NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月17日4:19

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
349601	10.0	HIGH	freebsd	freebsd	Integer overflow in IEEE 802.11 network subsystem (ieee80211_ioctl.c) in FreeBSD before 6.0-STABLE, while scanning for wireless networks, allows remote attackers to execute arbitrary code by broadcas…	NVD-CWE-Other	CVE-2006-0226	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349602	7.2	HIGH	grsecurity	grsecurity_kernel_patch	The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be rest…	NVD-CWE-Other	CVE-2006-0228	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349603	4.3	MEDIUM	gtp	icommerce	Cross-site scripting (XSS) vulnerability in index.php in GTP iCommerce allows remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) subcat parameters. NOTE: the provenance …	NVD-CWE-Other	CVE-2006-0237	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349604	7.5	HIGH	gamerz	wp-stats	SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 allows remote attackers to execute arbitrary SQL commands via the author parameter.	NVD-CWE-Other	CVE-2006-0238	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349605	7.5	HIGH	8pixel.net	simple_blog	Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other par…	CWE-89 SQLインジェクション	CVE-2006-0240	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349606	4.3	MEDIUM	smbcms	smbcms	Cross-site scripting (XSS) vulnerability in SMBCMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the text parameter, which is used by the "Search Site" field. NOTE: the prov…	NVD-CWE-Other	CVE-2006-0243	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349607	4.3	MEDIUM	devellion	cubecart	Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.7-pl1 allow remote attackers to inject arbitrary web script or HTML via the (3) redir, (4) productId, (5) docId, (6) act, and (7) c…	NVD-CWE-Other	CVE-2006-0245	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349608	4.3	MEDIUM	widexl	download_tracker	Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download Tracker 1.06 allows remote attackers to inject arbitrary web script or HTML via the ID parameter.	NVD-CWE-Other	CVE-2006-0246	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349609	4.3	MEDIUM	netbula	anyboard	Cross-site scripting (XSS) vulnerability in anyboard.cgi in Netbula Anyboard 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tK parameter in a find command.	NVD-CWE-Other	CVE-2006-0247	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349610	5.0	MEDIUM	intracom	jetspeed	Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 and 520 and (2) Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such a…	NVD-CWE-Other	CVE-2006-0248	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349611	7.5	HIGH	bitdamaged	geoblog	SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD_1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter ($tm…	CWE-89 SQLインジェクション	CVE-2006-0249	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349612	4.3	MEDIUM	faq-o-matic	faq-o-matic	Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic 2.711 allows remote attackers to inject arbitrary web script or HTML via the (1) _duration, (2) file, and (3) cmd parameters.	NVD-CWE-Other	CVE-2006-0251	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349613	10.0	HIGH	oracle	database_server	Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02.…	NVD-CWE-noinfo	CVE-2006-0257	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349614	10.0	HIGH	oracle	database_server	Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB03.	NVD-CWE-noinfo	CVE-2006-0258	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349615	10.0	HIGH	oracle	database_server	Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component;…	NVD-CWE-noinfo	CVE-2006-0259	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349616	10.0	HIGH	oracle	database_server oracle10g oracle8i oracle9i	Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identifie…	NVD-CWE-noinfo	CVE-2006-0262	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349617	10.0	HIGH	oracle	database_server	Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln…	NVD-CWE-noinfo	CVE-2006-0263	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349618	10.0	HIGH	oracle	database_server	Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB05 in the (a) Data Pump component; …	NVD-CWE-noinfo	CVE-2006-0260	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349619	10.0	HIGH	oracle	database_server	Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB17 in …	NVD-CWE-noinfo	CVE-2006-0265	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349620	9.0	HIGH	oracle	database_server	Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB19.	NVD-CWE-noinfo	CVE-2006-0266	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349621	9.0	HIGH	oracle	database_server	Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.2.0.6 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB20.	NVD-CWE-noinfo	CVE-2006-0267	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349622	9.0	HIGH	oracle	database_server	Unspecified vulnerability in the Security component of Oracle Database server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB2…	NVD-CWE-noinfo	CVE-2006-0268	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349623	5.5	MEDIUM	oracle	oracle10g	Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB25. NOTE: detail…	CWE-89 NVD-CWE-noinfo SQLインジェクション	CVE-2006-0269	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349624	10.0	HIGH	oracle	database_server oracle10g oracle8i oracle9i	Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vul…	NVD-CWE-noinfo	CVE-2006-0271	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349625	9.0	HIGH	oracle	oracle10g oracle9i	Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on m…	NVD-CWE-noinfo	CVE-2006-0272	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349626	10.0	HIGH	oracle	application_server	Unspecified vulnerability in the Portal component of Oracle Application Server 9.0.4.2 and 10.1.2.0 has unspecified impact and attack vectors, as identified by Oracle Vuln# AS01.	NVD-CWE-noinfo	CVE-2006-0273	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349627	10.0	HIGH	oracle	application_server	Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP03.	NVD-CWE-noinfo	CVE-2006-0274	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349628	10.0	HIGH	oracle	collaboration_suite	Multiple unspecified vulnerabilities in Oracle Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, 2) OCS02,…	NVD-CWE-noinfo	CVE-2006-0276	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349629	10.0	HIGH	oracle	e-business_suite	Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in the (a) Application In…	NVD-CWE-noinfo	CVE-2006-0277	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349630	10.0	HIGH	oracle	e-business_suite	Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS02 in the (a) CRM Technical F…	NVD-CWE-noinfo	CVE-2006-0278	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349631	10.0	HIGH	oracle	e-business_suite	Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS13 and (2) APPS14 in the Oracle …	NVD-CWE-noinfo	CVE-2006-0279	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349632	10.0	HIGH	oracle	peoplesoft_enterprise_portal	Unspecified vulnerability in Oracle PeopleSoft Enterprise Portal 8.4 Bundle 15, 8.8 Bundle 10, and 8.9 Bundle 2 has unspecified impact and attack vectors, as identified by Oracle Vuln# PSE01.	NVD-CWE-noinfo	CVE-2006-0280	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349633	10.0	HIGH	oracle	enterpriseone	Unspecified vulnerability in Oracle JD Edwards HTML Server 8.95.F1 SP23_L1 has unspecified impact and attack vectors, as identified by Oracle Vuln# JDE01.	NVD-CWE-noinfo	CVE-2006-0281	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349634	10.0	HIGH	oracle	application_server collaboration_suite database_server	Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, and Collaboration Suite Release 2, vers…	NVD-CWE-noinfo	CVE-2006-0282	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349635	10.0	HIGH	oracle	application_server collaboration_suite database_server	Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) has unspecified impact and attack vectors,…	NVD-CWE-noinfo	CVE-2006-0283	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349636	10.0	HIGH	oracle	application_server e-business_suite	Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.2 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10, have unspecified impact and attack vectors, as identified by O…	NVD-CWE-noinfo	CVE-2006-0284	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349637	10.0	HIGH	oracle	application_server database_server	Unspecified vulnerability in the Java Net component of Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.4, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspe…	NVD-CWE-noinfo	CVE-2006-0285	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349638	10.0	HIGH	oracle	application_server database_server	Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unsp…	NVD-CWE-noinfo	CVE-2006-0286	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349639	10.0	HIGH	oracle	application_server database_server	Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle V…	NVD-CWE-noinfo	CVE-2006-0287	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349640	10.0	HIGH	oracle	application_server e-business_suite	Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application Server 9.0.4.1 and E-Business Suite and Applications 11.5.10 have unspecified impact and attack ve…	NVD-CWE-noinfo	CVE-2006-0288	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349641	10.0	HIGH	oracle	application_server collaboration_suite database_server e-business_suite	Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications …	NVD-CWE-noinfo	CVE-2006-0290	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349642	10.0	HIGH	oracle	application_server collaboration_suite database_server e-business_suite	Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and A…	NVD-CWE-noinfo	CVE-2006-0291	2017-07-20 10:29	2006-01-18	表示	GitHub Exploit DB Packet Storm

