NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 4, 2026, 4:06 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
346301	7.5	HIGH	washington_university	wu-ftpd	Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CVE-2001-0550.	NVD-CWE-Other	CVE-2001-0935	2008-09-11 04:09	2001-11-28	Show	GitHub Exploit DB Packet Storm

346302	7.5	HIGH	paul_m._jones	phorecast	Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.	NVD-CWE-Other	CVE-2001-1049	2008-09-11 04:09	2001-10-2	Show	GitHub Exploit DB Packet Storm

346303	7.5	HIGH	phpadsnew	phpadsnew	PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.	NVD-CWE-Other	CVE-2001-1054	2008-09-11 04:09	2001-10-2	Show	GitHub Exploit DB Packet Storm

346304	7.2	HIGH	caldera	openserver	Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.	NVD-CWE-Other	CVE-2001-1062	2008-09-11 04:09	2001-08-31	Show	GitHub Exploit DB Packet Storm

346305	5.0	MEDIUM	xerox	docuprint_n40	Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm.	NVD-CWE-Other	CVE-2001-1134	2008-09-11 04:09	2001-08-9	Show	GitHub Exploit DB Packet Storm

346306	6.2	MEDIUM	freebsd netbsd openbsd	freebsd netbsd openbsd	fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current…	NVD-CWE-Other	CVE-2001-1145	2008-09-11 04:09	2001-08-17	Show	GitHub Exploit DB Packet Storm

346307	7.2	HIGH	caldera	openunix	lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.	NVD-CWE-Other	CVE-2001-1153	2008-09-11 04:09	2001-08-28	Show	GitHub Exploit DB Packet Storm

346308	5.0	MEDIUM	phpmyexplorer	phpmyexplorer_classic phpmyexplorer_multiuser	Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter.	NVD-CWE-Other	CVE-2001-1168	2008-09-11 04:09	2001-08-29	Show	GitHub Exploit DB Packet Storm

346309	7.2	HIGH	masqmail	masqmail	Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases.	NVD-CWE-Other	CVE-2001-1173	2008-09-11 04:09	2001-07-26	Show	GitHub Exploit DB Packet Storm

346310	7.5	HIGH	mutasem_abudahab	csvform csvform_plus	csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter.	NVD-CWE-Other	CVE-2001-1187	2008-09-11 04:09	2001-12-11	Show	GitHub Exploit DB Packet Storm

346311	7.5	HIGH	novell	groupwise	Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.	NVD-CWE-Other	CVE-2001-1195	2008-09-11 04:09	2001-12-15	Show	GitHub Exploit DB Packet Storm

346312	6.4	MEDIUM	cisco	ubr920 ubr924 ubr925	Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read…	NVD-CWE-Other	CVE-2001-1210	2008-09-11 04:09	2001-12-30	Show	GitHub Exploit DB Packet Storm

346313	5.0	MEDIUM	aktivate	aktivate	Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter.	NVD-CWE-Other	CVE-2001-1212	2008-09-11 04:09	2001-12-18	Show	GitHub Exploit DB Packet Storm

346314	6.4	MEDIUM	datawizard	ftpxq	The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder.	NVD-CWE-Other	CVE-2001-1213	2008-09-11 04:09	2001-12-18	Show	GitHub Exploit DB Packet Storm

346315	7.5	HIGH	marcus_s._xenakis	unix_manual	manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters.	NVD-CWE-Other	CVE-2001-1214	2008-09-11 04:09	2001-12-15	Show	GitHub Exploit DB Packet Storm

346316	7.5	HIGH	michael_baumer	pfinger	Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file.	NVD-CWE-Other	CVE-2001-1215	2008-09-11 04:09	2001-12-20	Show	GitHub Exploit DB Packet Storm

346317	2.1	LOW	microsoft	ie	Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizin…	NVD-CWE-Other	CVE-2001-1218	2008-09-11 04:09	2001-12-20	Show	GitHub Exploit DB Packet Storm

346318	7.5	HIGH	gnu	gzip	Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.	NVD-CWE-Other	CVE-2001-1228	2008-09-11 04:09	2001-11-18	Show	GitHub Exploit DB Packet Storm

346319	7.5	HIGH	derek_leung	pslash	pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.	NVD-CWE-Other	CVE-2001-1235	2008-09-11 04:09	2001-10-2	Show	GitHub Exploit DB Packet Storm

346320	7.5	HIGH	sebastian_bunka	myphppagetool	myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.	NVD-CWE-Other	CVE-2001-1236	2008-09-11 04:09	2001-10-2	Show	GitHub Exploit DB Packet Storm

346321	5.0	MEDIUM	ibm	aix_snmp	AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection.	NVD-CWE-Other	CVE-2001-0487	2008-09-11 04:08	2001-06-27	Show	GitHub Exploit DB Packet Storm

346322	5.0	MEDIUM	oracle	oracle8i	Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offse…	NVD-CWE-Other	CVE-2001-0498	2008-09-11 04:08	2001-07-21	Show	GitHub Exploit DB Packet Storm

346323	5.0	MEDIUM	oracle	database_server oracle8i	Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value.	NVD-CWE-Other	CVE-2001-0515	2008-09-11 04:08	2001-07-21	Show	GitHub Exploit DB Packet Storm

