NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年4月24日4:00

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
313651 4.6 MEDIUM
daiki_ueno liece_emacs_irc_client The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. NVD-CWE-Other
CVE-2003-0537 2008-09-6 05:34 2003-08-18 表示 GitHub Exploit DB Packet Storm
313652 5.0 MEDIUM
sgi irix The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. NVD-CWE-Other
CVE-2003-0573 2008-09-6 05:34 2003-08-18 表示 GitHub Exploit DB Packet Storm
313653 10.0 HIGH
phpgroupware phpgroupware Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web do… NVD-CWE-Other
CVE-2003-0599 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313654 6.8 MEDIUM
mozilla bugzilla Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default Ge… NVD-CWE-Other
CVE-2003-0602 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313655 2.1 LOW
mozilla bugzilla Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with … NVD-CWE-Other
CVE-2003-0603 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313656 4.6 MEDIUM
xtokkaetama xtokkaetama Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. NVD-CWE-Other
CVE-2003-0611 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313657 7.5 HIGH
novell ichain Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. NVD-CWE-Other
CVE-2003-0636 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313658 10.0 HIGH
bea weblogic_server BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privile… NVD-CWE-Other
CVE-2003-0640 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313659 4.6 MEDIUM
johannes_sixt kdbg Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands. NVD-CWE-Other
CVE-2003-0644 2008-09-6 05:34 2003-09-7 表示 GitHub Exploit DB Packet Storm
313660 7.5 HIGH
mod_mylo mod_mylo Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. NVD-CWE-Other
CVE-2003-0651 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313661 7.5 HIGH
phpgroupware phpgroupware Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions. NVD-CWE-Other
CVE-2003-0657 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
313662 7.5 HIGH
sgi irix NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypas… NVD-CWE-Other
CVE-2003-0683 2008-09-6 05:34 2003-11-3 表示 GitHub Exploit DB Packet Storm
313663 7.2 HIGH
hp hp-ux Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. NVD-CWE-Other
CVE-2003-0061 2008-09-6 05:33 2002-01-11 表示 GitHub Exploit DB Packet Storm
313664 5.0 MEDIUM
nokia 6210_handset Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of form… NVD-CWE-Other
CVE-2003-0103 2008-09-6 05:33 2003-03-7 表示 GitHub Exploit DB Packet Storm
313665 5.0 MEDIUM
peoplesoft peopletools Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. NVD-CWE-Other
CVE-2003-0104 2008-09-6 05:33 2003-03-18 表示 GitHub Exploit DB Packet Storm
313666 7.5 HIGH
ibm aix The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorize… NVD-CWE-Other
CVE-2003-0119 2008-09-6 05:33 2004-02-3 表示 GitHub Exploit DB Packet Storm
313667 1.2 LOW
mhc-utils mhc-utils adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. NVD-CWE-Other
CVE-2003-0120 2008-09-6 05:33 2003-03-7 表示 GitHub Exploit DB Packet Storm
313668 7.5 HIGH
multitech routefinder_550_vpn The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to … NVD-CWE-Other
CVE-2003-0126 2008-09-6 05:33 2003-03-18 表示 GitHub Exploit DB Packet Storm
313669 5.0 MEDIUM
adobe acrobat_reader Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, whic… NVD-CWE-Other
CVE-2003-0142 2008-09-6 05:33 2003-08-18 表示 GitHub Exploit DB Packet Storm
313670 7.5 HIGH
mozilla bonsai Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user. NVD-CWE-Other
CVE-2003-0152 2008-09-6 05:33 2003-04-2 表示 GitHub Exploit DB Packet Storm
313671 5.0 MEDIUM
mozilla bonsai bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. NVD-CWE-Other
CVE-2003-0155 2008-09-6 05:33 2003-04-2 表示 GitHub Exploit DB Packet Storm
313672 7.5 HIGH
mutt mutt Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and pos… NVD-CWE-Other
CVE-2003-0167 2008-09-6 05:33 2003-04-2 表示 GitHub Exploit DB Packet Storm
313673 5.0 MEDIUM
sgi irix The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP p… NVD-CWE-Other
CVE-2003-0176 2008-09-6 05:33 2003-08-18 表示 GitHub Exploit DB Packet Storm
313674 4.6 MEDIUM
sgi irix SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently. NVD-CWE-Other
CVE-2003-0177 2008-09-6 05:33 2003-08-18 表示 GitHub Exploit DB Packet Storm
313675 4.6 MEDIUM
redhat tcpdump
linux 		tcpdump does not properly drop privileges to the pcap user when starting up. NVD-CWE-Other
