NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年6月16日4:13

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
355751 7.5 HIGH
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'These issues only affect Mac OS X Server systems.' CWE-119
バッファエラー 		CVE-2010-0504 2010-04-1 02:14 2010-03-31 表示 GitHub Exploit DB Packet Storm
355752 6.5 MEDIUM
apple mac_os_x_server Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecifi… CWE-399
リソース管理の問題 		CVE-2010-0503 2010-04-1 02:07 2010-03-31 表示 GitHub Exploit DB Packet Storm
355753 6.5 MEDIUM
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'This issue only affects Mac OS X Server systems, and does not affect versions 10.6 or later' CWE-399
リソース管理の問題 		CVE-2010-0503 2010-04-1 02:07 2010-03-31 表示 GitHub Exploit DB Packet Storm
355754 7.2 HIGH
apple mac_os_x
mac_os_x_server 		Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during processing of record names, which allows local users to gain privileges via unspecified vectors. CWE-287
不適切な認証 		CVE-2010-0498 2010-04-1 00:37 2010-03-31 表示 GitHub Exploit DB Packet Storm
355755 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers t… NVD-CWE-Other
CVE-2010-0497 2010-04-1 00:30 2010-03-31 表示 GitHub Exploit DB Packet Storm
355756 7.5 HIGH
gnome gmime Buffer overflow in the GMIME_UUENCODE_LEN macro in gmime/gmime-encodings.h in GMime before 2.4.15 allows context-dependent attackers to cause a denial of service (application crash) or possibly execu… CWE-119
バッファエラー 		CVE-2010-0409 2010-03-31 14:41 2010-02-9 表示 GitHub Exploit DB Packet Storm
355757 10.0 HIGH
chumby chumby_one
chumby_classic 		The web interface in chumby one before 1.0.4 and chumby classic before 1.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a request. CWE-78
OSコマンド・インジェクション 		CVE-2010-0418 2010-03-31 14:41 2010-03-11 表示 GitHub Exploit DB Packet Storm
355758 7.5 HIGH
moinmo moinmoin MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors. NVD-CWE-noinfo
CVE-2010-0669 2010-03-31 14:41 2010-02-27 表示 GitHub Exploit DB Packet Storm
355759 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10.5.8 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a craft… CWE-119
バッファエラー 		CVE-2010-0056 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355760 7.5 HIGH
apple mac_os_x
mac_os_x_server 		AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use of AFP shares when guest access is disabled, which allows remote attackers to bypass intended access restrictions via a mount req… CWE-264
認可・権限・アクセス制御 		CVE-2010-0057 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355761 6.4 MEDIUM
apple mac_os_x
mac_os_x_server 		freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 has an incorrect launchd.plist ProgramArguments key and consequently does not run, which might allow remote attackers to int… CWE-16
環境設定 		CVE-2010-0058 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355762 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for user-assisted remote attackers to execute arbitrary JavaScript via a web page that offers a downloa… NVD-CWE-Other
CVE-2010-0063 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355763 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Per: http://cwe.mitre.org/data/slices/2000.html 'Incomplete Blacklist - CWE-184' NVD-CWE-Other
CVE-2010-0063 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355764 6.9 MEDIUM
apple mac_os_x
mac_os_x_server 		DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticated Finder copy, which might allow local users to bypass intended disk-quota restrictions and have un… CWE-264
認可・権限・アクセス制御 		CVE-2010-0064 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355765 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted disk i… CWE-119
バッファエラー 		CVE-2010-0065 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355766 7.8 HIGH
apple mac_os_x
mac_os_x_server 		Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service (arbitrary client blacklisting) via a cra… CWE-20
不適切な入力確認 		CVE-2010-0500 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355767 6.8 MEDIUM
