NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2024年11月17日16:13

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
245951 9.8 CRITICAL
ネットワーク 		moxa nport_5100_series_firmware
nport_5200_series_firmware
nport_5400_series_firmware
nport_5600_series_firmware
nport_5100a_series_firmware
nport_p5150a_series_firmware
nport_5200a_seri… 		An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPor… CWE-264
認可・権限・アクセス制御 		CVE-2016-9366 2017-02-18 03:06 2017-02-14 表示 GitHub Exploit DB Packet Storm
245952 6.1 MEDIUM
ネットワーク 		adcon_telemetry a850_telemetry_gateway_base_station_firmware An issue was discovered in Adcon Telemetry A850 Telemetry Gateway Base Station. The Web Interface does not neutralize or incorrectly neutralizes user-controllable input before it is placed in the out… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-2274 2017-02-18 02:50 2017-02-14 表示 GitHub Exploit DB Packet Storm
245953 9.8 CRITICAL
ネットワーク 		schneider-electric powerlogic_pm8ecc_firmware An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device. CWE-798
ハードコードされた認証情報の使用 		CVE-2016-5818 2017-02-18 02:37 2017-02-14 表示 GitHub Exploit DB Packet Storm
245954 8.8 HIGH
ネットワーク 		lynxspring jenesys_bas_bridge An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the r… CWE-352
同一生成元ポリシー違反 		CVE-2016-8369 2017-02-18 02:02 2017-02-14 表示 GitHub Exploit DB Packet Storm
245955 5.3 MEDIUM
ローカル 		ibm cognos_disclosure_management IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. IBM Reference #: 1991584. CWE-284
不適切なアクセス制御 		CVE-2016-6077 2017-02-18 02:00 2017-02-16 表示 GitHub Exploit DB Packet Storm
245956 9.8 CRITICAL
ネットワーク 		lynxspring jenesys_bas_bridge An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials. CWE-255
証明書・パスワード管理 		CVE-2016-8378 2017-02-18 01:57 2017-02-14 表示 GitHub Exploit DB Packet Storm
245957 7.5 HIGH
ネットワーク 		freebsd freebsd The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation fa… CWE-287
不適切な認証 		CVE-2016-1888 2017-02-18 01:56 2017-02-16 表示 GitHub Exploit DB Packet Storm
245958 8.6 HIGH
ネットワーク 		lynxspring jenesys_bas_bridge An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authenticat… CWE-798
ハードコードされた認証情報の使用 		CVE-2016-8361 2017-02-18 01:34 2017-02-14 表示 GitHub Exploit DB Packet Storm
245959 8.1 HIGH
ネットワーク 		moxa softcms An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an at… CWE-415
二重解放 		CVE-2016-8360 2017-02-18 00:12 2017-02-14 表示 GitHub Exploit DB Packet Storm
245960 7.5 HIGH
ネットワーク 		fatek automation_fv_designer
automation_pm_designer 		An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based bu… CWE-119
バッファエラー 		CVE-2016-5798 2017-02-18 00:07 2017-02-14 表示 GitHub Exploit DB Packet Storm
245961 7.8 HIGH
ローカル 		advantech susiaccess An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The admin password is stored in the system and is encrypted with a static key hard-coded in the program. Attackers could … CWE-264
認可・権限・アクセス制御 		CVE-2016-9353 2017-02-17 23:56 2017-02-14 表示 GitHub Exploit DB Packet Storm
245962 4.3 MEDIUM
ネットワーク 		ibm rational_doors_next_generation
rational_requirements_composer 		An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547. CWE-200
情報漏えい 		CVE-2016-6060 2017-02-17 23:40 2017-02-16 表示 GitHub Exploit DB Packet Storm
245963 5.5 MEDIUM
ローカル 		libav libav The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file. NOTE: this issue wa… CWE-476
NULL ポインタデリファレンス 		CVE-2016-7477 2017-02-17 23:37 2017-02-16 表示 GitHub Exploit DB Packet Storm
245964 9.8 CRITICAL
ネットワーク 		ibm system_storage_ts3100-ts3200_tape_library IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system. CWE-284
不適切なアクセス制御 		CVE-2016-9005 2017-02-17 23:35 2017-02-9 表示 GitHub Exploit DB Packet Storm
245965 7.8 HIGH
ローカル 		freebsd freebsd The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "han… CWE-264
