NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2025年1月8日4:08

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
276851	2.1	LOW	tiny_software	tiny_personal_firewall	Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.	NVD-CWE-Other	CVE-2001-1549	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276852	2.1	LOW	linux	linux_kernel	Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.	NVD-CWE-Other	CVE-2001-1551	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276853	4.6	MEDIUM	university_of_california	seti_at_home	Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_…	NVD-CWE-Other	CVE-2001-1553	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276854	5.0	MEDIUM	ibm	aix	IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.	NVD-CWE-Other	CVE-2001-1554	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276855	7.5	HIGH	ibm	aix	Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.	NVD-CWE-Other	CVE-2001-1557	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276856	5.0	MEDIUM	snort	snort	Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a denial of service (crash).	NVD-CWE-Other	CVE-2001-1558	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276857	7.2	HIGH	john_bovey debian	xvt debian_linux	Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.	NVD-CWE-Other	CVE-2001-1561	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276858	2.1	LOW	apple	mac_os_x	Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via…	NVD-CWE-Other	CVE-2001-1565	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276859	7.5	HIGH	vanessa verge	vanessa_logger perdition	Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.	NVD-CWE-Other	CVE-2001-1566	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276860	6.4	MEDIUM	cmg	wap_gateway	CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the…	NVD-CWE-Other	CVE-2001-1568	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276861	6.4	MEDIUM	cmg	openwave_wap_gateway	Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-i…	NVD-CWE-Other	CVE-2001-1569	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276862	2.1	LOW	microsoft	windows_xp	Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes oth…	NVD-CWE-Other	CVE-2001-1570	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276863	5.0	MEDIUM	microsoft	windows_xp	The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.	NVD-CWE-Other	CVE-2001-1571	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276864	7.5	HIGH	linux	linux_kernel	The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.	NVD-CWE-Other	CVE-2001-1572	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276865	10.0	HIGH	trend_micro	interscan_viruswall	Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.	NVD-CWE-Other	CVE-2001-1573	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276866	10.0	HIGH	trend_micro	interscan_viruswall	Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.	NVD-CWE-Other	CVE-2001-1574	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276867	4.6	MEDIUM	caldera	unixware	Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.	NVD-CWE-Other	CVE-2001-1576	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276868	2.1	LOW	sco	openserver	Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.	NVD-CWE-Other	CVE-2001-1578	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276869	5.0	MEDIUM	sco	open_unix unixware	The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.	NVD-CWE-Other	CVE-2001-1579	2008-09-6 05:26	2001-12-31	表示	GitHub Exploit DB Packet Storm

276870	7.5	HIGH	sgi	irix	Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.	NVD-CWE-Other	CVE-2002-0017	2008-09-6 05:26	2002-04-3	表示	GitHub Exploit DB Packet Storm

276871	4.6	MEDIUM	yahoo	messenger	Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) ad…	NVD-CWE-Other	CVE-2002-0031	2008-09-6 05:26	2002-07-26	表示	GitHub Exploit DB Packet Storm

276872	10.0	HIGH	compaq	insight_manager_xe	Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.	NVD-CWE-Other	CVE-2001-0840	2008-09-6 05:25	2001-12-6	表示	GitHub Exploit DB Packet Storm

276873	7.5	HIGH	cisco	12000_router	Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could al…	NVD-CWE-Other	CVE-2001-0866	2008-09-6 05:25	2001-12-6	表示	GitHub Exploit DB Packet Storm

276874	7.2	HIGH	oracle	database_server	dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary…	NVD-CWE-Other	CVE-2001-0943	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276875	5.0	MEDIUM	glftpd	glftpd	glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.	NVD-CWE-Other	CVE-2001-0965	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276876	10.0	HIGH	nudester.org	nudester	Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.	NVD-CWE-Other	CVE-2001-0966	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276877	10.0	HIGH	knox_software	arkeia	Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.	NVD-CWE-Other	CVE-2001-0968	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276878	5.0	MEDIUM	aci	4d_webserver	Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request.	NVD-CWE-Other	CVE-2001-0971	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276879	6.4	MEDIUM	fraunhofer_fit	bscw	BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.	NVD-CWE-Other	CVE-2001-0973	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276880	7.2	HIGH	hp	process_resource_manager	Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment var…	NVD-CWE-Other	CVE-2001-0976	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276881	7.5	HIGH	hp	hp-ux	login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the …	NVD-CWE-Other	CVE-2001-0978	2008-09-6 05:25	2001-09-3	表示	GitHub Exploit DB Packet Storm