apple mac_os_x_server Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote authenticated users to read arbitrary files via crafted filenames. CWE-22
パス・トラバーサル 		CVE-2010-0501 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355768 6.8 MEDIUM
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'This issue only affects Mac OS X Server systems.' CWE-22
パス・トラバーサル 		CVE-2010-0501 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355769 4.3 MEDIUM
apple mac_os_x_server iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform logging for all types of messages, which might allow remote attackers to avoid message auditing via an u… NVD-CWE-Other
CVE-2010-0502 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355770 4.3 MEDIUM
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'This issue only affects Mac OS X Server systems. NVD-CWE-Other
CVE-2010-0502 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355771 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted NEF image. CWE-119
バッファエラー 		CVE-2010-0506 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355772 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Per: http://support.apple.com/kb/HT4077 'This issue does not affect Mac OS X v10.6 systems' CWE-119
バッファエラー 		CVE-2010-0506 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355773 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PEF image. CWE-119
バッファエラー 		CVE-2010-0507 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355774 10.0 HIGH
apple mac_os_x
mac_os_x_server 		Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mail account, which has unspecified impact and attack vectors. NVD-CWE-noinfo
CVE-2010-0508 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355775 7.2 HIGH
apple mac_os_x
mac_os_x_server 		SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via vectors related to use of wheel group membership during access to the home directories of user accou… CWE-264
認可・権限・アクセス制御 		CVE-2010-0509 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355776 5.0 MEDIUM
apple mac_os_x_server Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the access restrictions of a Podcast Composer workflow when this workflow is overwritten, which allows attackers to access a workflow via… CWE-264
認可・権限・アクセス制御 		CVE-2010-0511 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355777 6.4 MEDIUM
apple mac_os_x
mac_os_x_server 		The Application Firewall in Apple Mac OS X 10.5.8 drops unspecified firewall rules after a reboot, which might allow remote attackers to bypass intended access restrictions via packet data, related t… CWE-264
認可・権限・アクセス制御 		CVE-2009-2801 2010-03-31 13:00 2010-03-31 表示 GitHub Exploit DB Packet Storm
355778 9.3 HIGH
apple safari Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to an array of long stri… CWE-94
コード・インジェクション 		CVE-2010-1176 2010-03-30 13:00 2010-03-30 表示 GitHub Exploit DB Packet Storm
355779 9.3 HIGH
apple safari Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving document.write calls w… CWE-94
コード・インジェクション 		CVE-2010-1177 2010-03-30 13:00 2010-03-30 表示 GitHub Exploit DB Packet Storm
355780 9.3 HIGH
apple safari Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribu… CWE-189
数値処理の問題 		CVE-2010-1179 2010-03-30 13:00 2010-03-30 表示 GitHub Exploit DB Packet Storm
355781 7.5 HIGH
ibm websphere_application_server Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.9 on z/OS have unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2010-1182 2010-03-30 13:00 2010-03-30 表示 GitHub Exploit DB Packet Storm
355782 7.5 HIGH
typo3 ws_ecard Directory traversal vulnerability in the Webesse E-Card (ws_ecard) extension 1.0.2 and earlier for TYPO3 has unspecified impact and remote attack vectors. CWE-22
パス・トラバーサル 		CVE-2009-4740 2010-03-30 01:42 2010-03-27 表示 GitHub Exploit DB Packet Storm
355783 7.8 HIGH
ibm aix bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial … NVD-CWE-Other
CVE-2010-1124 2010-03-29 13:00 2010-03-27 表示 GitHub Exploit DB Packet Storm
355784 6.9 MEDIUM
