NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年4月24日4:00

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
313801	7.5	HIGH	phpwebgallery	phpwebgallery	isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo.	NVD-CWE-Other	CVE-2002-2064	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313802	5.0	MEDIUM	webcalendar	webcalendar	WebCalendar 0.9.34 and earlier with 'browsing in includes directory' enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root.	NVD-CWE-Other	CVE-2002-2065	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313803	5.0	MEDIUM	compaq	tru64	Compaq Tru64 4.0 d allows remote attackers to cause a denial of service in (1) telnet, (2) FTP, (3) ypbind, (4) rpc.lockd, (5) snmp, (6) ttdbserverd, and possibly other services via a TCP SYN scan, a…	NVD-CWE-Other	CVE-2002-2071	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313804	5.0	MEDIUM	sun	jre	java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged…	NVD-CWE-Other	CVE-2002-2072	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313805	7.5	HIGH	erwin_lansing	mailidx	SQL injection vulnerability in Mailidx before 20020105 allows remote attackers to execute arbitrary SQL commands via the search web page.	NVD-CWE-Other	CVE-2002-2074	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313806	5.0	MEDIUM	mirabilis	icq	ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number.	NVD-CWE-Other	CVE-2002-2075	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313807	5.0	MEDIUM	summit_computer_networks	lil_http	Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.	NVD-CWE-Other	CVE-2002-2076	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313808	7.5	HIGH	floosietek	ftgateoffice ftgatepro	Heap-based buffer overflow in Floositek (1) FTGate Pro 1.05 and (2) FTGate Office 1.05 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long POP3 APOP US…	NVD-CWE-Other	CVE-2002-2078	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313809	5.0	MEDIUM	mosix_project openmosix_project	mosix openmosix	mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets.	NVD-CWE-Other	CVE-2002-2079	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313810	5.0	MEDIUM	floosietek	ftgatepro	Floositek FTGate PRO 1.05 allows remote attackers to cause a denial of service (memory and CPU consumption) via a large number of RCPT TO: messages during an SMTP session.	NVD-CWE-Other	CVE-2002-2080	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313811	5.0	MEDIUM	microsoft	site_server site_server_commerce	cphost.dll in Microsoft Site Server 3.0 allows remote attackers to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to…	NVD-CWE-Other	CVE-2002-2081	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313812	7.5	HIGH	floosietek	ftgateoffice ftgatepro	FTGate and FTGate Pro 1.05 lock user mailboxes before authentication succeeds, which allows remote attackers to lock the mailboxes of other users.	NVD-CWE-Other	CVE-2002-2082	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313813	2.1	LOW	novell	netware	The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware log…	NVD-CWE-Other	CVE-2002-2083	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313814	5.0	MEDIUM	portix-php	portix-php	Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) l and (2) topic parameters.	NVD-CWE-Other	CVE-2002-2084	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313815	5.0	MEDIUM	wwwebbb	wwwebbb_forum	Directory traversal vulnerability in page.cgi of WWWeBBB Forum 3.82 beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request.	NVD-CWE-Other	CVE-2002-2085	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313816	4.6	MEDIUM	borland_software	interbase	Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.	NVD-CWE-Other	CVE-2002-2087	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313817	10.0	HIGH	mosix_project	clump_os	The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access.	NVD-CWE-Other	CVE-2002-2088	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313818	4.6	MEDIUM	sun	solaris	Buffer overflow in rcp in Solaris 9.0 allows local users to execute arbitrary code via a long command line argument.	NVD-CWE-Other	CVE-2002-2089	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313819	5.0	MEDIUM	caucho_technology	resin	Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.	NVD-CWE-Other	CVE-2002-2090	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313820	7.5	HIGH	decfingerd	decfingerd	Format string vulnerability in Deception Finger Daemon, decfingerd, 0.7 may allow remote attackers to execute arbitrary code via the username of a finger request.	NVD-CWE-Other	CVE-2002-2091	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313821	5.0	MEDIUM	joe_testa	hellbent	Joe Testa hellbent 01 webserver allows attackers to read files that are specified in the hellbent.prefs file by creating a file with a similar name in the web root, as demonstrated using (1) index.we…	NVD-CWE-Other	CVE-2002-2095	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313822	7.5	HIGH	novell	netware	Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.	NVD-CWE-Other	CVE-2002-2096	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313823	5.0	MEDIUM	microsoft	outlook	Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content.	NVD-CWE-Other	CVE-2002-2100	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313824	7.5	HIGH	microsoft	outlook	Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag.	NVD-CWE-Other	CVE-2002-2101	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313825	5.0	MEDIUM	jcraft	jzlib	InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data.	