Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":April 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
253061 9.3 危険 KDE project
Glyph & Cog, LLC
GNOME Project
サイバートラスト株式会社
レッドハット		 - Xpdf、gpdf および kpdf の FoFiType1::parse 関数における任意のコードを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-4035 2010-01-29 09:54 2009-12-16 Show GitHub Exploit DB Packet Storm
253062 7.8 危険 Mozilla Foundation - Mozilla Firefox/SeaMonkey の GeckoActiveXObject 関数における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2009-3987 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
253063 7.6 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2009-3986 2010-01-29 09:54 2009-12-15 Show GitHub Exploit DB Packet Storm
253064 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey におけるコンテンツを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3985 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253065 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における http URL または file URL の SSL インジケータを偽装される脆弱性 CWE-Other
その他 		CVE-2009-3984 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253066 6.8 警告 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - Mozilla Firefox/SeaMonkey における認証されたリクエストを任意のアプリケーションに送信される脆弱性 CWE-Other
その他 		CVE-2009-3983 2010-01-29 09:53 2009-12-15 Show GitHub Exploit DB Packet Storm
253067 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性 CWE-189
数値処理の問題 		CVE-2009-3389 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
253068 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2009-3388 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
253069 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3982 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
253070 9.3 危険 サイバートラスト株式会社
Mozilla Foundation
レッドハット		 - 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2009-3981 2010-01-28 12:16 2009-12-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:April 29, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
591 4.7 MEDIUM
Network 		- - A vulnerability was determined in code-projects Online Lot Reservation System 1.0. This impacts an unknown function of the file /activity.php. This manipulation of the argument directory causes unres… New CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-7133 2026-04-28 03:36 2026-04-28 Show GitHub Exploit DB Packet Storm
592 9.8 CRITICAL
Network 		- - ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without para… New CWE-89
SQL Injection 		CVE-2026-41462 2026-04-28 03:36 2026-04-28 Show GitHub Exploit DB Packet Storm
593 8.8 HIGH
Network 		- - ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions to write files outs… New CWE-22
Path Traversal 		CVE-2026-41463 2026-04-28 03:36 2026-04-28 Show GitHub Exploit DB Packet Storm
594 6.5 MEDIUM
Network 		- - ProjeQtor versions 7.0 through 12.4.3 contain a missing authorization vulnerability in the objectDetail.php endpoint that allows authenticated users with guest-level privileges to retrieve sensitive … New CWE-862
 Missing Authorization 		CVE-2026-41464 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm
595 6.5 MEDIUM
Network 		- - ProjeQtor versions 7.0 through 12.4.3 contains a path traversal vulnerability in the log file viewer at dynamicDialog.php where the logname parameter is not validated against directory traversal sequ… New CWE-22
Path Traversal 		CVE-2026-41465 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm
596 5.4 MEDIUM
Network 		- - ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText() function within Security.php that fails to properly sanitize user input by only d… New CWE-79
Cross-site Scripting 		CVE-2026-41466 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm
597 5.4 MEDIUM
Network 		- - ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the file upload functionality where the checkValidFileName() function fails to restrict HTML and HTM file … New CWE-79
Cross-site Scripting 		CVE-2026-41467 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm
598 - - - authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID (GID) differs from their UID, either bec… New CWE-842
 Placement of User into Incorrect Group 		CVE-2026-6970 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm
599 4.7 MEDIUM
Network 		- - A vulnerability was identified in code-projects Online Lot Reservation System 1.0. Affected is an unknown function of the file /edithousepic.php. Such manipulation of the argument image leads to unre… New CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-7134 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm
600 9.8 CRITICAL
Network 		- - A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a man… New CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-7136 2026-04-28 03:35 2026-04-28 Show GitHub Exploit DB Packet Storm