Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252321	9.3	危険	IBM	-	IBM Tivoli Provisioning Manager Express におけるスタックベースのバッファオーバーフローの脆弱性	CWE-DesignError	CVE-2012-0198	2012-03-7 14:53	2012-03-6	Show	GitHub Exploit DB Packet Storm

252322	4	警告	シックス・アパート株式会社	-	Movable Type のデフォルト設定におけるディレクトリトラバーサル攻撃の脆弱性	CWE-22 パス・トラバーサル	CVE-2012-1497	2012-03-6 15:22	2012-03-3	Show	GitHub Exploit DB Packet Storm

252323	4.3	警告	シックス・アパート株式会社	-	Movable Type の cgi-bin/mt/mt-wizard.cgi におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1262	2012-03-6 15:20	2012-03-3	Show	GitHub Exploit DB Packet Storm

252324	4.3	警告	IBM	-	複数の IBM 製品の Gantt applet viewer におけるクロスサイトスクリプティングの脆弱性	-	CVE-2012-0715	2012-03-6 14:44	2012-03-2	Show	GitHub Exploit DB Packet Storm

252325	7.8	危険	IBM	-	IBM AIX および VIOS におけるサービス運用妨害 (システムクラッシュ) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1385	2012-03-6 14:42	2012-02-24	Show	GitHub Exploit DB Packet Storm

252326	7.5	危険	Novell	-	Novell GroupWise のクライアントにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2011-4189	2012-03-6 14:42	2012-02-23	Show	GitHub Exploit DB Packet Storm

252327	9.3	危険	IBM	-	IBM Personal Communications の pcsws.exe におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-0201	2012-03-5 15:26	2011-02-20	Show	GitHub Exploit DB Packet Storm

252328	7.5	危険	アップル	-	Apple Safari で使用される WebKit における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2011-3443	2012-03-5 15:26	2012-03-2	Show	GitHub Exploit DB Packet Storm

252329	4.3	警告	ES APP Group	-	ES ファイルエクスプローラーにおけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-0322	2012-03-5 12:02	2012-03-5	Show	GitHub Exploit DB Packet Storm

252330	4.3	警告	Ulysses	-	WordPress 用 Black-LetterHead テーマにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-3865	2012-03-5 11:09	2011-09-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
202661	6.4	MEDIUM Network	phpoffice	phpspreadsheet	This affects the package phpoffice/phpspreadsheet from 0.0.0. The library is vulnerable to XSS when creating an html output from an excel file by adding a comment on any cell. The root cause of this …	CWE-79 Cross-site Scripting	CVE-2020-7776	2024-11-21 14:37	2020-12-10	Show	GitHub Exploit DB Packet Storm

202662	8.2	HIGH Network	react-adal_project	react-adal	This affects all versions of package react-adal. It is possible for a specially crafted JWT token and request URL can cause the nonce, session and refresh values to be incorrectly validated, causing …	CWE-287 Improper Authentication	CVE-2020-7787	2024-11-21 14:37	2020-12-10	Show	GitHub Exploit DB Packet Storm

202663	6.7	MEDIUM Local	mcafee	virusscan_enterprise	Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through …	-	CVE-2020-7337	2024-11-21 14:37	2020-12-9	Show	GitHub Exploit DB Packet Storm

202664	9.8	CRITICAL Network	schneider-electric	acti9_smartlink_si_d_firmware acti9_smartlink_si_b_firmware acti9_powertag_link_firmware acti9_powertag_link_hd_firmware acti9_smartlink_el_b_firmware wiser_link_firmware wiser_ener…	A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorize…	-	CVE-2020-7548	2024-11-21 14:37	2020-12-2	Show	GitHub Exploit DB Packet Storm

202665	8.8	HIGH Network	schneider-electric	ecostruxure_energy_expert ecostruxure_power_monitoring_expert power_manager powerscada_operation_with_advanced_reporting_and_dashboards powerscada_expert_with_advanced_reporting_and_dashb…	A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a u…	NVD-CWE-Other	CVE-2020-7547	2024-11-21 14:37	2020-12-2	Show	GitHub Exploit DB Packet Storm

202666	5.4	MEDIUM Network	schneider-electric	ecostruxure_energy_expert ecostruxure_power_monitoring_expert power_manager powerscada_operation_with_advanced_reporting_and_dashboards powerscada_expert_with_advanced_reporting_and_dashb…	A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for versio…	-	CVE-2020-7546	2024-11-21 14:37	2020-12-2	Show	GitHub Exploit DB Packet Storm

202667	7.2	HIGH Network	schneider-electric	ecostruxure_energy_expert ecostruxure_power_monitoring_expert power_manager powerscada_operation_with_advanced_reporting_and_dashboards powerscada_expert_with_advanced_reporting_and_dashb…	A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for …	NVD-CWE-Other	CVE-2020-7545	2024-11-21 14:37	2020-12-2	Show	GitHub Exploit DB Packet Storm

202668	9.8	CRITICAL Network	schneider-electric	modicon_m340_bmxp3420302_firmware modicon_m340_bmxp342000_firmware modicon_m340_bmxp341000_firmware modicon_m340_bmxp3420102_firmware bmxnoe0100_firmware bmxnoe0110_firmware bmxnoc0…	A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for v…	NVD-CWE-noinfo	CVE-2020-7533	2024-11-21 14:37	2020-12-2	Show	GitHub Exploit DB Packet Storm

202669	7.8	HIGH Local	mcafee	total_protection	Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by cr…	-	CVE-2020-7335	2024-11-21 14:37	2020-12-1	Show	GitHub Exploit DB Packet Storm

202670	8.8	HIGH Network	softwaremill	akka-http-session	This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-ses…	CWE-352 Origin Validation Error	CVE-2020-7780	2024-11-21 14:37	2020-11-28	Show	GitHub Exploit DB Packet Storm