NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年7月16日4:30

No CVSS レベル
攻撃区分
ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
364101 4.6 MEDIUM
freebsd freebsd libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in anot… NVD-CWE-Other
CVE-2000-0595 2008-09-11 04:05 2000-07-5 表示 GitHub Exploit DB Packet Storm
364102 5.0 MEDIUM
fortech proxy\+ Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration service by redirecting their connections through the telnet proxy. NVD-CWE-Other
CVE-2000-0598 2008-09-11 04:05 2000-06-26 表示 GitHub Exploit DB Packet Storm
364103 7.5 HIGH
imesh.com imesh Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port. NVD-CWE-Other
CVE-2000-0599 2008-09-11 04:05 2000-06-29 表示 GitHub Exploit DB Packet Storm
364104 2.1 LOW
blackboard courseinfo Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords. NVD-CWE-Other
CVE-2000-0605 2008-09-11 04:05 2000-07-10 表示 GitHub Exploit DB Packet Storm
364105 10.0 HIGH
suse suse_linux Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output. NVD-CWE-Other
CVE-2000-0614 2008-09-11 04:05 2000-07-10 表示 GitHub Exploit DB Packet Storm
364106 4.6 MEDIUM
hp mpe_ix Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS. NVD-CWE-Other
CVE-2000-0616 2008-09-11 04:05 2000-06-26 表示 GitHub Exploit DB Packet Storm
364107 4.6 MEDIUM
stanley_t._shebs xconq Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable. NVD-CWE-Other
CVE-2000-0617 2008-09-11 04:05 2000-06-22 表示 GitHub Exploit DB Packet Storm
364108 4.6 MEDIUM
stanley_t._shebs xconq Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable. NVD-CWE-Other
CVE-2000-0618 2008-09-11 04:05 2000-06-22 表示 GitHub Exploit DB Packet Storm
364109 10.0 HIGH
oreilly website_professional Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header. NVD-CWE-Other
CVE-2000-0623 2008-09-11 04:05 2000-07-17 表示 GitHub Exploit DB Packet Storm
364110 4.6 MEDIUM
netzero zeroport NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password. NVD-CWE-Other
CVE-2000-0625 2008-09-11 04:05 2000-07-18 表示 GitHub Exploit DB Packet Storm
364111 5.0 MEDIUM
computer_software_manufaktur alibaba Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request. NVD-CWE-Other
CVE-2000-0626 2008-09-11 04:05 2000-07-18 表示 GitHub Exploit DB Packet Storm
364112 7.5 HIGH
sun java_system_web_server The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling t… NVD-CWE-Other
CVE-2000-0629 2008-09-11 04:05 2000-07-12 表示 GitHub Exploit DB Packet Storm
364113 6.4 MEDIUM
texas_imperial_software wftpd WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via c… NVD-CWE-Other
CVE-2000-0645 2008-09-11 04:05 2000-07-21 表示 GitHub Exploit DB Packet Storm
364114 5.0 MEDIUM
texas_imperial_software wftpd WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred. NVD-CWE-Other
CVE-2000-0646 2008-09-11 04:05 2000-07-21 表示 GitHub Exploit DB Packet Storm
364115 5.0 MEDIUM
texas_imperial_software wftpd WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server. NVD-CWE-Other
CVE-2000-0647 2008-09-11 04:05 2000-07-21 表示 GitHub Exploit DB Packet Storm
364116 5.0 MEDIUM
mozilla
netscape
mozilla
communicator
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. NVD-CWE-Other
CVE-2000-0655 2008-09-11 04:05 2000-07-25 表示 GitHub Exploit DB Packet Storm
364117 5.0 MEDIUM
analogx proxy Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol. NVD-CWE-Other
CVE-2000-0656 2008-09-11 04:05 2000-07-25 表示 GitHub Exploit DB Packet Storm
364118 5.0 MEDIUM
analogx proxy Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the POP3 protocol. NVD-CWE-Other
CVE-2000-0658 2008-09-11 04:05 2000-07-25 表示 GitHub Exploit DB Packet Storm
364119 5.0 MEDIUM
analogx proxy Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request. NVD-CWE-Other
CVE-2000-0659 2008-09-11 04:05 2000-07-25 表示 GitHub Exploit DB Packet Storm
364120 3.6 LOW
conectiva linux Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service. NVD-CWE-Other
CVE-2000-0667 2008-09-11 04:05 2000-07-27 表示 GitHub Exploit DB Packet Storm
364121 5.0 MEDIUM
netscape communicator Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp"… NVD-CWE-Other
CVE-2000-0676 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364122 5.0 MEDIUM
pgp pgp PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's publi… NVD-CWE-Other
CVE-2000-0678 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364123 10.0 HIGH
bea weblogic_server BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file. NVD-CWE-Other
CVE-2000-0684 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364124 10.0 HIGH
bea weblogic_server BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any sourc… NVD-CWE-Other
CVE-2000-0685 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364125 10.0 HIGH