認可・権限・アクセス制御 		CVE-2016-1880 2017-02-17 23:32 2017-02-16 表示 GitHub Exploit DB Packet Storm
245966 7.1 HIGH
ネットワーク 		lynxspring jenesys_bas_bridge An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This … CWE-264
認可・権限・アクセス制御 		CVE-2016-8357 2017-02-17 23:11 2017-02-14 表示 GitHub Exploit DB Packet Storm
245967 5.5 MEDIUM
ローカル 		libav libav The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcod… CWE-476
NULL ポインタデリファレンス 		CVE-2016-8675 2017-02-17 23:10 2017-02-16 表示 GitHub Exploit DB Packet Storm
245968 7.8 HIGH
ローカル 		moxa dacenter An issue was discovered in Moxa DACenter Versions 1.4 and older. The application may suffer from an unquoted search path issue. CWE-284
不適切なアクセス制御 		CVE-2016-9356 2017-02-17 23:09 2017-02-14 表示 GitHub Exploit DB Packet Storm
245969 8.2 HIGH
ローカル 		python openpyxl Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document. CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-5992 2017-02-17 23:00 2017-02-16 表示 GitHub Exploit DB Packet Storm
245970 5.5 MEDIUM
ローカル 		libav libav The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an … CWE-476
NULL ポインタデリファレンス 		CVE-2016-8676 2017-02-17 22:55 2017-02-16 表示 GitHub Exploit DB Packet Storm
245971 7.5 HIGH
ネットワーク 		omnimetrix omniview An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the co… CWE-200
情報漏えい 		CVE-2016-5786 2017-02-17 22:52 2017-02-14 表示 GitHub Exploit DB Packet Storm
245972 8.8 HIGH
ネットワーク 		fatek automation_fv_designer
automation_pm_designer 		An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or t… CWE-119
バッファエラー 		CVE-2016-5796 2017-02-17 22:46 2017-02-14 表示 GitHub Exploit DB Packet Storm
245973 7.8 HIGH
ローカル 		freebsd freebsd The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors. CWE-264
認可・権限・アクセス制御 		CVE-2016-1883 2017-02-17 22:38 2017-02-16 表示 GitHub Exploit DB Packet Storm
245974 5.5 MEDIUM
ローカル 		moxa dacenter An issue was discovered in Moxa DACenter Versions 1.4 and older. A specially crafted project file may cause the program to crash because of Uncontrolled Resource Consumption. CWE-399
リソース管理の問題 		CVE-2016-9354 2017-02-17 22:36 2017-02-14 表示 GitHub Exploit DB Packet Storm
245975 6.0 MEDIUM
ネットワーク 		honeywell xl_web_ii_controller An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invali… CWE-384
セッションの固定化 		CVE-2017-5141 2017-02-17 22:13 2017-02-14 表示 GitHub Exploit DB Packet Storm
245976 5.4 MEDIUM
ネットワーク 		hp system_management_homepage HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-4393 2017-02-17 11:59 2016-10-29 表示 GitHub Exploit DB Packet Storm
245977 6.5 MEDIUM
ネットワーク 		hp system_management_homepage HPE System Management Homepage before v7.6 allows remote attackers to obtain sensitive information via unspecified vectors, related to an "HSTS" issue. CWE-254
セキュリティ機能 		CVE-2016-4394 2017-02-17 11:59 2016-10-29 表示 GitHub Exploit DB Packet Storm
245978 7.5 HIGH
ネットワーク 		hp system_management_homepage HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. CWE-119
バッファエラー 		CVE-2016-4395 2017-02-17 11:59 2016-10-29 表示 GitHub Exploit DB Packet Storm
245979 7.5 HIGH
ネットワーク 		hp system_management_homepage HPE System Management Homepage before v7.6 allows remote attackers to have an unspecified impact via unknown vectors, related to a "Buffer Overflow" issue. CWE-119
バッファエラー 		CVE-2016-4396 2017-02-17 11:59 2016-10-29 表示 GitHub Exploit DB Packet Storm
245980 10.0 HIGH
adobe
google 		flash_player
air
android
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5567 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245981 10.0 HIGH
adobe
google 		flash_player
air
air_sdk
air_sdk_\&_compiler
android 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-20
不適切な入力確認 		CVE-2015-5568 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245982 10.0 HIGH
adobe
google 		air
air_sdk
air_sdk_\&_compiler
flash_player
android 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before… NVD-CWE-Other
