209279 6.1 MEDIUM
Network 		icewarp mail_server IceWarp 11.4.5.0 allows XSS via the language parameter. CWE-79
Cross-site Scripting 		CVE-2020-27982 2024-11-21 14:22 2020-11-3 Show GitHub Exploit DB Packet Storm
209280 9.8 CRITICAL
Network 		fast-report fastreport An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress. CWE-862
 Missing Authorization 		CVE-2020-27998 2024-11-21 14:22 2020-10-30 Show GitHub Exploit DB Packet Storm