cgi_script_center auction_weaver Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter. NVD-CWE-Other
CVE-2000-0690 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364126 7.2 HIGH
larry_wall perl suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" envi… NVD-CWE-Other
CVE-2000-0703 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364127 5.0 MEDIUM
luca_deri ntop ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack. NVD-CWE-Other
CVE-2000-0705 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364128 10.0 HIGH
luca_deri ntop Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands. NVD-CWE-Other
CVE-2000-0706 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364129 7.2 HIGH
university_of_massachusetts scheme umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files. NVD-CWE-Other
CVE-2000-0714 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364130 2.1 LOW
kirk_bauer
conectiva
diskcheck
linux
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. CWE-59
リンク解釈の問題
CVE-2000-0715 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364131 7.2 HIGH
zope zope Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request. NVD-CWE-Other
CVE-2000-0725 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364132 7.5 HIGH
netbsd
openbsd
redhat
netbsd
openbsd
linux
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name. NVD-CWE-Other
CVE-2000-0750 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364133 7.5 HIGH
checkpoint firewall-1 Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. NVD-CWE-Other
CVE-2000-0779 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364134 7.5 HIGH
xchat xchat IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser. NVD-CWE-Other
CVE-2000-0787 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364135 10.0 HIGH
suse suse_linux String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. NVD-CWE-Other
CVE-2000-0800 2008-09-11 04:05 2000-10-20 表示 GitHub Exploit DB Packet Storm
364136 6.4 MEDIUM
sgi irix The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. NVD-CWE-Other
CVE-2000-0283 2008-09-11 04:04 2000-04-12 表示 GitHub Exploit DB Packet Storm
364137 7.5 HIGH
university_of_washington imap Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands. NVD-CWE-Other
CVE-2000-0284 2008-09-11 04:04 2000-04-16 表示 GitHub Exploit DB Packet Storm
364138 7.2 HIGH
xfree86_project x11r6 Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. NVD-CWE-Other
CVE-2000-0285 2008-09-11 04:04 2000-04-16 表示 GitHub Exploit DB Packet Storm
364139 2.1 LOW
redhat linux X fontserver xfs allows local users to cause a denial of service via malformed input to the server. NVD-CWE-Other
CVE-2000-0286 2008-09-11 04:04 2000-04-16 表示 GitHub Exploit DB Packet Storm
364140 10.0 HIGH
cnc technology_bizdb The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter. NVD-CWE-Other
CVE-2000-0287 2008-09-11 04:04 2000-04-12 表示 GitHub Exploit DB Packet Storm
364141 5.0 MEDIUM
- - Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. NVD-CWE-Other
CVE-2000-0288 2008-09-11 04:04 2000-04-12 表示 GitHub Exploit DB Packet Storm
364142 5.0 MEDIUM
debian
linux
redhat
debian_linux
linux_kernel
linux
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established… NVD-CWE-Other
CVE-2000-0289 2008-09-11 04:04 2000-03-27 表示 GitHub Exploit DB Packet Storm
364143 4.6 MEDIUM
sun staroffice Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. NVD-CWE-Other
CVE-2000-0291 2008-09-11 04:04 2000-04-16 表示 GitHub Exploit DB Packet Storm
364144 2.1 LOW
suse suse_linux aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa… NVD-CWE-Other
CVE-2000-0293 2008-09-11 04:04 2000-05-2 表示 GitHub Exploit DB Packet Storm
364145 7.2 HIGH
jim_housley healthd Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. NVD-CWE-Other
CVE-2000-0294 2008-09-11 04:04 2000-04-10 表示 GitHub Exploit DB Packet Storm
364146 7.2 HIGH
michael_a._gumienny fcheck fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck. NVD-CWE-Other
CVE-2000-0296 2008-09-11 04:04 2000-03-31 表示 GitHub Exploit DB Packet Storm
364147 6.4 MEDIUM
allaire forums Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. NVD-CWE-Other
CVE-2000-0297 2008-09-11 04:04 2000-04-3 表示 GitHub Exploit DB Packet Storm
364148 5.0 MEDIUM
apple webobjects Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. NVD-CWE-Other
CVE-2000-0299 2008-09-11 04:04 2000-04-4 表示 GitHub Exploit DB Packet Storm
364149 6.4 MEDIUM
id_software quake_3_arena Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. NVD-CWE-Other
CVE-2000-0303 2008-09-11 04:04 2000-05-3 表示 GitHub Exploit DB Packet Storm
364150 2.1 LOW
openbsd openbsd The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. NVD-CWE-Other
CVE-2000-0309 2008-09-11 04:04 2001-03-12 表示 GitHub Exploit DB Packet Storm