NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年4月23日4:00

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
314301	7.5	HIGH	oracle	application_server reports	Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long databas…	NVD-CWE-Other	CVE-2002-0947	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314302	7.5	HIGH	telindus	adsl_router	Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other …	NVD-CWE-Other	CVE-2002-0949	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314303	7.5	HIGH	transware	active_mail	Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered.	NVD-CWE-Other	CVE-2002-0950	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314304	10.0	HIGH	ruslan_communications	body_builder	SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password.	NVD-CWE-Other	CVE-2002-0951	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314305	7.5	HIGH	php_address	php_address	globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCoo…	NVD-CWE-Other	CVE-2002-0953	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314306	7.5	HIGH	yabb	yabb	Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script i…	NVD-CWE-Other	CVE-2002-0955	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314307	7.5	HIGH	iss	blackice_agent	BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions.	NVD-CWE-Other	CVE-2002-0956	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314308	5.0	MEDIUM	iss	blackice_agent	The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large…	NVD-CWE-Other	CVE-2002-0957	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314309	7.5	HIGH	ekilat_llc	php\(reactor\)	Cross-site scripting vulnerability in browse.php for PHP(Reactor) 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section.	NVD-CWE-Other	CVE-2002-0958	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314310	7.5	HIGH	splatt	splatt_forum	Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script.	NVD-CWE-Other	CVE-2002-0959	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314311	7.5	HIGH	voxel	cbms	Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users.	NVD-CWE-Other	CVE-2002-0960	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314312	7.5	HIGH	voxel	cbms	Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection a…	NVD-CWE-Other	CVE-2002-0961	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314313	7.5	HIGH	geeklog	geeklog	Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the url variable in the Link field of a calendar event, (2) the topic para…	NVD-CWE-Other	CVE-2002-0962	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314314	5.0	MEDIUM	geeklog	geeklog	SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter.	NVD-CWE-Other	CVE-2002-0963	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314315	5.0	MEDIUM	valve_software	half-life half-life_dedicated_server	Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which rea…	NVD-CWE-Other	CVE-2002-0964	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314316	7.5	HIGH	oracle	oracle9i	Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not prop…	NVD-CWE-Other	CVE-2002-0965	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314317	7.5	HIGH	aci	4d_webserver	Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request.	NVD-CWE-Other	CVE-2002-0966	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314318	7.5	HIGH	edonkey2000	edonkey_2000_client	Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL.	NVD-CWE-Other	CVE-2002-0967	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314319	7.2	HIGH	hp	cifs-9000_server	Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S…	NVD-CWE-Other	CVE-2002-0991	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314320	2.1	LOW	hp	hp-ux	Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.	NVD-CWE-Other	CVE-2002-0992	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314321	7.5	HIGH	sun	sun_pci_ii_driver	SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.	NVD-CWE-Other	CVE-2002-0994	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314322	7.5	HIGH	gianluca_baldo	phpauction	login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.	NVD-CWE-Other	CVE-2002-0995	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314323	7.5	HIGH	novell	netmail netmail_xe	Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.	NVD-CWE-Other	CVE-2002-0996	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314324	5.0	MEDIUM	novell	netmail netmail_xe	Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.	NVD-CWE-Other	CVE-2002-0997	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314325	7.5	HIGH	analogx	simpleserver_shout	Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long request to TCP port 8001.	NVD-CWE-Other	CVE-2002-1000	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314326	7.5	HIGH	analogx	proxy	Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A r…	NVD-CWE-Other	CVE-2002-1001	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314327	5.0	MEDIUM	novell	emframe	Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.	NVD-CWE-Other	CVE-2002-1002	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314328	7.5	HIGH	mywebserver	mywebserver	Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.	NVD-CWE-Other	CVE-2002-1003	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314329	5.0	MEDIUM	argosoft	argosoft_mail_server	Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.	NVD-CWE-Other	CVE-2002-1004	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314330	6.8	MEDIUM	bbc_education	betsie	Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl.	NVD-CWE-Other	CVE-2002-1006	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314331	7.5	HIGH	blackboard	blackboard	Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInf…	NVD-CWE-Other	CVE-2002-1007	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314332	7.5	HIGH	summit_computer_networks	lil_http_server	Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlc…	NVD-CWE-Other	CVE-2002-1008	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314333	7.5	HIGH	summit_computer_networks	lil_http_server	Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2…	NVD-CWE-Other	CVE-2002-1009	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314334	7.5	HIGH	lotus	domino_r4	Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasse…	NVD-CWE-Other	CVE-2002-1010	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314335	7.5	HIGH	ibm	tivoli_management_framework	Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via …	NVD-CWE-Other	CVE-2002-1011	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314336	7.5	HIGH	ibm	tivoli_management_framework	Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET …	NVD-CWE-Other	CVE-2002-1012	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314337	7.2	HIGH	inktomi	media-ixt traffic_edge traffic_server	Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argum…	NVD-CWE-Other	CVE-2002-1013	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314338	7.5	HIGH	realnetworks	realjukebox_2 realjukebox_2_plus realone_player	Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long val…	NVD-CWE-Other	CVE-2002-1014	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314339	7.5	HIGH	realnetworks	realjukebox_2 realjukebox_2_plus realone_player	RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini fil…	NVD-CWE-Other	CVE-2002-1015	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314340	4.6	MEDIUM	adobe	digital_editions	Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files.	NVD-CWE-Other	CVE-2002-1016	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314341	2.1	LOW	adobe	digital_editions	Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the a…	NVD-CWE-Other	CVE-2002-1017	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314342	5.0	MEDIUM	working_resources_inc.	badblue	BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.	NVD-CWE-Other	CVE-2002-1021	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314343	7.5	HIGH	working_resources_inc.	badblue	BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.	NVD-CWE-Other	CVE-2002-1022	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314344	5.0	MEDIUM	working_resources_inc.	badblue	BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.	NVD-CWE-Other	CVE-2002-1023	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314345	5.0	MEDIUM	macromedia	jrun	JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.	NVD-CWE-Other	CVE-2002-1025	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314346	5.0	MEDIUM	macromedia	sitespring	Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly trigger…	NVD-CWE-Other	CVE-2002-1026	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314347	7.5	HIGH	macromedia	sitespring	Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 50…	NVD-CWE-Other	CVE-2002-1027	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314348	5.0	MEDIUM	oddsock	song_requester	Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments.	NVD-CWE-Other	CVE-2002-1028	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314349	5.0	MEDIUM	worldspan	res_manager	Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.	NVD-CWE-Other	CVE-2002-1029	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm

314350	2.6	LOW	bea	weblogic_server	Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.	NVD-CWE-Other	CVE-2002-1030	2008-09-6 05:29	2002-10-4	表示	GitHub Exploit DB Packet Storm