Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 28, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253061 9.3 危険 KDE project
Glyph & Cog, LLC
GNOME Project
サイバートラスト株式会社
レッドハット		 - Xpdf、gpdf および kpdf の FoFiType1::parse 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4035 2010-01-29 09:54 2009-12-16 Show GitHub Exploit DB Packet Storm
253062 7.8 危険 Mozilla Foundation - Mozilla Firefox/SeaMonkey の GeckoActiveXObject 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-3987 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
253063 7.6 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3986 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
253064 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey におけるコンテンツを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3985 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253065 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3984 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253066 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性 CWE-Other
その他 		CVE-2009-3983 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253067 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2009-3389 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
253068 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3388 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
253069 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3982 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
253070 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3981 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 28, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 8.8 HIGH
Network 		- - A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argum… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7098 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
102 8.8 HIGH
Network 		- - A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argumen… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7099 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
103 9.8 CRITICAL
Network 		- - Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing the classname allowlist and allowin… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41635 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
104 8.8 HIGH
Network 		- - A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overf… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7100 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
105 8.8 HIGH
Network 		- - A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Re… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7101 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
106 6.3 MEDIUM
Network 		- - A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in comm… New CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7102 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
107 9.4 CRITICAL
Network 		- - The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component (MailHeaderFilterStrategy) only filters the 'out' direction via setOu… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-33454 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
108 9.8 CRITICAL
Network 		- - The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41409 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
109 8.2 HIGH
Network 		- - When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-platform-http-main) and a non-root context path such as /api or /admin is configured via c… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-40022 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
110 8.8 HIGH
Network 		- - The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInput… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-40858 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm