NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月25日4:04

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
354951	5.0	MEDIUM	sgi	irix	SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activi…	NVD-CWE-Other	CVE-1999-1067	2016-10-18 11:00	1997-05-7	表示	GitHub Exploit DB Packet Storm

354952	5.0	MEDIUM	oracle	http_server	Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.	NVD-CWE-Other	CVE-1999-1068	2016-10-18 11:00	1997-07-23	表示	GitHub Exploit DB Packet Storm

354953	7.2	HIGH	excite	ews	Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted passw…	NVD-CWE-Other	CVE-1999-1072	2016-10-18 11:00	1998-11-30	表示	GitHub Exploit DB Packet Storm

354954	7.2	HIGH	excite	ews	Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a br…	NVD-CWE-Other	CVE-1999-1073	2016-10-18 11:00	1998-11-30	表示	GitHub Exploit DB Packet Storm

354955	7.2	HIGH	ibm	aix	AIX infod allows local users to gain root access through an X display.	NVD-CWE-Other	CVE-1999-0118	2016-10-18 10:59	1998-11-1	表示	GitHub Exploit DB Packet Storm

354956	10.0	HIGH	dan_bernstein	qmail	Denial of service in Qmail through long SMTP commands.	NVD-CWE-Other	CVE-1999-0250	2016-10-18 10:59	1997-07-1	表示	GitHub Exploit DB Packet Storm

354957	10.0	HIGH	-	-	The Java Web Server would allow remote users to obtain the source code for CGI programs.	NVD-CWE-Other	CVE-1999-0283	2016-10-18 10:59	1999-01-1	表示	GitHub Exploit DB Packet Storm

354958	10.0	HIGH	-	-	Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified …	NVD-CWE-Other	CVE-1999-0347	2016-10-18 10:59	1999-01-26	表示	GitHub Exploit DB Packet Storm

354959	7.2	HIGH	microsoft	site_server	MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.	NVD-CWE-Other	CVE-1999-0360	2016-10-18 10:59	1999-01-30	表示	GitHub Exploit DB Packet Storm

354960	10.0	HIGH	fms_inc. microsoft	total_vb_sourcebook access	Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.	NVD-CWE-Other	CVE-1999-0364	2016-10-18 10:59	1999-01-1	表示	GitHub Exploit DB Packet Storm

354961	5.0	MEDIUM	eric_allman	sendmail	Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.	NVD-CWE-Other	CVE-1999-0393	2016-10-18 10:59	1999-01-1	表示	GitHub Exploit DB Packet Storm

354962	5.0	MEDIUM	cyrix	linux	A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.	NVD-CWE-Other	CVE-1999-0403	2016-10-18 10:59	1999-02-1	表示	GitHub Exploit DB Packet Storm

354963	10.0	HIGH	microsoft	internet_information_server	By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.	NVD-CWE-Other	CVE-1999-0407	2016-10-18 10:59	1999-02-9	表示	GitHub Exploit DB Packet Storm

354964	6.4	MEDIUM	-	-	Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.	NVD-CWE-Other	CVE-1999-0418	2016-10-18 10:59	1999-03-8	表示	GitHub Exploit DB Packet Storm

354965	7.5	HIGH	ibm	lotus_notes	The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.	NVD-CWE-Other	CVE-1999-0429	2016-10-18 10:59	1999-03-1	表示	GitHub Exploit DB Packet Storm

354966	7.5	HIGH	netscape sun	communicator navigator java	The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.	NVD-CWE-Other	CVE-1999-0440	2016-10-18 10:59	1999-03-1	表示	GitHub Exploit DB Packet Storm

354967	2.1	LOW	tripwire	tripwire	Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.	NVD-CWE-Other	CVE-1999-0464	2016-10-18 10:59	1999-01-4	表示	GitHub Exploit DB Packet Storm

