Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 4, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
251971	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3645	2011-02-2 15:05	2010-11-4	Show	GitHub Exploit DB Packet Storm

251972	10	危険	アドバンテック株式会社	-	Advantech Studio Test Web Server にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0488	2011-02-2 15:00	2011-01-13	Show	GitHub Exploit DB Packet Storm

251973	10	危険	WellinTech	-	WellinTech KingView 6.53 にヒープオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2011-0406	2011-02-2 14:59	2011-01-13	Show	GitHub Exploit DB Packet Storm

251974	6.8	警告	PNG Development Group	-	libpng 1.5.0 の png_set_rgb_to_gray() 関数に脆弱性	CWE-189 数値処理の問題	CVE-2011-0408	2011-02-2 14:59	2011-01-12	Show	GitHub Exploit DB Packet Storm

251975	5	警告	PolyVision	-	PolyVision RoomWizard に脆弱性	CWE-200 情報漏えい	CVE-2010-0214	2011-02-2 14:59	2011-01-11	Show	GitHub Exploit DB Packet Storm

251976	5.1	警告	Opera Software ASA	-	Opera における実行ファイル読み込みに関する脆弱性	CWE-Other その他	CVE-2011-0450	2011-02-2 14:02	2011-02-2	Show	GitHub Exploit DB Packet Storm

251977	4.3	警告	株式会社ロックオン	-	EC-CUBE におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2011-0451	2011-02-2 14:01	2011-02-2	Show	GitHub Exploit DB Packet Storm

251978	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3644	2011-02-1 16:29	2010-11-4	Show	GitHub Exploit DB Packet Storm

251979	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3643	2011-02-1 16:28	2010-11-4	Show	GitHub Exploit DB Packet Storm

251980	9.3	危険	アップルアドビシステムズレッドハットオラクル	-	Adobe Flash Player における任意のコードを実行される脆弱性	CWE-noinfo 情報不足	CVE-2010-3642	2011-02-1 16:27	2010-11-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1001	4.7	MEDIUM Network	-	-	A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view_order.php of the component GET Parame…	CWE-74 CWE-89 Injection SQL Injection	CVE-2026-7394	2026-04-30 03:16	2026-04-30	Show	GitHub Exploit DB Packet Storm

1002	8.6	HIGH Network	-	-	A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could ca…	CWE-130 Improper Handling of Length Parameter Inconsistency	CVE-2026-5367	2026-04-30 03:16	2026-04-24	Show	GitHub Exploit DB Packet Storm

1003	6.5	MEDIUM Network	vmware	spring_ai	In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by `ForkPDFLayoutTextStripper`. Affected versions: Spring AI: 1.0.0 - 1.…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-40980	2026-04-30 03:15	2026-04-28	Show	GitHub Exploit DB Packet Storm

1004	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in check_wsl_eas() The bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA n…	CWE-125 Out-of-bounds Read	CVE-2026-31614	2026-04-30 03:03	2026-04-25	Show	GitHub Exploit DB Packet Storm

1005	8.8	HIGH Network	tenda	f456_firmware	A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Re…	CWE-119 CWE-120 Incorrect Access of Indexable Resource ('Range Error') Classic Buffer Overflow	CVE-2026-7101	2026-04-30 02:42	2026-04-27	Show	GitHub Exploit DB Packet Storm

1006	8.8	HIGH Network	tenda	f456_firmware	A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in comm…	CWE-74 CWE-77 Injection Command Injection	CVE-2026-7102	2026-04-30 02:41	2026-04-27	Show	GitHub Exploit DB Packet Storm

1007	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate.	CWE-248 Uncaught Exception	CVE-2026-5937	2026-04-30 02:31	2026-04-27	Show	GitHub Exploit DB Packet Storm

1008	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.	CWE-691 Insufficient Control Flow Management	CVE-2026-5938	2026-04-30 02:29	2026-04-27	Show	GitHub Exploit DB Packet Storm

1009	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution.	CWE-416 Use After Free	CVE-2026-5939	2026-04-30 02:28	2026-04-27	Show	GitHub Exploit DB Packet Storm

1010	5.5	MEDIUM Local	foxit	pdf_editor pdf_reader	Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.	CWE-416 Use After Free	CVE-2026-5940	2026-04-30 02:26	2026-04-27	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed