NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月11日5:13

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
358551	7.5	HIGH	mnogosearch	mnogosearch	Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.	NVD-CWE-Other	CVE-2002-0789	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358552	5.0	MEDIUM	novell	netware	Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other i…	NVD-CWE-Other	CVE-2002-0791	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358553	5.0	MEDIUM	cisco	webns content_services_switch_11000	The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XM…	NVD-CWE-Other	CVE-2002-0792	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358554	5.0	MEDIUM	freebsd	freebsd	The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of servi…	NVD-CWE-Other	CVE-2002-0794	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358555	2.1	LOW	freebsd	freebsd	The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.	NVD-CWE-Other	CVE-2002-0795	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358556	7.5	HIGH	youngzsoft	cmailserver	Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.	NVD-CWE-Other	CVE-2002-0799	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358557	5.0	MEDIUM	working_resources_inc.	badblue	BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end.	NVD-CWE-Other	CVE-2002-0800	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358558	10.0	HIGH	macromedia	jrun	Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a …	NVD-CWE-Other	CVE-2002-0801	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358559	7.5	HIGH	mozilla	bugzilla	Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reve…	NVD-CWE-Other	CVE-2002-0804	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358560	4.6	MEDIUM	mozilla	bugzilla	Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local …	NVD-CWE-Other	CVE-2002-0805	2008-09-6 05:28	2002-08-12	表示	GitHub Exploit DB Packet Storm

358561	7.5	HIGH	yahoo	messenger	Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI.	NVD-CWE-Other	CVE-2002-0032	2008-09-6 05:27	2002-07-26	表示	GitHub Exploit DB Packet Storm

358562	7.5	HIGH	ibm	lotus_domino_server	Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses th…	NVD-CWE-Other	CVE-2002-0037	2008-09-6 05:27	2002-04-22	表示	GitHub Exploit DB Packet Storm

358563	5.0	MEDIUM	sgi	irix	rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.	NVD-CWE-Other	CVE-2002-0039	2008-09-6 05:27	2002-03-28	表示	GitHub Exploit DB Packet Storm

358564	2.1	LOW	sgi	irix	Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privile…	NVD-CWE-Other	CVE-2002-0040	2008-09-6 05:27	2002-03-28	表示	GitHub Exploit DB Packet Storm

358565	5.0	MEDIUM	sgi	irix	Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.	NVD-CWE-Other	CVE-2002-0041	2008-09-6 05:27	2002-04-22	表示	GitHub Exploit DB Packet Storm

358566	2.1	LOW	sgi	irix	Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.	NVD-CWE-Other	CVE-2002-0042	2008-09-6 05:27	2002-06-18	表示	GitHub Exploit DB Packet Storm

358567	7.5	HIGH	nswc	cider_shadow	Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields.	NVD-CWE-Other	CVE-2002-0091	2008-09-6 05:27	2002-03-15	表示	GitHub Exploit DB Packet Storm

358568	7.5	HIGH	fraunhofer_fit	bscw	config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during f…	NVD-CWE-Other	CVE-2002-0094	2008-09-6 05:27	2002-03-25	表示	GitHub Exploit DB Packet Storm

358569	7.5	HIGH	fraunhofer_fit	bscw	The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join …	NVD-CWE-Other	CVE-2002-0095	2008-09-6 05:27	2002-03-25	表示	GitHub Exploit DB Packet Storm

358570	7.2	HIGH	geeklog	geeklog	The installation of Geeklog 1.3 creates an extra group_assignments record which is not properly deleted, which causes the first newly created user to be added to the GroupAdmin and UserAdmin groups, …	NVD-CWE-Other	CVE-2002-0096	2008-09-6 05:27	2002-03-25	表示	GitHub Exploit DB Packet Storm

358571	7.5	HIGH	yabb	yabb	Cross-site scripting vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 and earlier allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded …	NVD-CWE-Other	CVE-2002-0117	2008-09-6 05:27	2002-03-25	表示	GitHub Exploit DB Packet Storm

358572	7.5	HIGH	sambar	sambar_server	cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument.	NVD-CWE-Other	CVE-2002-0128	2008-09-6 05:27	2002-03-25	表示	GitHub Exploit DB Packet Storm

358573	4.6	MEDIUM	eazel	nautilus	Nautilus 1.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the .nautilus-metafile.xml metadata file.	NVD-CWE-Other	CVE-2002-0157	2008-09-6 05:27	2002-05-16	表示	GitHub Exploit DB Packet Storm

358574	7.5	HIGH	xpilot	xpilot	Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code.	NVD-CWE-Other	CVE-2002-0179	2008-09-6 05:27	2002-04-22	表示	GitHub Exploit DB Packet Storm

358575	7.5	HIGH	apache	mod_python	mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous function…	NVD-CWE-Other	CVE-2002-0185	2008-09-6 05:27	2002-05-16	表示	GitHub Exploit DB Packet Storm

358576	4.6	MEDIUM	cisco	tacacs\+	tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and …	NVD-CWE-Other	CVE-2002-0225	2008-09-6 05:27	2002-05-16	表示	GitHub Exploit DB Packet Storm

