NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2024年7月2日20:11

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
258951	2.1	LOW	gert_doering	mgetty	The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the tar…	NVD-CWE-Other	CVE-2000-0691	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258952	5.0	MEDIUM	iss	realsecure	ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.	NVD-CWE-Other	CVE-2000-0692	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258953	7.2	HIGH	tech-source	raptor_gfx_pgx32	pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point…	NVD-CWE-Other	CVE-2000-0693	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258954	7.2	HIGH	tech-source	raptor_gfx_pgx32	pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.	NVD-CWE-Other	CVE-2000-0694	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258955	7.2	HIGH	tech-source	raptor_gfx_pgx32	Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options.	NVD-CWE-Other	CVE-2000-0695	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258956	10.0	HIGH	hp	hp-ux	Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.	NVD-CWE-Other	CVE-2000-0699	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258957	5.0	MEDIUM	cisco	ios gigabit_switch_router_12008 gigabit_switch_router_12012 gigabit_switch_router_12016	Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures…	NVD-CWE-Other	CVE-2000-0700	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258958	5.0	MEDIUM	pragma_systems	telnetserver	Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port.	NVD-CWE-Other	CVE-2000-0708	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258959	5.0	MEDIUM	microsoft	frontpage	The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DO…	NVD-CWE-Other	CVE-2000-0709	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258960	7.2	HIGH	lids	lids	Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option.	NVD-CWE-Other	CVE-2000-0712	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258961	7.6	HIGH	adobe	acrobat acrobat_business_tools acrobat_reader	Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.	NVD-CWE-Other	CVE-2000-0713	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258962	1.2	LOW	mandrakesoft	mandrake_linux	A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.	NVD-CWE-Other	CVE-2000-0718	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258963	6.2	MEDIUM	varicad	varicad	VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program.	NVD-CWE-Other	CVE-2000-0719	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258964	6.2	MEDIUM	multisoft	flagship	The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses.	NVD-CWE-Other	CVE-2000-0721	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258965	6.2	MEDIUM	helix_code	go-gnome_pre-installer	The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.	NVD-CWE-Other	CVE-2000-0724	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258966	4.6	MEDIUM	hp	hp-ux	Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.	NVD-CWE-Other	CVE-2000-0730	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258967	10.0	HIGH	sgi	irix	Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-…	NVD-CWE-Other	CVE-2000-0733	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258968	5.0	MEDIUM	rimarts_inc.	becky_internet_mail	Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message.	NVD-CWE-Other	CVE-2000-0735	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258969	5.0	MEDIUM	rimarts_inc.	becky_internet_mail	Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message.	NVD-CWE-Other	CVE-2000-0736	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258970	7.5	HIGH	network_associates	net_tools_pki_server	Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.	NVD-CWE-Other	CVE-2000-0741	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258971	10.0	HIGH	university_of_minnesota	gopherd	Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.	NVD-CWE-Other	CVE-2000-0743	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258972	7.5	HIGH	francisco_burzi	php-nuke	admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd paramete…	NVD-CWE-Other	CVE-2000-0745	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258973	4.6	MEDIUM	openldap	openldap	OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.	NVD-CWE-Other	CVE-2000-0748	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258974	7.5	HIGH	netbsd openbsd redhat	netbsd openbsd linux	mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.	NVD-CWE-Other	CVE-2000-0751	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258975	7.2	HIGH	freebsd	freebsd	Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.	NVD-CWE-Other	CVE-2000-0752	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258976	2.1	LOW	hp	openview_network_node_manager	Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.	NVD-CWE-Other	CVE-2000-0754	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258977	4.6	MEDIUM	hp	openview_network_node_manager	Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.	NVD-CWE-Other	CVE-2000-0755	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258978	10.0	HIGH	aptis_software	totalbill	The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.	NVD-CWE-Other	CVE-2000-0757	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258979	4.6	MEDIUM	lyris	list_manager	The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.	NVD-CWE-Other	CVE-2000-0758	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258980	5.0	MEDIUM	ibm	os2_ftp_server	OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.	NVD-CWE-Other	CVE-2000-0761	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258981	5.0	MEDIUM	bajie	java_http_server	The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.	NVD-CWE-Other	CVE-2000-0774	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258982	10.0	HIGH	rapidstream	rapidstream	sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.	NVD-CWE-Other	CVE-2000-0784	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258983	4.6	MEDIUM	bardon_data_systems	winu	WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.	NVD-CWE-Other	CVE-2000-0789	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258984	4.6	MEDIUM	trustix	secure_linux	Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.	NVD-CWE-Other	CVE-2000-0791	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258985	7.5	HIGH	alan_cox	gnome-lokkit	Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available.	NVD-CWE-Other	CVE-2000-0792	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258986	7.2	HIGH	hp	hp-ux	Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.	NVD-CWE-Other	CVE-2000-0801	2008-09-6 05:21	2000-10-20	表示	GitHub Exploit DB Packet Storm