349643	5.0	MEDIUM	zyxel	p2000w_version_2_voip_wifi_phone	ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 90…	NVD-CWE-Other	CVE-2006-0302	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349644	7.5	HIGH	achal_dhir	dual_dhcp_dns_server	Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field.	NVD-CWE-Other	CVE-2006-0304	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349645	7.5	HIGH	clipcomm	cp-100e_voip_wifi_phone cpw-100e_voip_wifi_phone	Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware 1.1.12 (051129) and CP-100E VoIP 802.11b Wireless Phone running firmware 1.1.60 allows remote attackers to gain unauthorized acc…	NVD-CWE-Other	CVE-2006-0305	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349646	10.0	HIGH	aol	aol_client_software	Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures (YGP) Picture Finder Tool ActiveX Control, as used in AOL 8.0, 8.0 Plus, and 9.0 Classic, allows remote attackers to execute arbitrary c…	NVD-CWE-Other	CVE-2006-0316	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349647	4.3	MEDIUM	redkernel	referrer_tracker	Cross-site scripting (XSS) vulnerability in rkrt_stats.php in RedKernel Referrer Tracker 1.1.0-3 allows remote attackers to inject arbitrary web script or HTML via a query string value as a GET, whic…	NVD-CWE-Other	CVE-2006-0317	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349648	5.0	MEDIUM	farmers_wife	farmers_wife	Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and…	NVD-CWE-Other	CVE-2006-0319	2017-07-20 10:29	2006-01-19	表示	GitHub Exploit DB Packet Storm

349649	5.0	MEDIUM	mediawiki	mediawiki	Unspecified vulnerability the edit comment formatting functionality in MediaWiki 1.5.x before 1.5.6 and 1.4.x before 1.4.14 allows attackers to cause a denial of service (infinite loop) via "certain …	NVD-CWE-Other	CVE-2006-0322	2017-07-20 10:29	2006-01-20	表示	GitHub Exploit DB Packet Storm

349650	7.5	HIGH	hitachi	hitsenser_data_mart_server	SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, BS-M, BS-L, and EX allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.	NVD-CWE-Other	CVE-2006-0329	2017-07-20 10:29	2006-01-21	表示	GitHub Exploit DB Packet Storm