Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 7, 2026, 4:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229501 10 危険 VMware - EMC VMware Workstation などの SC dhcpd および DHCP サーバにおける整数オーバーフローの脆弱性 CWE-119
CWE-189
CVE-2007-0062 2012-12-20 18:19 2007-09-21 Show GitHub Exploit DB Packet Storm
229502 10 危険 VMware - EMC VMware Workstation などの DHCP サーバにおける任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2007-0061 2012-12-20 18:19 2007-09-21 Show GitHub Exploit DB Packet Storm
229503 7.5 危険 vizayn haber - Vizayn Haber の haberdetay.asp における SQL インジェクションの脆弱性 - CVE-2007-0052 2012-12-20 18:19 2007-01-4 Show GitHub Exploit DB Packet Storm
229504 6.8 警告 VideoLAN - VideoLAN VLC の CDDA プラグイなどにおけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2007-0017 2012-12-20 18:19 2007-01-2 Show GitHub Exploit DB Packet Storm
229505 4.4 警告 サン・マイクロシステムズ - ChainKey Java Code Protection における Java クラスファイルをデコンパイルされる脆弱性 CWE-310
暗号の問題 		CVE-2007-0014 2012-12-20 18:19 2007-01-16 Show GitHub Exploit DB Packet Storm
229506 7.8 危険 Canonical - Ubuntu 上で稼動する Linux Kernel の skge ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2006-7229 2012-12-20 18:19 2007-11-14 Show GitHub Exploit DB Packet Storm
229507 7.8 危険 SAP - SAP SAPLPD におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-7220 2012-12-20 18:19 2007-07-9 Show GitHub Exploit DB Packet Storm
229508 4.3 警告 ZoneO-soft - phpTrafficA におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-7209 2012-12-20 18:19 2007-06-26 Show GitHub Exploit DB Packet Storm
229509 6.8 警告 republique francaise - Agora の modules/Mysqlfinder/MysqlfinderAdmin.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-7194 2012-12-20 18:19 2007-04-18 Show GitHub Exploit DB Packet Storm
229510 4.3 警告 web-app.net - web-app.net WebAPP の cgi-bin/user-lib/topics.pl におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-7190 2012-12-20 18:19 2007-04-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 7, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1551 6.5 MEDIUM
Network 		vmware spring_ai In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by `ForkPDFLayoutTextStripper`. Affected versions: Spring AI: 1.0.0 - 1.… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-40980 2026-04-30 03:15 2026-04-28 Show GitHub Exploit DB Packet Storm
1552 7.1 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in check_wsl_eas() The bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA n… CWE-125
Out-of-bounds Read 		CVE-2026-31614 2026-04-30 03:03 2026-04-25 Show GitHub Exploit DB Packet Storm
1553 8.8 HIGH
Network 		tenda f456_firmware A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Re… CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error') 
Classic Buffer Overflow 		CVE-2026-7101 2026-04-30 02:42 2026-04-27 Show GitHub Exploit DB Packet Storm
1554 8.8 HIGH
Network 		tenda f456_firmware A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in comm… CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-7102 2026-04-30 02:41 2026-04-27 Show GitHub Exploit DB Packet Storm
1555 5.5 MEDIUM
Local 		foxit pdf_editor
pdf_reader 		Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate. CWE-248
 Uncaught Exception 		CVE-2026-5937 2026-04-30 02:31 2026-04-27 Show GitHub Exploit DB Packet Storm
1556 5.5 MEDIUM
Local 		foxit pdf_editor
pdf_reader 		Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service. CWE-691
 Insufficient Control Flow Management 		CVE-2026-5938 2026-04-30 02:29 2026-04-27 Show GitHub Exploit DB Packet Storm
1557 5.5 MEDIUM
Local 		foxit pdf_editor
pdf_reader 		A crafted XFA PDF can trigger a use-after-free condition during calculate event processing, causing the application to crash and resulting in an arbitrary code execution. CWE-416
 Use After Free 		CVE-2026-5939 2026-04-30 02:28 2026-04-27 Show GitHub Exploit DB Packet Storm
1558 5.5 MEDIUM
Local 		foxit pdf_editor
pdf_reader 		Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes. CWE-416
 Use After Free 		CVE-2026-5940 2026-04-30 02:26 2026-04-27 Show GitHub Exploit DB Packet Storm
1559 7.1 HIGH
Local 		foxit pdf_editor
pdf_reader 		Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during inte… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-5941 2026-04-30 02:24 2026-04-27 Show GitHub Exploit DB Packet Storm
1560 5.5 MEDIUM
Local 		foxit pdf_editor
pdf_reader 		Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program. CWE-416
 Use After Free 		CVE-2026-5942 2026-04-30 02:18 2026-04-27 Show GitHub Exploit DB Packet Storm