258987	7.5	HIGH	fastream	ftp\+\+_server	Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username.	NVD-CWE-Other	CVE-2000-0831	2008-09-6 05:21	2000-11-14	表示	GitHub Exploit DB Packet Storm

258988	2.1	LOW	sco	openserver	snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.	NVD-CWE-Other	CVE-2000-0147	2008-09-6 05:20	2000-02-8	表示	GitHub Exploit DB Packet Storm

258989	2.6	LOW	realnetworks	realplayer	Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.	NVD-CWE-Other	CVE-2000-0280	2008-09-6 05:20	2000-04-3	表示	GitHub Exploit DB Packet Storm

258990	2.1	LOW	napster	napster_client	Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message.	NVD-CWE-Other	CVE-2000-0281	2008-09-6 05:20	2000-03-26	表示	GitHub Exploit DB Packet Storm

258991	5.0	MEDIUM	sco	open_desktop openserver unixware	Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.	NVD-CWE-Other	CVE-2000-0307	2008-09-6 05:20	2001-03-12	表示	GitHub Exploit DB Packet Storm

258992	10.0	HIGH	netscape sco	enterprise_server fasttrack_server proxy_server unixware	Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.	NVD-CWE-Other	CVE-2000-0308	2008-09-6 05:20	2001-03-12	表示	GitHub Exploit DB Packet Storm

258993	7.2	HIGH	openbsd	openbsd	cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.	NVD-CWE-Other	CVE-2000-0312	2008-09-6 05:20	2001-03-12	表示	GitHub Exploit DB Packet Storm

258994	10.0	HIGH	sco	unixware	A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.	NVD-CWE-Other	CVE-2000-0348	2008-09-6 05:20	2001-03-12	表示	GitHub Exploit DB Packet Storm

258995	5.0	MEDIUM	sco	unixware	Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.	NVD-CWE-Other	CVE-2000-0349	2008-09-6 05:20	2001-03-12	表示	GitHub Exploit DB Packet Storm

258996	10.0	HIGH	intel	netstructure_7110 netstructure_7180	NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain …	NVD-CWE-Other	CVE-2000-0384	2008-09-6 05:20	2000-05-8	表示	GitHub Exploit DB Packet Storm

258997	5.0	MEDIUM	microsoft	outlook outlook_express	Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.	NVD-CWE-Other	CVE-2000-0415	2008-09-6 05:20	2000-05-12	表示	GitHub Exploit DB Packet Storm

258998	3.6	LOW	cray	unicos	Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration.	NVD-CWE-Other	CVE-1999-1300	2008-09-6 05:19	1999-12-31	表示	GitHub Exploit DB Packet Storm

258999	7.5	HIGH	freebsd	freebsd	A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly oth…	NVD-CWE-Other	CVE-1999-1301	2008-09-6 05:19	1996-07-16	表示	GitHub Exploit DB Packet Storm

259000	7.5	HIGH	cisco	ios	Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.	NVD-CWE-Other	CVE-1999-1306	2008-09-6 05:19	1992-12-10	表示	GitHub Exploit DB Packet Storm