NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2024年9月29日20:11

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
244801	4.3	MEDIUM	easyguppy	easyguppy	Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cle…	NVD-CWE-Other	CVE-2005-3156	2016-10-18 12:33	2005-10-6	表示	GitHub Exploit DB Packet Storm

244802	7.5	HIGH	php_fusion	php_fusion	SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 a…	NVD-CWE-Other	CVE-2005-3157	2016-10-18 12:33	2005-10-6	表示	GitHub Exploit DB Packet Storm

244803	7.5	HIGH	php_fusion	php_fusion	SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, …	NVD-CWE-Other	CVE-2005-3158	2016-10-18 12:33	2005-10-6	表示	GitHub Exploit DB Packet Storm

244804	7.5	HIGH	gfi	mailsecurity	Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: t…	NVD-CWE-Other	CVE-2005-3182	2016-10-18 12:33	2005-10-20	表示	GitHub Exploit DB Packet Storm

244805	4.6	MEDIUM	planet_technology_corp	fgsw2402rs	Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.	NVD-CWE-Other	CVE-2005-3196	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244806	5.1	MEDIUM	kaspersky_lab	kaspersky_anti-virus	Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malforme…	NVD-CWE-Other	CVE-2005-3210	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244807	5.1	MEDIUM	softwin	bitdefender_antivirus	Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malfor…	NVD-CWE-Other	CVE-2005-3211	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244808	5.1	MEDIUM	eset_software	nod32_antivirus	Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…	NVD-CWE-Other	CVE-2005-3212	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244809	5.1	MEDIUM	frisk_software	f-prot_antivirus	Multiple interpretation error in unspecified versions of F-Prot Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3213	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244810	5.1	MEDIUM	alwil	avast_antivirus	Multiple interpretation error in unspecified versions of Avast Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…	NVD-CWE-Other	CVE-2005-3214	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244811	5.1	MEDIUM	-	-	Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3215	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244812	5.1	MEDIUM	sophos	sophos_anti-virus	Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3216	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244813	5.1	MEDIUM	symantec	antivirus_scan_engine	Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed…	NVD-CWE-Other	CVE-2005-3217	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244814	5.1	MEDIUM	dr.web	dr.web_antivirus	Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3218	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244815	5.1	MEDIUM	avira	antivir_personal	Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…	NVD-CWE-Other	CVE-2005-3219	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244816	5.1	MEDIUM	norman	virus_control_antivirus	Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file wi…	NVD-CWE-Other	CVE-2005-3220	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244817	5.1	MEDIUM	fortinet	fortinet_antivirus	Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed…	NVD-CWE-Other	CVE-2005-3221	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244818	5.1	MEDIUM	vba32	vba32_antivirus	Multiple interpretation error in unspecified versions of VBA32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…	NVD-CWE-Other	CVE-2005-3222	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244819	5.1	MEDIUM	rising	rising_antivirus	Multiple interpretation error in unspecified versions of Rising Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3223	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244820	5.1	MEDIUM	avira	antivir_personal	Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed …	NVD-CWE-Other	CVE-2005-3224	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244821	5.1	MEDIUM	arcavir	arcavir_antivirus	Multiple interpretation error in unspecified versions of ArcaVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed …	NVD-CWE-Other	CVE-2005-3226	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244822	5.1	MEDIUM	-	-	Multiple interpretation error in unspecified versions of UNA Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed cent…	NVD-CWE-Other	CVE-2005-3227	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244823	5.1	MEDIUM	ikarus	ikarus_antivirus	Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3228	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244824	5.1	MEDIUM	-	-	Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed c…	NVD-CWE-Other	CVE-2005-3229	2016-10-18 12:33	2005-10-14	表示	GitHub Exploit DB Packet Storm

244825	2.1	LOW	ncompress	ncompress	ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.	NVD-CWE-Other	CVE-2005-2991	2016-10-18 12:32	2005-09-21	表示	GitHub Exploit DB Packet Storm

244826	2.1	LOW	arc	arc	arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945.	NVD-CWE-Other	CVE-2005-2992	2016-10-18 12:32	2005-10-14	表示	GitHub Exploit DB Packet Storm

244827	7.5	HIGH	helpdesk_software	hesk	Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.	NVD-CWE-Other	CVE-2005-3005	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244828	7.5	HIGH	jelsoft	vbulletin	Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, (2) userid param…	NVD-CWE-Other	CVE-2005-3022	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244829	4.3	MEDIUM	jelsoft	vbulletin	Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) adm…	NVD-CWE-Other	CVE-2005-3023	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244830	7.5	HIGH	jelsoft	vbulletin	Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, the (2) thread[f…	NVD-CWE-Other	CVE-2005-3024	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244831	4.3	MEDIUM	jelsoft	vbulletin	Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the loc parameter to (1) modcp/index.php or (2) ad…	NVD-CWE-Other	CVE-2005-3025	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244832	7.5	HIGH	ahnlab	v3_virusblock_2005 v3net v3pro_2004	Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary cod…	NVD-CWE-Other	CVE-2005-3029	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244833	5.0	MEDIUM	ahnlab	v3_virusblock_2005 v3net v3pro_2004	Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allow…	NVD-CWE-Other	CVE-2005-3030	2016-10-18 12:32	2005-09-22	表示	GitHub Exploit DB Packet Storm

