NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
313801 5.0 MEDIUM
pingtel xpressa Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2) CSeq, and (3) "To" and "From" SIP URL values in a Session Identification Protocol (SIP) request, which allows remote attackers to… NVD-CWE-Other
CVE-2002-1935 2024-02-14 10:17 2002-12-31 Show GitHub Exploit DB Packet Storm
313802 5.0 MEDIUM
francisco_burzi php-nuke sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.p… NVD-CWE-Other
CVE-2002-2032 2024-02-14 10:17 2002-12-31 Show GitHub Exploit DB Packet Storm
313803 5.0 MEDIUM
microsoft windows_xp Microsoft Windows XP allows remote attackers to cause a denial of service (CPU consumption) by flooding UDP port 500 (ISAKMP). NVD-CWE-Other
CVE-2002-2117 2024-02-14 10:17 2002-12-31 Show GitHub Exploit DB Packet Storm
313804 7.5 HIGH
comscripts web_server_creator Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to cust… NVD-CWE-Other
CVE-2002-2217 2024-02-14 10:17 2002-12-31 Show GitHub Exploit DB Packet Storm
313805 5.0 MEDIUM
ethereal_group ethereal Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote attackers to cause a denial of service (infinite loop) via malformed messages. NVD-CWE-Other
CVE-2002-1355 2024-02-14 10:17 2002-12-23 Show GitHub Exploit DB Packet Storm
313806 7.5 HIGH
ethereal_group ethereal Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed packets to the (1) LMP, (2) PPP, or (3) TDS dissectors, possi… NVD-CWE-Other
CVE-2002-1356 2024-02-14 10:17 2002-12-23 Show GitHub Exploit DB Packet Storm
313807 4.6 MEDIUM
trend_micro officescan
pc-cillin 		Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 (POP3). NVD-CWE-Other
CVE-2002-1349 2024-02-14 10:17 2002-12-18 Show GitHub Exploit DB Packet Storm
313808 5.0 MEDIUM
care_2002 care_2002 Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter… NVD-CWE-Other
CVE-2002-0998 2024-02-14 10:17 2002-10-4 Show GitHub Exploit DB Packet Storm
313809 7.5 HIGH
care_2002 care_2002 Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations. CWE-89
SQL Injection 		CVE-2002-0999 2024-02-14 10:17 2002-10-4 Show GitHub Exploit DB Packet Storm
313810 7.5 HIGH
ethereal_group ethereal Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. NVD-CWE-Other
CVE-2002-0834 2024-02-14 10:17 2002-09-24 Show GitHub Exploit DB Packet Storm
313811 10.0 HIGH
linux_directory_penguin linux_directory_penguin_traceroute Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter. NVD-CWE-Other
CVE-2002-0488 2024-02-14 10:17 2002-08-12 Show GitHub Exploit DB Packet Storm
313812 10.0 HIGH
symatec popper_mod The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured… NVD-CWE-Other
CVE-2002-0513 2024-02-14 10:17 2002-08-12 Show GitHub Exploit DB Packet Storm
313813 7.5 HIGH
levcgi.com myguestbook Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as (1) user name or (2) comments. NVD-CWE-Other
CVE-2002-0732 2024-02-14 10:17 2002-08-12 Show GitHub Exploit DB Packet Storm
313814 7.5 HIGH
ethereal_group ethereal Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector. NVD-CWE-Other
CVE-2002-0821 2024-02-14 10:17 2002-08-12 Show GitHub Exploit DB Packet Storm
313815 7.5 HIGH
ethereal_group ethereal Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused t… NVD-CWE-Other
CVE-2002-0822 2024-02-14 10:17 2002-08-12 Show GitHub Exploit DB Packet Storm
313816 5.0 MEDIUM
ethereal_group ethereal The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possi… NVD-CWE-Other
CVE-2002-0353 2024-02-14 10:17 2002-06-25 Show GitHub Exploit DB Packet Storm
313817 7.5 HIGH
ethereal_group ethereal Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. NVD-CWE-Other
CVE-2002-0402 2024-02-14 10:17 2002-06-18 Show GitHub Exploit DB Packet Storm
313818 5.0 MEDIUM
ethereal_group ethereal DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. NVD-CWE-Other
CVE-2002-0403 2024-02-14 10:17 2002-06-18 Show GitHub Exploit DB Packet Storm
313819 5.0 MEDIUM
ethereal_group ethereal Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). NVD-CWE-Other
CVE-2002-0404 2024-02-14 10:17 2002-06-18 Show GitHub Exploit DB Packet Storm
313820 5.0 MEDIUM
tarantella tarantella_enterprise ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter. NVD-CWE-Other
CVE-2002-0203 2024-02-14 10:17 2002-05-16 Show GitHub Exploit DB Packet Storm
313821 6.2 MEDIUM
tarantella tarantella_enterprise Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to exec… NVD-CWE-Other
CVE-2002-0211 2024-02-14 10:17 2002-05-16 Show GitHub Exploit DB Packet Storm
313822 7.5 HIGH
steve_kneizys agora.cgi Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter. NVD-CWE-Other
CVE-2001-1199 2024-02-14 10:17 2001-12-17 Show GitHub Exploit DB Packet Storm
313823 5.0 MEDIUM
khamil_landross_and_zack_jones eftp Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command. NVD-CWE-Other
CVE-2001-1193 2024-02-14 10:17 2001-12-13 Show GitHub Exploit DB Packet Storm
313824 5.0 MEDIUM
tarantella tarantella_enterprise Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter. NVD-CWE-Other
CVE-2001-0805 2024-02-14 10:17 2001-12-6 Show GitHub Exploit DB Packet Storm
313825 7.5 HIGH
valicert enterprise_validation_authority Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, whic… NVD-CWE-Other
