Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
228701	6.8	警告	pyforum	-	PyForum などにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4407	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

228702	4.3	警告	rumbacms	-	Rumba XML の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4403	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

228703	7.5	危険	sql-ledger	-	SQL-Ledger の初期設定における管理操作を実行される脆弱性	CWE-16 環境設定	CVE-2009-4402	2012-12-20 19:28	2009-12-23	Show	GitHub Exploit DB Packet Storm

228704	7.5	危険	fr.simon rundell TYPO3 Association	-	TYPO3 用の Portsmouth Resources Database エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4396	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

228705	7.5	危険	TYPO3 Association	-	TYPO3 用の XDS Staff List エクステンションにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2009-4392	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

228706	5	警告	robert puntigam	-	TYPO3 用の watchdog エクステンションにおける重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2009-4389	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

228707	6.8	警告	Scriptsez.net	-	Scriptsez.net EPH におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-4385	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

228708	4.3	警告	Scriptsez.net	-	Scriptsez.net EPH におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4384	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

228709	4.3	警告	phpfaber	-	PHPFABER CMS の module.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4382	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

228710	4.3	警告	texmedia	-	texmedia Million Pixel Script の index.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-4381	2012-12-20 19:28	2009-12-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202941	5.2	MEDIUM Local	mcafee	data_loss_prevention	Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log …	CWE-522 Insufficiently Protected Credentials	CVE-2020-7306	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202942	6.5	MEDIUM Network	mcafee	data_loss_prevention	Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user …	CWE-269 Improper Privilege Management	CVE-2020-7305	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202943	7.6	HIGH Adjacent	mcafee	data_loss_prevention	Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.	CWE-352 Origin Validation Error	CVE-2020-7304	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202944	4.1	MEDIUM Adjacent	mcafee	data_loss_prevention	Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new l…	CWE-79 Cross-site Scripting	CVE-2020-7303	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202945	6.4	MEDIUM Network	mcafee	data_loss_prevention	Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management …	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2020-7302	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202946	4.6	MEDIUM Network	mcafee	data_loss_prevention	Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case manageme…	CWE-79 Cross-site Scripting	CVE-2020-7301	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202947	6.3	MEDIUM Network	mcafee	data_loss_prevention	Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only…	CWE-863 Incorrect Authorization	CVE-2020-7300	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202948	7.8	HIGH Local	documalis	free_pdf_scanner free_pdf_editor	Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit thi…	CWE-120 Classic Buffer Overflow	CVE-2020-7374	2024-11-21 14:37	2020-08-13	Show	GitHub Exploit DB Packet Storm

202949	8.8	HIGH Network	handysoft	hslogin2.dll	hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of…	CWE-354 Improper Validation of Integrity Check Value	CVE-2020-7810	2024-11-21 14:37	2020-08-8	Show	GitHub Exploit DB Packet Storm

202950	7.8	HIGH Local	raonwiz	k_upload	MyBrowserPlus downloads the files needed to run the program through the setup file (Setup.inf). At this time, there is a vulnerability in downloading arbitrary files due to insufficient integrity ver…	CWE-494 Download of Code Without Integrity Check	CVE-2020-7817	2024-11-21 14:37	2020-08-7	Show	GitHub Exploit DB Packet Storm