CVE-2003-0194 2008-09-6 05:33 2003-06-9 表示 GitHub Exploit DB Packet Storm
313676 4.6 MEDIUM
debian mime-support run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2003-0214 2008-09-6 05:33 2003-05-12 表示 GitHub Exploit DB Packet Storm
313677 7.5 HIGH
frontrange goldmine FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attacker… NVD-CWE-Other
CVE-2003-0241 2008-09-6 05:33 2003-06-9 表示 GitHub Exploit DB Packet Storm
313678 7.5 HIGH
adobe acrobat Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated… NVD-CWE-Other
CVE-2003-0284 2008-09-6 05:33 2003-06-16 表示 GitHub Exploit DB Packet Storm
313679 5.8 MEDIUM
neosoft neobook The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. NVD-CWE-Other
CVE-2002-2352 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313680 7.8 HIGH
netgear fm114p Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. CWE-20
不適切な入力確認 		CVE-2002-2354 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313681 7.1 HIGH
netgear fm114p Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other informa… CWE-255
証明書・パスワード管理 		CVE-2002-2355 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313682 6.4 MEDIUM
hamweather hamweather HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. CWE-264
認可・権限・アクセス制御 		CVE-2002-2356 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313683 5.0 MEDIUM
mailenable mailenable MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. CWE-119
バッファエラー 		CVE-2002-2357 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313684 4.3 MEDIUM
opera_software opera_web_browser Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2002-2358 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313685 4.3 MEDIUM
mozilla mozilla Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2002-2359 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313686 9.3 HIGH
webmin webmin The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_for… CWE-264
認可・権限・アクセス制御 		CVE-2002-2360 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313687 5.8 MEDIUM
yahoo messenger The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. CWE-264
認可・権限・アクセス制御 		CVE-2002-2361 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313688 4.3 MEDIUM
sourceforge mymarket Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2002-2362 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313689 7.2 HIGH
hp hp-ux VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. CWE-264
認可・権限・アクセス制御 		CVE-2002-2363 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313690 4.3 MEDIUM
sourceforge php_ticket Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a help ticket. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2002-2364 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313691 10.0 HIGH
springer_verlag_berlin_heidelberg simple_wais Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. CWE-20
不適切な入力確認 		CVE-2002-2365 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313692 6.8 MEDIUM
cerulean_studios trillian Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors fil… CWE-119
バッファエラー 		CVE-2002-2366 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313693 7.8 HIGH
socks5 socks5 Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. CWE-189
CWE-119
数値処理の問題
バッファエラー 		CVE-2002-2367 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313694 10.0 HIGH
nec socks_5 Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function i… CWE-119
バッファエラー 		CVE-2002-2368 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313695 5.0 MEDIUM
perception liteserve Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL. CWE-200
情報漏えい 		CVE-2002-2369 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313696 5.0 MEDIUM
sws sws_simple_web_server SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline. NVD-CWE-Other
CVE-2002-2370 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313697 7.8 HIGH
linksys wet11 Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. CWE-20
不適切な入力確認 		CVE-2002-2371 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313698 5.0 MEDIUM
ibm infoprint_21 The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. CWE-119
バッファエラー 		CVE-2002-2372 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313699 7.5 HIGH
apple tcp_ip_configuration_utility The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. CWE-16
環境設定 		CVE-2002-2373 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
313700 10.0 HIGH
sun patchpro Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." CWE-59
NVD-CWE-noinfo
CWE-362
リンク解釈の問題
競合状態 		CVE-2002-2374 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm