NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月26日4:00

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
354801	4.6	MEDIUM	prosoft_engineering	netware_client	ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unp…	NVD-CWE-Other	CVE-1999-1528	2016-10-18 11:05	1999-11-14	表示	GitHub Exploit DB Packet Storm

354802	3.6	LOW	sun	cobalt_raq_2 cobalt_raq_3i	cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another vir…	NVD-CWE-Other	CVE-1999-1530	2016-10-18 11:05	1999-11-8	表示	GitHub Exploit DB Packet Storm

354803	7.5	HIGH	ibm	homepageprint	Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.	NVD-CWE-Other	CVE-1999-1531	2016-10-18 11:05	1999-11-2	表示	GitHub Exploit DB Packet Storm

354804	5.0	MEDIUM	netscape	messaging_server	Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.	NVD-CWE-Other	CVE-1999-1532	2016-10-18 11:05	1999-10-29	表示	GitHub Exploit DB Packet Storm

354805	7.2	HIGH	knox_software	arkeia	Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable.	NVD-CWE-Other	CVE-1999-1534	2016-10-18 11:05	1999-09-23	表示	GitHub Exploit DB Packet Storm

354806	7.2	HIGH	acushop	salesbuilder	.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.	NVD-CWE-Other	CVE-1999-1536	2016-10-18 11:05	1999-07-30	表示	GitHub Exploit DB Packet Storm

354807	2.1	LOW	microsoft	internet_information_server	When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensiti…	NVD-CWE-Other	CVE-1999-1538	2016-10-18 11:05	1999-01-14	表示	GitHub Exploit DB Packet Storm

354808	5.0	MEDIUM	microsoft	internet_information_server	Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.	NVD-CWE-Other	CVE-1999-1544	2016-10-18 11:05	1999-01-24	表示	GitHub Exploit DB Packet Storm

354809	2.1	LOW	joes_own_editor	joe	Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users.	NVD-CWE-Other	CVE-1999-1545	2016-10-18 11:05	1999-07-14	表示	GitHub Exploit DB Packet Storm

354810	7.5	HIGH	oracle	web_listener	Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.	CWE-20 不適切な入力確認	CVE-1999-1547	2016-10-18 11:05	1999-11-25	表示	GitHub Exploit DB Packet Storm

354811	7.5	HIGH	microsoft	index_server	Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physic…	NVD-CWE-Other	CVE-1999-1397	2016-10-18 11:04	1999-03-23	表示	GitHub Exploit DB Packet Storm

354812	6.2	MEDIUM	sgi	irix	Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.	NVD-CWE-Other	CVE-1999-1398	2016-10-18 11:04	1997-05-7	表示	GitHub Exploit DB Packet Storm

354813	7.2	HIGH	sgi	irix	spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.	NVD-CWE-Other	CVE-1999-1399	2016-10-18 11:04	1997-08-20	表示	GitHub Exploit DB Packet Storm

354814	2.1	LOW	the_economist	the_economist_1999_screen_saver	The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer wh…	NVD-CWE-Other	CVE-1999-1400	2016-10-18 11:04	1999-06-3	表示	GitHub Exploit DB Packet Storm

354815	10.0	HIGH	ibm	aix	snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users …	NVD-CWE-Other	CVE-1999-1405	2016-10-18 11:04	1999-02-17	表示	GitHub Exploit DB Packet Storm

354816	10.0	HIGH	ibm	aix	Fixed in AIX 4.3 and 4.3.2 AIX 4.3.x APAR: IX88263 AIX 4.2.x APAR: IX88261	NVD-CWE-Other	CVE-1999-1405	2016-10-18 11:04	1999-02-17	表示	GitHub Exploit DB Packet Storm

354817	2.1	LOW	redhat	linux	dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.	NVD-CWE-Other	CVE-1999-1406	2016-10-18 11:04	1998-07-29	表示	GitHub Exploit DB Packet Storm

354818	2.1	LOW	redhat	linux	ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.	NVD-CWE-Other	CVE-1999-1407	2016-10-18 11:04	1998-03-9	表示	GitHub Exploit DB Packet Storm

354819	2.1	LOW	hp ibm	hp-ux aix	Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the sock…	NVD-CWE-Other	CVE-1999-1408	2016-10-18 11:04	1997-03-5	表示	GitHub Exploit DB Packet Storm

354820	2.1	LOW	sgi netbsd	irix netbsd	The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that a…	NVD-CWE-Other	CVE-1999-1409	2016-10-18 11:04	1998-07-3	表示	GitHub Exploit DB Packet Storm

354821	6.2	MEDIUM	sgi	irix	addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.	NVD-CWE-Other	CVE-1999-1410	2016-10-18 11:04	1997-05-9	表示	GitHub Exploit DB Packet Storm

354822	7.5	HIGH	debian	debian_linux	The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers suc…	NVD-CWE-Other	CVE-1999-1411	2016-10-18 11:04	1998-11-26	表示	GitHub Exploit DB Packet Storm

354823	7.2	HIGH	ibm	netfinity_remote_control	IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.	NVD-CWE-Other	CVE-1999-1414	2016-10-18 11:04	1999-05-25	表示	GitHub Exploit DB Packet Storm

354824	10.0	HIGH	n-base	nh2012 nh2012r nh2015 nh2048 nh3012	NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration.	NVD-CWE-Other	CVE-1999-1420	2016-10-18 11:04	1998-07-20	表示	GitHub Exploit DB Packet Storm

354825	6.4	MEDIUM	n-base	nh208 nh215	NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, whi…	NVD-CWE-Other	CVE-1999-1421	2016-10-18 11:04	1998-07-20	表示	GitHub Exploit DB Packet Storm

