Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229091 7.5 危険 uapplication - Uapplication UPhotoGallery における SQL インジェクションの脆弱性 - CVE-2006-6247 2012-12-20 18:02 2006-12-4 Show GitHub Exploit DB Packet Storm
229092 6.8 警告 s9y - Serendipity におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2006-6242 2012-12-20 18:02 2006-12-3 Show GitHub Exploit DB Packet Storm
229093 4 警告 telnet ftp server - Sorin Chitu Telnet-FTP Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2006-6241 2012-12-20 18:02 2006-12-3 Show GitHub Exploit DB Packet Storm
229094 4 警告 telnet ftp server - Sorin Chitu Telnet-FTP Server におけるディレクトリトラバーサルの脆弱性 - CVE-2006-6240 2012-12-20 18:02 2006-12-3 Show GitHub Exploit DB Packet Storm
229095 7.5 危険 woltlab - Woltlab Burning Board Lite の thread.php における SQL インジェクションの脆弱性 - CVE-2006-6237 2012-12-20 18:02 2006-12-3 Show GitHub Exploit DB Packet Storm
229096 7.5 危険 postnuke software foundation - PostNuke の Downloads モジュールにおける SQL インジェクションの脆弱性 - CVE-2006-6233 2012-12-20 18:02 2006-12-2 Show GitHub Exploit DB Packet Storm
229097 5 警告 vubb - vuBB における重要な情報を取得される脆弱性 - CVE-2006-6231 2012-12-20 18:02 2006-12-1 Show GitHub Exploit DB Packet Storm
229098 7.5 危険 vubb - vuBB における SQL インジェクションの脆弱性 - CVE-2006-6230 2012-12-20 18:02 2006-12-1 Show GitHub Exploit DB Packet Storm
229099 7.5 危険 puntal - Puntal のインストールスクリプトにおける PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6224 2012-12-20 18:02 2006-12-1 Show GitHub Exploit DB Packet Storm
229100 10 危険 シマンテック - Symantec Veritas NetBackup の NetBackup bpcd デーモンにおけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-6222 2012-12-20 18:02 2006-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 30, 2026, 4:58 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
801 8.8 HIGH
Network 		- - A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results … Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7056 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
802 8.8 HIGH
Network 		- - A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes… Update CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7057 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
803 7.0 HIGH
Local 		- - Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting system-level acce… New CWE-362
Race Condition 		CVE-2026-3006 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
804 8.8 HIGH
Network 		- - A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument pa… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7078 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
805 8.8 HIGH
Network 		- - A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes bu… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7079 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
806 8.8 HIGH
Network 		- - A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the ar… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7080 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
807 - - - An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration fi… New CWE-282
 Improper Ownership Management 		CVE-2026-3867 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
808 8.8 HIGH
Network 		- - A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7081 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
809 8.8 HIGH
Network 		- - A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the arg… New CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7082 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm
810 6.6 MEDIUM
Local 		- - Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application. New CWE-134
Use of Externally-Controlled Format String 		CVE-2026-3008 2026-04-28 03:57 2026-04-27 Show GitHub Exploit DB Packet Storm