Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 1, 2026, 12:10 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
220571	9.3	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-3894	2013-10-22 18:06	2013-10-8	Show	GitHub Exploit DB Packet Storm

220572	7.8	危険	マイクロソフト	-	Microsoft .NET Framework におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-3860	2013-10-22 18:06	2013-10-8	Show	GitHub Exploit DB Packet Storm

220573	9.3	危険	マイクロソフト	-	複数の Microsoft 製品のカーネルモードドライバにおける任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2013-3128	2013-10-22 18:06	2013-10-8	Show	GitHub Exploit DB Packet Storm

220574	7.2	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの dxgkrnl.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2013-3888	2013-10-22 18:06	2013-10-8	Show	GitHub Exploit DB Packet Storm

220575	7.2	危険	マイクロソフト	-	Microsoft Windows 7 および Microsoft Server 2008 R2 のカーネルモードドライバの win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2013-3881	2013-10-22 18:06	2013-10-8	Show	GitHub Exploit DB Packet Storm

220576	6.8	警告	マイクロソフト	-	Microsoft SharePoint Server におけるクリックジャッキング攻撃を実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3895	2013-10-22 18:06	2013-10-8	Show	GitHub Exploit DB Packet Storm

220577	3.5	注意	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの App Container 機能におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3880	2013-10-22 18:05	2013-10-8	Show	GitHub Exploit DB Packet Storm

220578	7.2	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの win32k.sys における権限昇格の脆弱性	CWE-399 リソース管理の問題	CVE-2013-3879	2013-10-22 18:05	2013-10-8	Show	GitHub Exploit DB Packet Storm

220579	7.2	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの USB ドライバにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2013-3200	2013-10-22 18:05	2013-10-8	Show	GitHub Exploit DB Packet Storm

220580	9.3	危険	アップル	-	Apple iTunes などの製品で使用される WebKit における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-1005	2013-10-22 18:04	2013-05-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 1, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251	8.8	HIGH Network	tenda	f456_firmware	A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes bu… Update	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7079	2026-04-30 23:37	2026-04-27	Show	GitHub Exploit DB Packet Storm

252	8.8	HIGH Network	tenda	f456_firmware	A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the ar… Update	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7080	2026-04-30 23:35	2026-04-27	Show	GitHub Exploit DB Packet Storm

253	8.8	HIGH Network	tenda	f456_firmware	A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips… Update	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7081	2026-04-30 23:30	2026-04-27	Show	GitHub Exploit DB Packet Storm

254	8.8	HIGH Network	tenda	f456_firmware	A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the arg… Update	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7082	2026-04-30 23:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

255	8.8	HIGH Network	tenda	f456_firmware	A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of th… Update	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7097	2026-04-30 23:27	2026-04-27	Show	GitHub Exploit DB Packet Storm

256	7.5	HIGH Adjacent	vmware	spring_boot	An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the att… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-40972	2026-04-30 23:26	2026-04-28	Show	GitHub Exploit DB Packet Storm

257	7.0	HIGH Local	vmware	spring_boot	A local attacker on the same host as the application may be able to take control of the directory used by `ApplicationTemp`. When `server.servlet.session.persistent` is set to `true` and the attack p… New	CWE-377 Insecure Temporary File	CVE-2026-40973	2026-04-30 23:25	2026-04-28	Show	GitHub Exploit DB Packet Storm

258	3.7	LOW Network	openclaw	openclaw	OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can ex… New	CWE-362 Race Condition	CVE-2026-41913	2026-04-30 23:15	2026-04-29	Show	GitHub Exploit DB Packet Storm

259	4.8	MEDIUM Network	dlink	dgs-3420-28tc_firmware	A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name… Update	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-7026	2026-04-30 23:11	2026-04-26	Show	GitHub Exploit DB Packet Storm

260	4.8	MEDIUM Network	dlink	dsl-2740r_firmware	A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to … Update	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-7027	2026-04-30 23:10	2026-04-26	Show	GitHub Exploit DB Packet Storm