CVE-2001-0947 2024-02-14 10:17 2001-12-4 Show GitHub Exploit DB Packet Storm
313826 7.5 HIGH
valicert enterprise_validation_authority Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by includin… NVD-CWE-Other
CVE-2001-0948 2024-02-14 10:17 2001-12-4 Show GitHub Exploit DB Packet Storm
313827 7.5 HIGH
valicert enterprise_validation_authority Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long argument… NVD-CWE-Other
CVE-2001-0949 2024-02-14 10:17 2001-12-4 Show GitHub Exploit DB Packet Storm
313828 7.5 HIGH
khamil_landross_and_zack_jones eftp Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands. NVD-CWE-Other
CVE-2001-1109 2024-02-14 10:17 2001-09-12 Show GitHub Exploit DB Packet Storm
313829 4.6 MEDIUM
omnisecure httprotect OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file. NVD-CWE-Other
CVE-2001-1172 2024-02-14 10:17 2001-07-19 Show GitHub Exploit DB Packet Storm
313830 10.0 HIGH
phpslice phpslice The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not properly verify the administrative access level, which could allow remote attackers to gain privil… NVD-CWE-Other
CVE-2001-1367 2024-02-14 10:17 2001-07-19 Show GitHub Exploit DB Packet Storm
313831 7.5 HIGH
phppgadmin phppgadmin Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. NVD-CWE-Other
CVE-2001-0479 2024-02-14 10:17 2001-06-27 Show GitHub Exploit DB Packet Storm
313832 7.5 HIGH
pccs-linux mysqldatabase_admin_tool PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative p… NVD-CWE-Other
CVE-2000-0707 2024-02-14 10:17 2000-10-20 Show GitHub Exploit DB Packet Storm
313833 5.0 MEDIUM
inter7 vpopmail_vchkpw vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or P… NVD-CWE-Other
CVE-2000-0583 2024-02-14 10:17 2000-06-30 Show GitHub Exploit DB Packet Storm
313834 5.0 MEDIUM
matt_wright formmail Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. NVD-CWE-Other
CVE-2000-0411 2024-02-14 10:17 2000-05-10 Show GitHub Exploit DB Packet Storm
313835 6.4 MEDIUM
gossamer_threads dbman The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. NVD-CWE-Other
CVE-2000-0381 2024-02-14 10:17 2000-05-5 Show GitHub Exploit DB Packet Storm
313836 2.1 LOW
bray_systems linux_trustees The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. NVD-CWE-Other
CVE-2000-0274 2024-02-14 10:17 2000-04-10 Show GitHub Exploit DB Packet Storm
313837 5.0 MEDIUM
vqsoft vqserver vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack. NVD-CWE-Other
CVE-2000-0240 2024-02-14 10:17 2000-03-21 Show GitHub Exploit DB Packet Storm
313838 10.0 HIGH
infopop ultimate_bulletin_board Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. NVD-CWE-Other
CVE-2000-0141 2024-02-14 10:17 2000-02-11 Show GitHub Exploit DB Packet Storm
313839 5.0 MEDIUM
infopop ultimate_bulletin_board Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file. NVD-CWE-Other
CVE-1999-0854 2024-02-14 10:17 1999-11-1 Show GitHub Exploit DB Packet Storm
313840 7.2 HIGH
ethereal_group ethereal Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file. NVD-CWE-Other
CVE-1999-1227 2024-02-14 10:17 1999-07-30 Show GitHub Exploit DB Packet Storm
313841 5.0 MEDIUM
puppets_place nukenabber NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe pr… NVD-CWE-Other
CVE-1999-1284 2024-02-14 10:17 1998-11-5 Show GitHub Exploit DB Packet Storm
313842 4.6 MEDIUM
hp mpe_ix
hp-ux 		Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Re… CWE-200
Information Exposure 		CVE-1999-1136 2024-02-14 10:17 1998-07-30 Show GitHub Exploit DB Packet Storm
313843 7.2 HIGH
hp hp-ux Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. NVD-CWE-Other
CVE-1999-1139 2024-02-14 10:17 1997-09-1 Show GitHub Exploit DB Packet Storm
313844 2.6 LOW
netscape
microsoft 		communicator
internet_explorer 		JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. NVD-CWE-Other
CVE-1999-0031 2024-02-14 10:17 1997-07-8 Show GitHub Exploit DB Packet Storm
313845 7.2 HIGH
hp hp-ux Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. NVD-CWE-Other
CVE-1999-1144 2024-02-14 10:17 1997-01-30 Show GitHub Exploit DB Packet Storm
313846 4.6 MEDIUM
hp hp-ux movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. NVD-CWE-Other
CVE-1999-1249 2024-02-14 10:17 1997-01-6 Show GitHub Exploit DB Packet Storm
313847 7.2 HIGH
hp hp-ux Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. NVD-CWE-Other
CVE-1999-1161 2024-02-14 10:17 1996-11-3 Show GitHub Exploit DB Packet Storm
313848 5.0 MEDIUM
sophos astaro_security_linux The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized atta… CWE-203
 Information Exposure Through Discrepancy 		CVE-2004-2252 2024-02-14 05:44 2004-12-31 Show GitHub Exploit DB Packet Storm
313849 5.0 MEDIUM
nettica intellipeer_email_server Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and invalid account names, which allows remote attackers to determine valid account names. CWE-203
 Information Exposure Through Discrepancy 		CVE-2004-2150 2024-02-14 05:10 2004-12-31 Show GitHub Exploit DB Packet Storm
313850 7.5 HIGH
kde konqueror The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attack… CWE-88
Argument Injection 		CVE-2004-0411 2024-02-14 03:01 2004-07-7 Show GitHub Exploit DB Packet Storm