244834	7.5	HIGH	my_little_homepage	my_little_forum	SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field.	NVD-CWE-Other	CVE-2005-3045	2016-10-18 12:32	2005-09-24	表示	GitHub Exploit DB Packet Storm

244835	6.8	MEDIUM	phpmyfaq	phpmyfaq	SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field.	CWE-89 SQLインジェクション	CVE-2005-3046	2016-10-18 12:32	2005-09-24	表示	GitHub Exploit DB Packet Storm

244836	4.3	MEDIUM	phpmyfaq	phpmyfaq	Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PMF_CONF[version] parameter to footer.php or (2) PMF_LA…	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2005-3047	2016-10-18 12:32	2005-09-24	表示	GitHub Exploit DB Packet Storm

244837	6.4	MEDIUM	phpmyfaq	phpmyfaq	Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which als…	NVD-CWE-Other	CVE-2005-3048	2016-10-18 12:32	2005-09-24	表示	GitHub Exploit DB Packet Storm

244838	5.0	MEDIUM	phpmyfaq	phpmyfaq	PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information via a LANGCODE parameter that does not exist, which reveals the path in an error message.	NVD-CWE-Other	CVE-2005-3050	2016-10-18 12:32	2005-09-24	表示	GitHub Exploit DB Packet Storm

244839	7.5	HIGH	-	-	SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the search field to download.php.	NVD-CWE-Other	CVE-2005-3052	2016-10-18 12:32	2005-09-24	表示	GitHub Exploit DB Packet Storm

244840	7.5	HIGH	powerarchiver	powerarchiver_2002 powerarchiver_2003 powerarchiver_2004 powerarchiver_2006	Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive.	NVD-CWE-Other	CVE-2005-3061	2016-10-18 12:32	2005-09-28	表示	GitHub Exploit DB Packet Storm

244841	7.5	HIGH	alstrasoft	e-friends	PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote attackers to execute arbitrary PHP code via the mode parameter.	NVD-CWE-Other	CVE-2005-3062	2016-10-18 12:32	2005-09-28	表示	GitHub Exploit DB Packet Storm

244842	7.5	HIGH	unu_networks	mailgust	SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page.	NVD-CWE-Other	CVE-2005-3063	2016-10-18 12:32	2005-09-28	表示	GitHub Exploit DB Packet Storm

244843	4.3	MEDIUM	cmsmadesimple	cms_made_simple	Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 0.10 allows remote attackers to inject arbitrary web script or HTML via the page parameter.	NVD-CWE-Other	CVE-2005-3083	2016-10-18 12:32	2005-09-28	表示	GitHub Exploit DB Packet Storm

244844	4.3	MEDIUM	mantis	mantis	Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the summary of the bug, whic…	NVD-CWE-Other	CVE-2005-3090	2016-10-18 12:32	2005-09-29	表示	GitHub Exploit DB Packet Storm

244845	7.5	HIGH	image-line_software	fl_studio	Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allows remote attackers to execute arbitrary code via a .flp file that contains a long path to a (1) .mid or (2) .wav file.	NVD-CWE-Other	CVE-2005-3092	2016-10-18 12:32	2005-09-29	表示	GitHub Exploit DB Packet Storm

244846	7.5	HIGH	nateon	nateon_messenger	The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method.	NVD-CWE-Other	CVE-2005-3113	2016-10-18 12:32	2005-09-30	表示	GitHub Exploit DB Packet Storm

244847	7.5	HIGH	nateon	nateon_messenger	Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long thi…	NVD-CWE-Other	CVE-2005-3114	2016-10-18 12:32	2005-09-30	表示	GitHub Exploit DB Packet Storm

244848	7.5	HIGH	lucidcms	lucidcms	SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers to execute arbitrary SQL commands via the login field.	NVD-CWE-Other	CVE-2005-3130	2016-10-18 12:32	2005-10-5	表示	GitHub Exploit DB Packet Storm

244849	4.3	MEDIUM	icewarp merak	web_mail mail_server	Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HT…	NVD-CWE-Other	CVE-2005-3131	2016-10-18 12:32	2005-10-5	表示	GitHub Exploit DB Packet Storm

244850	5.0	MEDIUM	icewarp merak	web_mail mail_server	MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the…	NVD-CWE-Other	CVE-2005-3132	2016-10-18 12:32	2005-10-5	表示	GitHub Exploit DB Packet Storm