354968	5.0	MEDIUM	selena_sol	selena_sol_webstore	An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.	NVD-CWE-Other	CVE-1999-0604	2016-10-18 10:59	1999-04-20	表示	GitHub Exploit DB Packet Storm

354969	5.0	MEDIUM	austin_contract_computing	merchant_order_form	An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.	CWE-200 情報漏えい	CVE-1999-0605	2016-10-18 10:59	1999-04-1	表示	GitHub Exploit DB Packet Storm

354970	5.0	MEDIUM	seaside_enterprises	ezmall	An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.	CWE-200 情報漏えい	CVE-1999-0606	2016-10-18 10:59	1999-04-1	表示	GitHub Exploit DB Packet Storm

354971	5.0	MEDIUM	i-soft	quikstore	quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator passwor…	NVD-CWE-Other	CVE-1999-0607	2016-10-18 10:59	1999-04-20	表示	GitHub Exploit DB Packet Storm

354972	5.0	MEDIUM	mercantec	softcart	An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.	NVD-CWE-Other	CVE-1999-0609	2016-10-18 10:59	1999-04-1	表示	GitHub Exploit DB Packet Storm

354973	5.0	MEDIUM	mountain_network_systems	webcart	An incorrect configuration of the Webcart CGI program could disclose private information.	NVD-CWE-Other	CVE-1999-0610	2016-10-18 10:59	1999-04-1	表示	GitHub Exploit DB Packet Storm

354974	10.0	HIGH	-	-	A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 a…	NVD-CWE-Other	CVE-1999-0661	2016-10-18 10:59	1999-01-1	表示	GitHub Exploit DB Packet Storm

354975	4.6	MEDIUM	oracle	oracle8i	The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.	NVD-CWE-Other	CVE-1999-0711	2016-10-18 10:59	1999-04-29	表示	GitHub Exploit DB Packet Storm

354976	4.6	MEDIUM	freebsd kde linux	freebsd kde linux_kernel	KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.	NVD-CWE-Other	CVE-1999-0780	2016-10-18 10:59	1998-11-18	表示	GitHub Exploit DB Packet Storm

354977	7.2	HIGH	freebsd kde linux	freebsd kde linux_kernel	KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.	NVD-CWE-Other	CVE-1999-0781	2016-10-18 10:59	1998-11-18	表示	GitHub Exploit DB Packet Storm

354978	2.1	LOW	freebsd kde linux	freebsd kde linux_kernel	KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.	NVD-CWE-Other	CVE-1999-0782	2016-10-18 10:59	1998-11-18	表示	GitHub Exploit DB Packet Storm

354979	2.1	LOW	ssh	ssh	The SSH authentication agent follows symlinks via a UNIX domain socket.	NVD-CWE-Other	CVE-1999-0787	2016-10-18 10:59	1999-09-17	表示	GitHub Exploit DB Packet Storm

354980	5.0	MEDIUM	knox_software	arkeia	Arkiea nlservd allows remote attackers to conduct a denial of service.	NVD-CWE-Other	CVE-1999-0788	2016-10-18 10:59	1999-09-26	表示	GitHub Exploit DB Packet Storm

354981	10.0	HIGH	bsdi freebsd openbsd redhat sco	bsd_os freebsd openbsd linux internet_faststart openserver unixware	Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.	NVD-CWE-Other	CVE-1999-0798	2016-10-18 10:59	1998-12-4	表示	GitHub Exploit DB Packet Storm

354982	2.1	LOW	ibm	aix_enetwork_firewall	The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.	NVD-CWE-Other	CVE-1999-0803	2016-10-18 10:59	1999-05-25	表示	GitHub Exploit DB Packet Storm

354983	7.5	HIGH	isc	dhcp_client	Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.	NVD-CWE-Other	CVE-1999-0808	2016-10-18 10:59	1999-12-31	表示	GitHub Exploit DB Packet Storm

354984	5.0	MEDIUM	microsoft	windows_2000 windows_nt	NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.	NVD-CWE-Other	CVE-1999-0819	2016-10-18 10:59	1999-12-1	表示	GitHub Exploit DB Packet Storm