358577	7.5	HIGH	castelle	faxpress	Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes…	NVD-CWE-Other	CVE-2002-0235	2008-09-6 05:27	2002-05-29	表示	GitHub Exploit DB Packet Storm

358578	7.5	HIGH	cisco	secure_access_control_server	NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to au…	NVD-CWE-Other	CVE-2002-0241	2008-09-6 05:27	2002-05-29	表示	GitHub Exploit DB Packet Storm

358579	5.0	MEDIUM	cisco	ios	Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP l…	NVD-CWE-Other	CVE-2002-0339	2008-09-6 05:27	2002-06-25	表示	GitHub Exploit DB Packet Storm

358580	4.6	MEDIUM	sgi	mediamail	MediaMail and MediaMail Pro in SGI IRIX 6.5.16 and earlier allows local users to force the program to dump core via certain arguments, which could allow the users to read sensitive data or gain privi…	NVD-CWE-Other	CVE-2002-0358	2008-09-6 05:27	2002-07-26	表示	GitHub Exploit DB Packet Storm

358581	7.5	HIGH	aladdin_enterprises	ghostscript	ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice.	NVD-CWE-Other	CVE-2002-0363	2008-09-6 05:27	2002-05-29	表示	GitHub Exploit DB Packet Storm

358582	5.0	MEDIUM	freebsd netbsd openbsd	freebsd netbsd openbsd	The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via pac…	NVD-CWE-Other	CVE-2002-0381	2008-09-6 05:27	2002-06-25	表示	GitHub Exploit DB Packet Storm

358583	10.0	HIGH	red-m	1050ap_lan_acess_point	Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords.	NVD-CWE-Other	CVE-2002-0394	2008-09-6 05:27	2002-07-26	表示	GitHub Exploit DB Packet Storm

358584	5.0	MEDIUM	menasoft	sphereserver	Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause a denial of service by establishing a large number of connections to the server without providing login credentials, which preve…	NVD-CWE-Other	CVE-2002-0406	2008-09-6 05:27	2002-07-26	表示	GitHub Exploit DB Packet Storm

358585	5.0	MEDIUM	aeromail	aeromail	send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.	NVD-CWE-Other	CVE-2002-0410	2008-09-6 05:27	2002-07-26	表示	GitHub Exploit DB Packet Storm

358586	7.5	HIGH	aeromail	aeromail	Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line.	NVD-CWE-Other	CVE-2002-0411	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358587	7.5	HIGH	rebb	rebb	Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script.	NVD-CWE-Other	CVE-2002-0413	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358588	7.5	HIGH	freebsd netbsd openbsd	freebsd netbsd openbsd	KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG…	NVD-CWE-Other	CVE-2002-0414	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358589	1.7	LOW	realnetworks	realplayer	Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in …	NVD-CWE-Other	CVE-2002-0415	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358590	10.0	HIGH	sh39	mailserver	Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port.	NVD-CWE-Other	CVE-2002-0416	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358591	5.0	MEDIUM	endymion	mailman_webmail	Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for vario…	NVD-CWE-Other	CVE-2002-0417	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358592	5.0	MEDIUM	endymion	sake_mail	Directory traversal vulnerability in the com.endymion.sake.servlet.mail.MailServlet servlet for Endymion SakeMail 1.0.36 and earlier allows remote attackers to read arbitrary files via a .. (dot dot)…	NVD-CWE-Other	CVE-2002-0418	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358593	7.5	HIGH	claymore_systems_inc	puretls	Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions.	NVD-CWE-Other	CVE-2002-0420	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358594	5.0	MEDIUM	microsoft	windows_nt	IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, …	NVD-CWE-Other	CVE-2002-0421	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358595	10.0	HIGH	efingerd	efingerd	Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address …	NVD-CWE-Other	CVE-2002-0423	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358596	4.6	MEDIUM	efingerd	efingerd	efingerd 1.61 and earlier, when configured without the -u option, executes .efingerd files as the efingerd user (typically "nobody"), which allows local users to gain privileges as the efingerd user …	NVD-CWE-Other	CVE-2002-0424	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358597	5.0	MEDIUM	khaled_mardam-bey	mirc	mIRC DCC server protocol allows remote attackers to gain sensitive information such as alternate IRC nicknames via a "100 testing" message in a DCC connection request that cannot be ignored or cancel…	NVD-CWE-Other	CVE-2002-0425	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358598	7.5	HIGH	linksys	befvp41	VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack…	NVD-CWE-Other	CVE-2002-0426	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358599	10.0	HIGH	christof_pohl	improved_mod_frontpage	Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.	NVD-CWE-Other	CVE-2002-0427	2008-09-6 05:27	2002-08-12	表示	GitHub Exploit DB Packet Storm

358600	7.5	HIGH	les_vanbrunt	adrotate_pro	get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack.	NVD-CWE-Other	CVE-2001-1224	2008-09-6 05:26	2001-12-23	表示	GitHub Exploit DB Packet Storm