jbmc-software directadmin JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this tem… CWE-59
リンク解釈の問題 		CVE-2009-1526 2010-03-29 13:00 2009-05-6 表示 GitHub Exploit DB Packet Storm
355785 10.0 HIGH
skype skype Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors. NVD-CWE-noinfo
CVE-2009-4741 2010-03-29 13:00 2010-03-27 表示 GitHub Exploit DB Packet Storm
355786 5.0 MEDIUM
arwscripts fonts_script Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers to read arbitrary local files via directory traversal sequences in a base64-encoded f parameter. … CWE-22
パス・トラバーサル 		CVE-2010-0613 2010-03-26 14:37 2010-02-12 表示 GitHub Exploit DB Packet Storm
355787 4.3 MEDIUM
tristan_barczyk klonews Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1112 2010-03-26 13:00 2010-03-26 表示 GitHub Exploit DB Packet Storm
355788 7.5 HIGH
phptroubleticket php_trouble_ticket SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQLインジェクション 		CVE-2010-1089 2010-03-25 13:00 2010-03-25 表示 GitHub Exploit DB Packet Storm
355789 7.5 HIGH
scriptsfeed dating_software Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remote attackers to execute arbitrary SQL commands via the (1) txtgender and (2) txtlookgender parameter… CWE-89
SQLインジェクション 		CVE-2010-1096 2010-03-25 13:00 2010-03-25 表示 GitHub Exploit DB Packet Storm
355790 4.3 MEDIUM
springsource application_management_suite
hyperic_hq
tc_server 		Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic H… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2907 2010-03-25 13:00 2010-03-25 表示 GitHub Exploit DB Packet Storm
355791 4.3 MEDIUM
springsource application_management_suite
hyperic_hq
tc_server 		Per: http://www.springsource.com/security/cve-2009-2907 'Mitigation: * Hyperic HQ Open Source users should upgrade to Hyperic HQ 4.2.x * Hyperic HQ 4.0 Enterprise users should upgra… CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-2907 2010-03-25 13:00 2010-03-25 表示 GitHub Exploit DB Packet Storm
355792 4.3 MEDIUM
openinferno oi.blogs Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the (1) theme pa… CWE-22
パス・トラバーサル 		CVE-2010-1082 2010-03-25 04:52 2010-03-24 表示 GitHub Exploit DB Packet Storm
355793 5.0 MEDIUM
corejoomla com_communitypolls Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot… CWE-22
パス・トラバーサル 		CVE-2010-1081 2010-03-25 04:30 2010-03-24 表示 GitHub Exploit DB Packet Storm
355794 4.3 MEDIUM
sawmill sawmill Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1079 2010-03-25 04:12 2010-03-24 表示 GitHub Exploit DB Packet Storm
355795 4.3 MEDIUM
entrylevelcms el_cms Cross-site scripting (XSS) vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to inject arbitrary web script or HTML via the subj parameter, which is not properly handled … CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1076 2010-03-25 03:25 2010-03-24 表示 GitHub Exploit DB Packet Storm
355796 7.5 HIGH
proarcadescript proarcadescript SQL injection vulnerability in games/game.php in ProArcadeScript allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQLインジェクション 		CVE-2010-1069 2010-03-25 02:25 2010-03-24 表示 GitHub Exploit DB Packet Storm
355797 6.8 MEDIUM
phpkobo free_real_estate_contact_form_script Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact Form 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitr… CWE-22
パス・トラバーサル 		CVE-2010-1062 2010-03-24 23:40 2010-03-24 表示 GitHub Exploit DB Packet Storm
355798 6.8 MEDIUM
phpkobo short_url Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal … CWE-22
パス・トラバーサル 		CVE-2010-1061 2010-03-24 23:30 2010-03-24 表示 GitHub Exploit DB Packet Storm
355799 5.8 MEDIUM
tejimaya openpne The "IP address range limitation" function in OpenPNE 1.6 through 1.8, 2.0 through 2.8, 2.10 through 2.14, and 3.0 through 3.4, when mobile device support is enabled, allows remote attackers to bypas… CWE-287
不適切な認証 		CVE-2010-1040 2010-03-24 13:00 2010-03-24 表示 GitHub Exploit DB Packet Storm
355800 6.8 MEDIUM
phpkobo address_book_script Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local fi… CWE-22
パス・トラバーサル 		CVE-2010-1059 2010-03-24 13:00 2010-03-24 表示 GitHub Exploit DB Packet Storm