346324	5.0	MEDIUM	oracle	oracle8i oracle9i	Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does no…	NVD-CWE-Other	CVE-2001-0516	2008-09-11 04:08	2001-07-21	Show	GitHub Exploit DB Packet Storm

346325	10.0	HIGH	lucent merit	radius	Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands.	NVD-CWE-Other	CVE-2001-0534	2008-09-11 04:08	2001-07-21	Show	GitHub Exploit DB Packet Storm

346326	7.2	HIGH	nedit	nedit	The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or p…	NVD-CWE-Other	CVE-2001-0556	2008-09-11 04:08	2001-08-22	Show	GitHub Exploit DB Packet Storm

346327	5.0	MEDIUM	hughes_technologies	dsl_vdns	Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection.	NVD-CWE-Other	CVE-2001-0580	2008-09-11 04:08	2001-08-22	Show	GitHub Exploit DB Packet Storm

346328	4.6	MEDIUM	sco	openserver	sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.	NVD-CWE-Other	CVE-2001-0588	2008-09-11 04:08	2001-08-22	Show	GitHub Exploit DB Packet Storm

346329	7.5	HIGH	lucent	orinoco	The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join t…	NVD-CWE-Other	CVE-2001-0619	2008-09-11 04:08	2001-08-2	Show	GitHub Exploit DB Packet Storm

346330	2.1	LOW	horde	imp	Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.	NVD-CWE-Other	CVE-2001-0744	2008-09-11 04:08	2001-10-18	Show	GitHub Exploit DB Packet Storm

346331	10.0	HIGH	isc	bind	Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.	NVD-CWE-Other	CVE-2001-0010	2008-09-11 04:07	2001-02-12	Show	GitHub Exploit DB Packet Storm

346332	10.0	HIGH	isc	bind	Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.	NVD-CWE-Other	CVE-2001-0011	2008-09-11 04:07	2001-02-12	Show	GitHub Exploit DB Packet Storm

346333	5.0	MEDIUM	isc	bind	BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.	NVD-CWE-Other	CVE-2001-0012	2008-09-11 04:07	2001-02-12	Show	GitHub Exploit DB Packet Storm

346334	10.0	HIGH	isc	bind	Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.	NVD-CWE-Other	CVE-2001-0013	2008-09-11 04:07	2001-02-12	Show	GitHub Exploit DB Packet Storm

346335	10.0	HIGH	guido_frassetto	sedum	SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.	NVD-CWE-Other	CVE-2001-0282	2008-09-11 04:07	2001-05-3	Show	GitHub Exploit DB Packet Storm

346336	10.0	HIGH	openbsd	openbsd	Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authenticati…	NVD-CWE-Other	CVE-2001-0284	2008-09-11 04:07	2001-05-3	Show	GitHub Exploit DB Packet Storm

346337	7.5	HIGH	mozilla	bugzilla	Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who para…	NVD-CWE-Other	CVE-2001-0329	2008-09-11 04:07	2001-06-27	Show	GitHub Exploit DB Packet Storm

346338	5.0	MEDIUM	imatix	xitami	Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory.	NVD-CWE-Other	CVE-2001-0391	2008-09-11 04:07	2001-07-2	Show	GitHub Exploit DB Packet Storm

346339	7.5	HIGH	qpc_software	qvt_net qvt_term_plus	Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password.	NVD-CWE-Other	CVE-2001-0443	2008-09-11 04:07	2001-07-2	Show	GitHub Exploit DB Packet Storm

346340	5.0	MEDIUM	xavier_ducrohet	felix	Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.	NVD-CWE-Other	CVE-2000-1150	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346341	5.0	MEDIUM	abisoft	baxter	Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.	NVD-CWE-Other	CVE-2000-1151	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346342	5.0	MEDIUM	kenny_carruthers	postmaster	PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.	NVD-CWE-Other	CVE-2000-1153	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346343	5.0	MEDIUM	joe_kloss	robinhood	RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request.	NVD-CWE-Other	CVE-2000-1154	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346344	5.0	MEDIUM	joe_kloss	robinhood	RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request.	NVD-CWE-Other	CVE-2000-1155	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346345	7.2	HIGH	nec	socks_5	Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request.	NVD-CWE-Other	CVE-2000-1183	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346346	5.0	MEDIUM	i-soft	quikstore	Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter.	NVD-CWE-Other	CVE-2000-1188	2008-09-11 04:06	2001-01-9	Show	GitHub Exploit DB Packet Storm

346347	7.5	HIGH	btt_software	snmp_trap_watcher	Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.	NVD-CWE-Other	CVE-2000-1192	2008-09-11 04:06	2001-08-31	Show	GitHub Exploit DB Packet Storm

346348	7.5	HIGH	oracle	application_server	SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.	NVD-CWE-Other	CVE-2000-1236	2008-09-11 04:06	2000-12-31	Show	GitHub Exploit DB Packet Storm

346349	5.0	MEDIUM	openssl freebsd	openssl freebsd	OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak …	NVD-CWE-Other	CVE-2000-0535	2008-09-11 04:05	2000-06-12	Show	GitHub Exploit DB Packet Storm

346350	5.0	MEDIUM	microsoft	windows_2000 windows_nt	Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.	NVD-CWE-Other	CVE-2000-0544	2008-09-11 04:05	2000-06-5	Show	GitHub Exploit DB Packet Storm