NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 7, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345251	10.0	HIGH	oracle	database_server	Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01.	NVD-CWE-noinfo	CVE-2006-0256	2012-10-23 10:56	2006-01-18	Show	GitHub Exploit DB Packet Storm

345252	10.0	HIGH	oracle	database_server	Unspecified vulnerability in the PL/SQL component in Oracle Database Server 9i up to 10.1.0.4 has unknown impact and attack vectors, aka Oracle Vuln# DB01.	NVD-CWE-Other	CVE-2005-3437	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345253	10.0	HIGH	oracle	database_server	Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Log…	NVD-CWE-Other	CVE-2005-3438	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345254	10.0	HIGH	-	-	Multiple unspecified vulnerabilities in Oracle Database Server 10g up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB02, (2) DB03, and (3) DB05 in Change Data Capture; (…	NVD-CWE-Other	CVE-2005-3439	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345255	10.0	HIGH	oracle	database_server	Unspecified vulnerability in Database Scheduler in Oracle Database Server 10g up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB08.	NVD-CWE-Other	CVE-2005-3440	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345256	10.0	HIGH	-	-	Unspecified vulnerability in Intelligent Agent in Oracle Database Server 9i up to 9.0.1.5 has unknown impact and attack vectors, aka Oracle Vuln# DB14.	NVD-CWE-Other	CVE-2005-3441	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345257	10.0	HIGH	-	-	Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB09 in Export, (2) DB11 in Materialized Views, and (3)…	NVD-CWE-Other	CVE-2005-3442	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345258	10.0	HIGH	oracle	database_server	Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB17.	NVD-CWE-Other	CVE-2005-3443	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345259	10.0	HIGH	oracle	database_server	Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.	NVD-CWE-Other	CVE-2005-3444	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345260	10.0	HIGH	oracle	application_server database_server	Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln…	NVD-CWE-Other	CVE-2005-3445	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345261	10.0	HIGH	oracle	application_server database_server	Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Application Server 9.0.2.3 up to 10.1.2.0 has unknown impact and attack vectors, aka Oracle Vuln# DB32 a…	NVD-CWE-Other	CVE-2005-3446	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345262	10.0	HIGH	-	-	Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 an…	NVD-CWE-Other	CVE-2005-3447	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345263	10.0	HIGH	oracle	application_server	Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01.	NVD-CWE-Other	CVE-2005-3448	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345264	10.0	HIGH	oracle	application_server	Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in…	NVD-CWE-Other	CVE-2005-3449	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345265	10.0	HIGH	oracle	application_server	Unspecified vulnerability in the HTTP Server in Oracle Application Server 1.0 up to 9.0.2.3 has unknown impact and attack vectors, as identified by Oracle Vuln# AS04.	NVD-CWE-Other	CVE-2005-3450	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345266	10.0	HIGH	oracle	application_server	Unspecified vulnerability in SQL*ReportWriter in Oracle Application Server 9.0 up to 9.0.2.1 has unknown impact and attack vectors, as identified by Oracle Vuln# AS10.	NVD-CWE-Other	CVE-2005-3451	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345267	10.0	HIGH	oracle	application_server	Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS13.	NVD-CWE-Other	CVE-2005-3452	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345268	10.0	HIGH	oracle	application_server	Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 has unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS12 and (2) AS14.	NVD-CWE-Other	CVE-2005-3453	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345269	10.0	HIGH	oracle	collaboration_suite	Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS0…	NVD-CWE-Other	CVE-2005-3454	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345270	10.0	HIGH	oracle	e-business_suite	Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Ins…	NVD-CWE-Other	CVE-2005-3455	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345271	10.0	HIGH	-	-	Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS04 in Application Obje…	NVD-CWE-Other	CVE-2005-3456	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345272	10.0	HIGH	oracle	e-business_suite	Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS.	NVD-CWE-Other	CVE-2005-3457	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345273	10.0	HIGH	-	-	Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge.	NVD-CWE-Other	CVE-2005-3458	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345274	10.0	HIGH	oracle	clinical e-business_suite	Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical.	NVD-CWE-Other	CVE-2005-3459	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345275	10.0	HIGH	oracle	10g_enterprise_manager_database_control enterprise_manager_application_server_control	Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01.	NVD-CWE-Other	CVE-2005-3460	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345276	10.0	HIGH	oracle	peoplesoft_enterprise	Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.02 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE02.	NVD-CWE-Other	CVE-2005-3462	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345277	10.0	HIGH	oracle	peoplesoft_enterprise	Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE04.	NVD-CWE-Other	CVE-2005-3464	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345278	10.0	HIGH	jdedwards oracle	oneworld_xe enterpriseone	Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JD…	NVD-CWE-Other	CVE-2005-3465	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345279	10.0	HIGH	oracle	peoplesoft_enterprise_customer_relationship_management	Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to 8.9 has unknown impact and attack vectors, as identified by Oracle Vuln# CRM01.	NVD-CWE-Other	CVE-2005-3466	2012-10-23 10:51	2005-11-2	Show	GitHub Exploit DB Packet Storm

345280	4.3	MEDIUM	accomplishtechnology	phpmydirectory	Cross-site scripting (XSS) vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenan…	CWE-79 Cross-site Scripting	CVE-2006-4755	2012-10-22 13:00	2006-09-14	Show	GitHub Exploit DB Packet Storm