354826	7.2	HIGH	slackware	slackware_linux	The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan hor…	NVD-CWE-Other	CVE-1999-1422	2016-10-18 11:04	1999-01-2	表示	GitHub Exploit DB Packet Storm

354827	2.1	LOW	dit	transferpro	DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver.	NVD-CWE-Other	CVE-1999-1429	2016-10-18 11:04	1998-01-5	表示	GitHub Exploit DB Packet Storm

354828	2.1	LOW	royal	davinci	PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly a…	NVD-CWE-Other	CVE-1999-1430	2016-10-18 11:04	1999-01-1	表示	GitHub Exploit DB Packet Storm

354829	4.6	MEDIUM	microsoft	zero_administration_kit	ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and chan…	NVD-CWE-Other	CVE-1999-1431	2016-10-18 11:04	2005-01-7	表示	GitHub Exploit DB Packet Storm

354830	7.2	HIGH	hp	jetadmin	HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.	NVD-CWE-Other	CVE-1999-1433	2016-10-18 11:04	1998-07-15	表示	GitHub Exploit DB Packet Storm

354831	7.2	HIGH	slackware	slackware_linux	login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to …	NVD-CWE-Other	CVE-1999-1434	2016-10-18 11:04	1998-07-13	表示	GitHub Exploit DB Packet Storm

354832	7.2	HIGH	nec	socks_5	Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows local users to gain privileges via long environmental variables.	NVD-CWE-Other	CVE-1999-1435	2016-10-18 11:04	1998-07-10	表示	GitHub Exploit DB Packet Storm

354833	7.5	HIGH	ray_chan	www_authorization_gateway	Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter.	NVD-CWE-Other	CVE-1999-1436	2016-10-18 11:04	1998-07-8	表示	GitHub Exploit DB Packet Storm

354834	7.5	HIGH	ralf_s._engelschall	eperl	ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.	NVD-CWE-Other	CVE-1999-1437	2016-10-18 11:04	1998-07-7	表示	GitHub Exploit DB Packet Storm

354835	2.1	LOW	gcc	gcc	gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.	NVD-CWE-Other	CVE-1999-1439	2016-10-18 11:04	1998-01-2	表示	GitHub Exploit DB Packet Storm

354836	5.1	MEDIUM	mirabilis	icq_98a	Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many s…	NVD-CWE-Other	CVE-1999-1440	2016-10-18 11:04	1999-01-1	表示	GitHub Exploit DB Packet Storm

354837	2.1	LOW	linux	linux_kernel	Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch i…	NVD-CWE-Other	CVE-1999-1441	2016-10-18 11:04	1998-06-30	表示	GitHub Exploit DB Packet Storm

354838	4.6	MEDIUM	micah_software	full_armor	Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using…	NVD-CWE-Other	CVE-1999-1443	2016-10-18 11:04	1998-06-2	表示	GitHub Exploit DB Packet Storm

354839	5.0	MEDIUM	slackware	slackware_linux	Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and …	NVD-CWE-Other	CVE-1999-1445	2016-10-18 11:04	1998-02-2	表示	GitHub Exploit DB Packet Storm

354840	5.0	MEDIUM	qualcomm	eudora eudora_light	Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divi…	NVD-CWE-Other	CVE-1999-1448	2016-10-18 11:04	1998-07-29	表示	GitHub Exploit DB Packet Storm

354841	4.6	MEDIUM	macromedia	matrix_screen_saver	Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC …	NVD-CWE-Other	CVE-1999-1454	2016-10-18 11:04	1999-10-4	表示	GitHub Exploit DB Packet Storm

354842	7.2	HIGH	bmc	patrol_agent	BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.	NVD-CWE-Other	CVE-1999-1460	2016-10-18 11:04	1999-07-13	表示	GitHub Exploit DB Packet Storm

354843	7.2	HIGH	sgi	irix	inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the P…	NVD-CWE-Other	CVE-1999-1461	2016-10-18 11:04	1997-05-7	表示	GitHub Exploit DB Packet Storm

354844	7.5	HIGH	hughes_technologies	w3-auth	Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.	NVD-CWE-Other	CVE-1999-1469	2016-10-18 11:04	1999-09-30	表示	GitHub Exploit DB Packet Storm

354845	7.2	HIGH	redhat	linux	xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.	NVD-CWE-Other	CVE-1999-1490	2016-10-18 11:04	1998-05-28	表示	GitHub Exploit DB Packet Storm

354846	7.2	HIGH	redhat	linux	abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.	NVD-CWE-Other	CVE-1999-1491	2016-10-18 11:04	1996-02-2	表示	GitHub Exploit DB Packet Storm

354847	2.1	LOW	redhat	linux	gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.	NVD-CWE-Other	CVE-1999-1332	2016-10-18 11:03	1999-12-31	表示	GitHub Exploit DB Packet Storm

354848	7.5	HIGH	redhat	linux	automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to b…	NVD-CWE-Other	CVE-1999-1333	2016-10-18 11:03	1999-12-31	表示	GitHub Exploit DB Packet Storm

354849	7.5	HIGH	elm_development_group	elm	Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command…	NVD-CWE-Other	CVE-1999-1334	2016-10-18 11:03	1999-12-31	表示	GitHub Exploit DB Packet Storm

354850	5.0	MEDIUM	3com	hiperarc	3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port.	NVD-CWE-Other	CVE-1999-1336	2016-10-18 11:03	1999-08-12	表示	GitHub Exploit DB Packet Storm