Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
200601	5.5	MEDIUM Local	jenkins	elastest	Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins …	CWE-312 Cleartext Storage of Sensitive Information	CVE-2020-2274	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200602	4.3	MEDIUM Network	jenkins	elastest	A cross-site request forgery (CSRF) vulnerability in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.	CWE-352 Origin Validation Error	CVE-2020-2273	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200603	4.3	MEDIUM Network	jenkins	elastest	A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.	CWE-862 Missing Authorization	CVE-2020-2272	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200604	5.4	MEDIUM Network	jenkins	locked_files_report	Jenkins Locked Files Report Plugin 1.6 and earlier does not escape locked files' names in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Co…	CWE-79 Cross-site Scripting	CVE-2020-2271	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200605	5.4	MEDIUM Network	jenkins	clearcase_release	Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the composite baseline in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with …	CWE-79 Cross-site Scripting	CVE-2020-2270	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200606	5.4	MEDIUM Network	jenkins	chosen-views-tabbar	Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers …	CWE-79 Cross-site Scripting	CVE-2020-2269	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200607	8.8	HIGH Network	jenkins	mongodb	A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.	CWE-352 Origin Validation Error	CVE-2020-2268	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200608	4.3	MEDIUM Network	jenkins	mongodb	A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller.	CWE-862 Missing Authorization	CVE-2020-2267	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200609	5.4	MEDIUM Network	jenkins	description_column	Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers wi…	CWE-79 Cross-site Scripting	CVE-2020-2266	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm

200610	5.4	MEDIUM Network	jenkins	coverage\/complexity_scatter_plot	Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by att…	CWE-79 Cross-site Scripting	CVE-2020-2265	2024-11-21 14:25	2020-09-16	Show	GitHub Exploit DB Packet Storm