345281	7.5	HIGH	accomplishtechnology	phpmydirectory	SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to execute arbitrary SQL commands via the letter parameter. NOTE: the provenance of this informa…	CWE-89 SQL Injection	CVE-2006-4756	2012-10-22 13:00	2006-09-14	Show	GitHub Exploit DB Packet Storm

345282	7.5	HIGH	plogger	plogger	SQL injection vulnerability in Plogger Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php and (2) page parameter.	CWE-89 SQL Injection	CVE-2005-4246	2012-10-22 13:00	2005-12-14	Show	GitHub Exploit DB Packet Storm

345283	4.3	MEDIUM	plogger	plogger	Cross-site scripting (XSS) vulnerability in index.php in Plogger Beta 2 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter.	CWE-79 Cross-site Scripting	CVE-2005-4247	2012-10-22 13:00	2005-12-14	Show	GitHub Exploit DB Packet Storm

345284	4.3	MEDIUM	k5n	webcalendar	Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to inject arbitrary web script or HTML via the (1) tab parameter to u…	CWE-79 Cross-site Scripting	CVE-2010-0636	2012-10-13 11:58	2010-02-13	Show	GitHub Exploit DB Packet Storm

345285	6.8	MEDIUM	k5n	webcalendar	Multiple cross-site request forgery (CSRF) vulnerabilities in WebCalendar 1.2.0, and other versions before 1.2.5, allow remote attackers to hijack the authentication of administrators for requests th…	CWE-352 Origin Validation Error	CVE-2010-0637	2012-10-13 11:58	2010-02-13	Show	GitHub Exploit DB Packet Storm

345286	7.5	HIGH	html2ps_project	html2ps	Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input."	NVD-CWE-noinfo	CVE-2002-1275	2012-10-11 13:00	2002-11-12	Show	GitHub Exploit DB Packet Storm

345287	4.3	MEDIUM	colony	colony_cms colony_e-commerce_cms colony_enterprise_cms colony_government_cms	Cross-site scripting (XSS) vulnerability in Colony CMS 2.75 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.	CWE-79 Cross-site Scripting	CVE-2005-4386	2012-08-6 13:00	2005-12-20	Show	GitHub Exploit DB Packet Storm

345288	4.3	MEDIUM	secureideas	basic_analysis_and_security_engine	Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[1] parame…	CWE-79 Cross-site Scripting	CVE-2009-4837	2012-07-3 13:00	2010-05-6	Show	GitHub Exploit DB Packet Storm

345289	7.5	HIGH	secureideas	basic_analysis_and_security_engine	SQL injection vulnerability in base_ag_common.php in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NO…	CWE-89 SQL Injection	CVE-2009-4838	2012-07-3 13:00	2010-05-6	Show	GitHub Exploit DB Packet Storm

345290	4.3	MEDIUM	secureideas	basic_analysis_and_security_engine	Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspeci…	CWE-79 Cross-site Scripting	CVE-2009-4839	2012-07-3 13:00	2010-05-6	Show	GitHub Exploit DB Packet Storm

345291	7.5	HIGH	acid secureideas	analysis_console_for_intrusion_databases basic_analysis_and_security_engine	Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2,…	CWE-89 SQL Injection	CVE-2005-3325	2012-07-3 13:00	2005-10-27	Show	GitHub Exploit DB Packet Storm

345292	6.4	MEDIUM	php	php	PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2001-1247	2012-06-25 13:00	2001-12-6	Show	GitHub Exploit DB Packet Storm

345293	6.8	MEDIUM	perforce	perforce_server	Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. (dot dot) in the argument to the "p4 add" command.	CWE-22 Path Traversal	CVE-2010-0933	2012-06-15 13:00	2010-03-6	Show	GitHub Exploit DB Packet Storm

345294	7.5	HIGH	3com	3cp4144	3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired…	NVD-CWE-Other	CVE-2002-0888	2012-05-12 10:16	2002-10-4	Show	GitHub Exploit DB Packet Storm

345295	4.3	MEDIUM	apple	iphone_os	Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element.	CWE-20 Improper Input Validation	CVE-2010-1181	2012-03-30 13:00	2010-03-30	Show	GitHub Exploit DB Packet Storm

345296	4.6	MEDIUM	emc	networker	EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly …	NVD-CWE-Other	CVE-2002-0113	2012-03-30 10:14	2002-03-25	Show	GitHub Exploit DB Packet Storm

345297	4.6	MEDIUM	emc	networker	EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: th…	NVD-CWE-Other	CVE-2002-0114	2012-03-30 10:14	2002-03-25	Show	GitHub Exploit DB Packet Storm

345298	4.7	MEDIUM	linux	linux_kernel	The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a de…	CWE-399 Resource Management Errors	CVE-2007-6733	2012-03-19 13:00	2010-03-17	Show	GitHub Exploit DB Packet Storm

345299	7.5	HIGH	cacti	cacti	SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via a crafted rra_id parameter in a GET request in conjunction with a va…	CWE-89 SQL Injection	CVE-2010-2092	2012-02-16 13:04	2010-05-28	Show	GitHub Exploit DB Packet Storm

345300	7.5	HIGH	cacti	cacti	SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter.	CWE-89 SQL Injection	CVE-2010-1431	2012-02-16 13:02	2010-05-5	Show	GitHub Exploit DB Packet Storm