276882	7.2	HIGH	richard_everitt	pileup	Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign.	NVD-CWE-Other	CVE-2001-0989	2008-09-6 05:25	2001-07-23	表示	GitHub Exploit DB Packet Storm

276883	5.0	MEDIUM	gnutella	gnutella_client	Cross-site scripting (CSS) vulnerability in gnut Gnutella client before 0.4.27 allows remote attackers to execute arbitrary script on other clients by sharing a file whose name contains the script ta…	NVD-CWE-Other	CVE-2001-1004	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276884	7.5	HIGH	starfish	truesync_desktop	Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the…	NVD-CWE-Other	CVE-2001-1005	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276885	5.0	MEDIUM	starfish	truesync_desktop	Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files us…	NVD-CWE-Other	CVE-2001-1006	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276886	5.0	MEDIUM	starfish	truesync_desktop	Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly g…	NVD-CWE-Other	CVE-2001-1007	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276887	7.5	HIGH	sun	java_plug-in jre	Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an …	NVD-CWE-Other	CVE-2001-1008	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276888	7.2	HIGH	snes9x.com	snes9x	Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileges via a long command line argument.	NVD-CWE-Other	CVE-2001-1015	2008-09-6 05:25	2001-10-16	表示	GitHub Exploit DB Packet Storm

276889	10.0	HIGH	francisco_burzi	php-nuke	PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including…	NVD-CWE-Other	CVE-2001-1025	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276890	7.2	HIGH	redhat	linux	Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.	NVD-CWE-Other	CVE-2001-1028	2008-09-6 05:25	2001-05-28	表示	GitHub Exploit DB Packet Storm

276891	7.5	HIGH	hp	jetadmin	The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.	NVD-CWE-Other	CVE-2001-1039	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276892	6.4	MEDIUM	hp	jetadmin	HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.	NVD-CWE-Other	CVE-2001-1040	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276893	7.5	HIGH	topher1kenobe	awol	AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.	NVD-CWE-Other	CVE-2001-1048	2008-09-6 05:25	2001-10-2	表示	GitHub Exploit DB Packet Storm

276894	10.0	HIGH	ibm	aix	Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.	NVD-CWE-Other	CVE-2001-1061	2008-09-6 05:25	2001-08-31	表示	GitHub Exploit DB Packet Storm

276895	7.5	HIGH	lucent simon_horms	radius	Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers th…	NVD-CWE-Other	CVE-2001-1081	2008-09-6 05:25	2001-07-6	表示	GitHub Exploit DB Packet Storm

276896	5.0	MEDIUM	lucent simon_horms	radius	Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack.	NVD-CWE-Other	CVE-2001-1082	2008-09-6 05:25	2001-07-13	表示	GitHub Exploit DB Packet Storm

276897	5.0	MEDIUM	khamil_landross_and_zack_jones	eftp	EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that o…	NVD-CWE-Other	CVE-2001-1110	2008-09-6 05:25	2001-09-12	表示	GitHub Exploit DB Packet Storm

276898	5.0	MEDIUM	whitsoft_development	slimftpd	Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.	NVD-CWE-Other	CVE-2001-1131	2008-09-6 05:25	2001-08-21	表示	GitHub Exploit DB Packet Storm

276899	2.1	LOW	bsdi	bsd_os	Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions.	NVD-CWE-Other	CVE-2001-1133	2008-09-6 05:25	2001-08-21	表示	GitHub Exploit DB Packet Storm

276900	5.0	MEDIUM	ascii_nt	winwrapper_professional	Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request.	NVD-CWE-Other	CVE-2001-1139	2008-09-6 05:25	2001-08-22	表示	GitHub Exploit DB Packet Storm