354985	5.0	MEDIUM	stalker	communigate_pro	Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.	NVD-CWE-Other	CVE-1999-0865	2016-10-18 10:59	1999-12-3	表示	GitHub Exploit DB Packet Storm

354986	7.2	HIGH	sco	unixware	Buffer overflow in UnixWare xauto program allows local users to gain root privilege.	NVD-CWE-Other	CVE-1999-0866	2016-10-18 10:59	1999-12-3	表示	GitHub Exploit DB Packet Storm

354987	5.0	MEDIUM	apple	ichat_server	iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.	NVD-CWE-Other	CVE-1999-0897	2016-10-18 10:59	1998-09-9	表示	GitHub Exploit DB Packet Storm

354988	10.0	HIGH	network_security_wizards	dragon-fire_ids	dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters.	NVD-CWE-Other	CVE-1999-0913	2016-10-18 10:59	1999-08-5	表示	GitHub Exploit DB Packet Storm

354989	5.0	MEDIUM	messagemedia	unitymail	UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.	NVD-CWE-Other	CVE-1999-0925	2016-10-18 10:59	1999-09-3	表示	GitHub Exploit DB Packet Storm

354990	7.5	HIGH	mutt	mutt	Mutt mail client allows a remote attacker to execute commands via shell metacharacters.	NVD-CWE-Other	CVE-1999-0941	2016-10-18 10:59	1998-07-28	表示	GitHub Exploit DB Packet Storm

354991	5.1	MEDIUM	yamaha	midiplug	Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.	NVD-CWE-Other	CVE-1999-0946	2016-10-18 10:59	1999-11-2	表示	GitHub Exploit DB Packet Storm

354992	7.5	HIGH	an	an-httpd	AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.	NVD-CWE-Other	CVE-1999-0947	2016-10-18 10:59	1999-11-2	表示	GitHub Exploit DB Packet Storm

354993	7.8	HIGH	positive_software	cp\+	Unspecified vulnerability in Positive Software Corporation CP+ (cpplus) before 2.5.5 allows attackers to have unknown impact and attack vectors, related to "a possible security flaw caused by a bug i…	NVD-CWE-Other	CVE-2005-4261	2016-10-15 10:59	2005-12-15	表示	GitHub Exploit DB Packet Storm

354994	7.5	HIGH	softwin	bitdefender	Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format str…	CWE-134 書式文字列の問題	CVE-2005-3154	2016-09-30 23:33	2005-10-6	表示	GitHub Exploit DB Packet Storm

354995	2.1	LOW	cisco	ios	Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.	CWE-200 情報漏えい	CVE-2000-0368	2016-09-21 22:06	2001-03-12	表示	GitHub Exploit DB Packet Storm

354996	4.6	MEDIUM	ibm	aix	Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter.	NVD-CWE-Other	CVE-2001-1095	2016-09-17 10:59	2001-10-9	表示	GitHub Exploit DB Packet Storm

354997	10.0	HIGH	phpbb_group	phpbb	db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.	NVD-CWE-Other	CVE-2002-0473	2016-09-17 10:59	2002-08-12	表示	GitHub Exploit DB Packet Storm

354998	6.4	MEDIUM	pablo_software_solutions	pablo_ftp_server	Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command.	NVD-CWE-Other	CVE-2002-1054	2016-09-17 10:59	2002-10-4	表示	GitHub Exploit DB Packet Storm

354999	10.0	HIGH	sun	java	Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and av…	NVD-CWE-noinfo	CVE-2010-0887	2016-08-23 11:01	2010-04-21	表示	GitHub Exploit DB Packet Storm

355000	5.0	MEDIUM	php	php	The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by ca…	CWE-200 情報漏えい	CVE-2010-1860	2016-08-23 11:01	2010-05-8	表示	GitHub Exploit DB Packet Storm