NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2024年12月28日4:05

No CVSS レベル
攻撃区分
ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
275801 7.5 HIGH
raytheon silentrunner Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2… NVD-CWE-Other
CVE-2001-0636 2008-09-6 05:24 2001-09-20 表示 GitHub Exploit DB Packet Storm
275802 5.0 MEDIUM
orange_software orange_web_server Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. NVD-CWE-Other
CVE-2001-0647 2008-09-6 05:24 2001-08-6 表示 GitHub Exploit DB Packet Storm
275803 10.0 HIGH
ibm aix Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. NVD-CWE-Other
CVE-2001-0671 2008-09-6 05:24 2001-12-6 表示 GitHub Exploit DB Packet Storm
275804 5.0 MEDIUM
transsoft broker_ftp_server Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command. NVD-CWE-Other
CVE-2001-0688 2008-09-6 05:24 2001-09-20 表示 GitHub Exploit DB Packet Storm
275805 7.5 HIGH
trend_micro virus_control_system Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program. NVD-CWE-Other
CVE-2001-0689 2008-09-6 05:24 2001-09-20 表示 GitHub Exploit DB Packet Storm
275806 4.6 MEDIUM
university_of_washington imapd Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations. NVD-CWE-Other
CVE-2001-0691 2008-09-6 05:24 2001-09-20 表示 GitHub Exploit DB Packet Storm
275807 7.5 HIGH
texas_imperial_software wftpd Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command. NVD-CWE-Other
CVE-2001-0694 2008-09-6 05:24 2001-09-20 表示 GitHub Exploit DB Packet Storm
275808 4.6 MEDIUM
sendmail sendmail Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the conf… NVD-CWE-Other
CVE-2001-0713 2008-09-6 05:24 2001-10-30 表示 GitHub Exploit DB Packet Storm
275809 2.1 LOW
sendmail sendmail Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which cau… NVD-CWE-Other
CVE-2001-0714 2008-09-6 05:24 2001-10-30 表示 GitHub Exploit DB Packet Storm
275810 7.5 HIGH
computalynx cmail Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command. NVD-CWE-Other
CVE-2001-0742 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275811 5.0 MEDIUM
oreilly webboard Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands. NVD-CWE-Other
CVE-2001-0743 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275812 7.5 HIGH
debian debian_linux Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command. NVD-CWE-Other
CVE-2001-0755 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275813 7.5 HIGH
evolvable_corporation shambala_server Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command. NVD-CWE-Other
CVE-2001-0758 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275814 7.2 HIGH
jetico bestcrypt Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount. NVD-CWE-Other
CVE-2001-0759 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275815 7.5 HIGH
trend_micro interscan_webmanager Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter. NVD-CWE-Other
CVE-2001-0761 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275816 4.6 MEDIUM
su-wrapper su-wrapper Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument. NVD-CWE-Other
CVE-2001-0762 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275817 5.0 MEDIUM
steve_poulsen guildftpd Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. NVD-CWE-Other
CVE-2001-0767 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275818 5.0 MEDIUM
internet_software_solutions air_messenger_lan_server Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2001-0785 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275819 5.0 MEDIUM
internet_software_solutions air_messenger_lan_server Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. NVD-CWE-Other
CVE-2001-0786 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275820 5.0 MEDIUM
internet_software_solutions air_messenger_lan_server Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header. NVD-CWE-Other
CVE-2001-0788 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275821 5.0 MEDIUM
specter specter_ids Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts. NVD-CWE-Other
CVE-2001-0790 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275822 5.0 MEDIUM
trend_micro interscan_viruswall Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access. NVD-CWE-Other
CVE-2001-0791 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275823 5.0 MEDIUM
a-ftp anonymous_ftp_server Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command. NVD-CWE-Other
CVE-2001-0794 2008-09-6 05:24 2001-10-18 表示 GitHub Exploit DB Packet Storm
275824 10.0 HIGH
sgi irix lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. NVD-CWE-Other
CVE-2001-0800 2008-09-6 05:24 2001-12-6 表示 GitHub Exploit DB Packet Storm
275825 9.0 HIGH
apc powerchute The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access. NVD-CWE-Other
CVE-2000-1242 2008-09-6 05:23 2000-12-31 表示 GitHub Exploit DB Packet Storm
275826 2.1 LOW
cisco arrowpoint
content_services_switch
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," … NVD-CWE-Other
CVE-2001-0019 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275827 5.0 MEDIUM
alt-n mdaemon Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string. NVD-CWE-Other
CVE-2001-0064 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275828 2.1 LOW
nsa security-enhanced_linux Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory. NVD-CWE-Other
CVE-2001-0073 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275829 5.0 MEDIUM
technote_inc technote Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter. NVD-CWE-Other
CVE-2001-0074 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275830 5.0 MEDIUM
technote_inc technote Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter. NVD-CWE-Other
CVE-2001-0075 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275831 2.1 LOW
hp support_tools_manager Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file. NVD-CWE-Other
CVE-2001-0079 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275832 7.5 HIGH
checkpoint firewall-1 Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. NVD-CWE-Other
CVE-2001-0082 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275833 7.2 HIGH
freebsd freebsd Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. NVD-CWE-Other
CVE-2001-0093 2008-09-6 05:23 2001-02-12 表示 GitHub Exploit DB Packet Storm
275834 10.0 HIGH
omnicron omnihttpd statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. NVD-CWE-Other
CVE-2001-0113 2008-09-6 05:23 2001-03-12 表示 GitHub Exploit DB Packet Storm
275835 5.0 MEDIUM
omnicron omnihttpd statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter. NVD-CWE-Other
CVE-2001-0114 2008-09-6 05:23 2001-03-12 表示 GitHub Exploit DB Packet Storm
275836 7.6 HIGH
oliver_debon flash Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. NVD-CWE-Other
CVE-2001-0127 2008-09-6 05:23 2001-03-12 表示 GitHub Exploit DB Packet Storm
275837 1.2 LOW
trend_micro interscan_viruswall Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. NVD-CWE-Other
CVE-2001-0132 2008-09-6 05:23 2001-03-12 表示 GitHub Exploit DB Packet Storm
275838 10.0 HIGH
trend_micro interscan_viruswall The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator … NVD-CWE-Other
CVE-2001-0133 2008-09-6 05:23 2001-03-12 表示 GitHub Exploit DB Packet Storm
275839 7.5 HIGH
van_dyke_technologies vshell Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. NVD-CWE-Other
CVE-2001-0155 2008-09-6 05:23 2001-06-2 表示 GitHub Exploit DB Packet Storm
275840 5.0 MEDIUM
lucent
orinoco
wavelan
orinoco_wavelan
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will l… NVD-CWE-Other
CVE-2001-0160 2008-09-6 05:23 2001-01-1 表示 GitHub Exploit DB Packet Storm
275841 5.0 MEDIUM
cisco aironet Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. NVD-CWE-Other
CVE-2001-0161 2008-09-6 05:23 2001-01-1 表示 GitHub Exploit DB Packet Storm
275842 4.6 MEDIUM
cisco aironet_ap340 Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. NVD-CWE-Other
CVE-2001-0163 2008-09-6 05:23 2001-01-1 表示 GitHub Exploit DB Packet Storm
275843 5.0 MEDIUM
free_java_web_server free_java_web_server Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2001-0186 2008-09-6 05:23 2001-05-3 表示 GitHub Exploit DB Packet Storm
275844 10.0 HIGH
davide_libenzi xmail Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. NVD-CWE-Other
CVE-2001-0192 2008-09-6 05:23 2001-05-3 表示 GitHub Exploit DB Packet Storm
275845 5.0 MEDIUM
heat-on_software hsweb HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. NVD-CWE-Other
CVE-2001-0200 2008-09-6 05:23 2001-05-3 表示 GitHub Exploit DB Packet Storm
275846 5.0 MEDIUM
informs picserver Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request. NVD-CWE-Other
CVE-2001-0202 2008-09-6 05:23 2001-05-3 表示 GitHub Exploit DB Packet Storm
275847 5.0 MEDIUM
soft_lite serverworx Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request. NVD-CWE-Other
CVE-2001-0206 2008-09-6 05:23 2001-06-2 表示 GitHub Exploit DB Packet Storm
275848 4.6 MEDIUM
microfocus cobol MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying file… NVD-CWE-Other
CVE-2001-0208 2008-09-6 05:23 2001-06-2 表示 GitHub Exploit DB Packet Storm
275849 5.0 MEDIUM
carey_internet_service commerce.cgi Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter. NVD-CWE-Other
CVE-2001-0210 2008-09-6 05:23 2001-06-2 表示 GitHub Exploit DB Packet Storm
275850 5.0 MEDIUM
silverplatter webspirs Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter. NVD-CWE-Other
CVE-2001-0211 2008-09-6 05:23 2001-06-2 表示 GitHub Exploit DB Packet Storm