NVD-CWE-Other	CVE-2002-2102	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313826	5.0	MEDIUM	apache	http_server	Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide…	NVD-CWE-Other	CVE-2002-2103	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313827	4.3	MEDIUM	veridis	openkeyserver	Cross-site scripting (XSS) vulnerability in the lookup script in Veridis OpenKeyServer (OKS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.	NVD-CWE-Other	CVE-2002-2107	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313828	5.0	MEDIUM	sony	vaio_manual_cybersupport	Unknown vulnerability in the "VAIO Manual" software in certain Sony VAIO personal computers sold from November 2001 to January 2002, allows remote attackers to modify data via a web page or HTML e-ma…	NVD-CWE-Other	CVE-2002-2108	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313829	7.5	HIGH	matt_wright	formmail	Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/…	NVD-CWE-Other	CVE-2002-2109	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313830	5.0	MEDIUM	rca	digital_cable_modem	The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers to cause a denial of service (modem device reset) by connecting to port 80 on the 10.0.0.0/8 device.	NVD-CWE-Other	CVE-2002-2110	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313831	5.0	MEDIUM	rca	digital_cable_modem	RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP acc…	NVD-CWE-Other	CVE-2002-2112	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313832	7.5	HIGH	agh	htmlsearch	search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the template parameter.	NVD-CWE-Other	CVE-2002-2113	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313833	4.3	MEDIUM	hns	hns hns-lite	Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) Lite before 0.9 and HNS before 2.10-pl2 allows remote attackers to inject arbitrary web script or HTML.	NVD-CWE-Other	CVE-2002-2115	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313834	5.0	MEDIUM	netgear	rm356 rt338	Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.	NVD-CWE-Other	CVE-2002-2116	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313835	4.6	MEDIUM	qnx	rtos	Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2) int10.	NVD-CWE-Other	CVE-2002-2120	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313836	2.1	LOW	pointsec_mobile_technologies	pointsec	Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a local attacker who steals an unlocked Palm to retrieve the PIN by dumping memory.	NVD-CWE-Other	CVE-2002-2122	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313837	2.1	LOW	pedestal_software	integrity_protection_driver	restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time.	NVD-CWE-Other	CVE-2002-2126	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313838	4.6	MEDIUM	w-agora	w-agora	editform.php in w-Agora 4.1.5 allows local users to execute arbitrary PHP code via .. (dot dot) sequences in the file parameter.	NVD-CWE-Other	CVE-2002-2128	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313839	7.5	HIGH	gallery_project	gallery	publish_xp_docs.php in Gallery 1.3.2 allows remote attackers to execute arbitrary PHP code by modifying the GALLERY_BASEDIR parameter to reference a URL on a remote web server that contains the code.	NVD-CWE-Other	CVE-2002-2130	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313840	5.0	MEDIUM	perl-httpd	perl-httpd	Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitrary files via a .. (dot dot) in an unknown argument.	NVD-CWE-Other	CVE-2002-2131	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313841	10.0	HIGH	telindus	1120_adsl_router	Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative …	NVD-CWE-Other	CVE-2002-2133	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313842	5.0	MEDIUM	peel	peel	haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file.	NVD-CWE-Other	CVE-2002-2134	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313843	5.0	MEDIUM	alloy d-link eusso linksys wisecom	gl-2422ap-s dwl-900ap\+ gl2422_ap wap11 gl2422ap-0t	GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11…	NVD-CWE-Other	CVE-2002-2137	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313844	7.5	HIGH	mysimplenews	mysimplenews	The admin.html file in MySimple News 1.0 stores its administrative password in plaintext, which allows remote attackers to gain unauthorized access to the web server by viewing the source of admin.ht…	NVD-CWE-Other	CVE-2002-2143	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313845	5.0	MEDIUM	free_peers	bearshare	Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.	NVD-CWE-Other	CVE-2002-2144	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313846	7.5	HIGH	savant	savant_webserver	Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filen…	NVD-CWE-Other	CVE-2002-2145	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313847	7.5	HIGH	savant	savant_webserver	cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request.	NVD-CWE-Other	CVE-2002-2146	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313848	5.0	MEDIUM	lucent	ascend_max_router ascend_pipeline_router dslterminator	Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and I…	NVD-CWE-Other	CVE-2002-2148	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313849	5.0	MEDIUM	lucent	access_point_service_router_1500 access_point_service_router_300 access_point_service_router_600	Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.	NVD-CWE-Other	CVE-2002-2149	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm

313850	5.0	MEDIUM	juniper	netscreen_screenos	Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UD…	NVD-CWE-Other	CVE-2002-2150	2008-09-6 05:32	2002-12-31	表示	GitHub Exploit DB Packet Storm