CVE-2015-5570 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245983 10.0 HIGH
adobe
google 		air
air_sdk
air_sdk_\&_compiler
flash_player
android 		<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a> NVD-CWE-Other
CVE-2015-5570 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245984 4.3 MEDIUM
adobe flash_player
air
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-200
CWE-352
情報漏えい
同一生成元ポリシー違反 		CVE-2015-5571 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245985 5.0 MEDIUM
adobe
google 		air
air_sdk
air_sdk_\&_compiler
flash_player
android 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-200
情報漏えい 		CVE-2015-5572 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245986 10.0 HIGH
adobe
google 		flash_player
air
air_sdk
air_sdk_\&_compiler
android 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… NVD-CWE-Other
CVE-2015-5573 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245987 10.0 HIGH
adobe
google 		flash_player
air
air_sdk
air_sdk_\&_compiler
android 		<a href="http://cwe.mitre.org/data/definitions/843.html">CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')</a> NVD-CWE-Other
CVE-2015-5573 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245988 10.0 HIGH
adobe
google 		air
android
flash_player
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5575 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245989 5.0 MEDIUM
adobe air
air_sdk
air_sdk_\&_compiler
flash_player 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-200
情報漏えい 		CVE-2015-5576 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245990 10.0 HIGH
adobe
google 		air
android
air_sdk
air_sdk_\&_compiler
flash_player 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5577 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245991 10.0 HIGH
adobe
google 		air
android
flash_player
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5578 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245992 10.0 HIGH
adobe air
flash_player
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5579 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245993 10.0 HIGH
adobe
google 		air
air_sdk
air_sdk_\&_compiler
flash_player
android 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5580 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245994 10.0 HIGH
adobe
google 		air
android
flash_player
air_sdk
air_sdk_\&_compiler 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before… NVD-CWE-Other
CVE-2015-5581 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245995 10.0 HIGH
adobe
google 		air
android
flash_player
air_sdk
air_sdk_\&_compiler 		<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a> NVD-CWE-Other
CVE-2015-5581 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245996 10.0 HIGH
adobe
google 		air
android
flash_player
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5582 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245997 10.0 HIGH
adobe
google 		flash_player
air
android
air_sdk
air_sdk_\&_compiler 		Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before… NVD-CWE-Other
CVE-2015-5584 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245998 10.0 HIGH
adobe
google 		flash_player
air
android
air_sdk
air_sdk_\&_compiler 		<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a> NVD-CWE-Other
CVE-2015-5584 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
245999 10.0 HIGH
adobe flash_player
air
air_sdk
air_sdk_\&_compiler 		Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before … CWE-119
バッファエラー 		CVE-2015-5587 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm
246000 10.0 HIGH
adobe
google 		air
android
flash_player
air_sdk
air_sdk_\&_compiler 		Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK &… CWE-119
バッファエラー 		CVE-2015-5588 2017-02-17 11:59 2015-09-22 表示 GitHub Exploit DB Packet Storm