NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年7月16日4:30

No CVSS レベル
攻撃区分
ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
364801 7.2 HIGH
netbsd netbsd Integer overflow in the FreeBSD compatibility code (freebsd_misc.c) in NetBSD-current, NetBSD-3, NetBSD-2.0, and NetBSD-2 before 20050913; and NetBSD-1.6 before 20050914; allows local users to cause … NVD-CWE-Other
CVE-2005-4776 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364802 7.2 HIGH
netbsd netbsd this vulnerbaility is addressed in the following product versions: NetBSD, NetBSD, 2.0.3, and higher NVD-CWE-Other
CVE-2005-4776 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364803 4.9 MEDIUM
tashcom aspedit Tashcom ASPEdit 2.9 stores the administration password (aka the FTP password) in cleartext in the registry, which might allow local users to view the password. NVD-CWE-Other
CVE-2005-4777 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364804 2.1 LOW
- - The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized ac… NVD-CWE-Other
CVE-2005-4778 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364805 2.1 LOW
- - This vulnerablility is addressed in the following product release: SUSE, Linux, 10.0 2005-10-07 NVD-CWE-Other
CVE-2005-4778 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364806 3.6 LOW
netbsd netbsd verifiedexecioctl in verified_exec.c in NetBSD 2.0.2 calls NDINIT with UIO_USERSPACE rather than UID_SYSSPACE, which removes the functionality of the verified exec kernel subsystem and might allow lo… NVD-CWE-Other
CVE-2005-4779 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364807 4.9 MEDIUM
netbsd netbsd NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger… NVD-CWE-Other
CVE-2005-4782 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364808 2.1 LOW
netbsd netbsd kernfs_xread in kernfs_vnops.c in NetBSD before 20050831 does not check for a negative offset when reading the message buffer, which allows local users to read arbitrary kernel memory. NVD-CWE-Other
CVE-2005-4783 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364809 5.6 MEDIUM
austin_group posix Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack th… NVD-CWE-Other
CVE-2005-4784 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364810 2.1 LOW
suse suse_linux resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices." NVD-CWE-Other
CVE-2005-4788 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364811 2.1 LOW
suse suse_linux resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restr… NVD-CWE-Other
CVE-2005-4789 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364812 7.5 HIGH
phpwebsite phpwebsite SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the p… NVD-CWE-Other
CVE-2005-4792 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364813 7.5 HIGH
hitachi cm2-network_node_manager
jp1-cm2-network_node_manager_250
Multiple unspecified vulnerabilities in the web utility function in Hitachi Cm2/Network Node Manager and JP1/Cm2/Network Node Manager before 20050930 allow attackers to execute arbitrary commands, di… NVD-CWE-Other
CVE-2005-4793 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364814 5.0 MEDIUM
sun java_system_application_server Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers t… NVD-CWE-Other
CVE-2005-4805 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364815 7.5 HIGH
middlebury_college segue_cms Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PH… NVD-CWE-Other
CVE-2005-4814 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364816 7.5 HIGH
proftpd_project proftpd Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password. NVD-CWE-Other
CVE-2005-4816 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364817 7.5 HIGH
copernicus europa Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the det… NVD-CWE-Other
CVE-2005-4818 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364818 7.5 HIGH
glen_campbell siteframe PHP remote file inclusion vulnerability in web/classes.php in Siteframe before 3.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the LOCAL_PATH parameter, a different vulnerabi… NVD-CWE-Other
CVE-2005-4824 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364819 5.0 MEDIUM
claymore_systems_inc puretls PureTLS before 0.9b5 does not clear optional Extensions and Algorithm.Parameters values before parsing, which might trigger an information leak of values from earlier certificates. NVD-CWE-Other
CVE-2005-4839 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364820 4.3 MEDIUM
spey spey Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call. CWE-20
不適切な入力確認
CVE-2005-4846 2008-09-6 05:57 2005-12-31 表示 GitHub Exploit DB Packet Storm
364821 4.6 MEDIUM
appfluent_technology database_ids Buffer overflow in Appfluent Technology Database IDS 2.0 allows local users to execute arbitrary code via a long APPFLUENT_HOME environment variable. NVD-CWE-Other
CVE-2005-4076 2008-09-6 05:56 2005-12-8 表示 GitHub Exploit DB Packet Storm
364822 7.5 HIGH
realnetworks realplayer ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPla… NVD-CWE-Other
CVE-2005-4126 2008-09-6 05:56 2005-12-9 表示 GitHub Exploit DB Packet Storm
364823 7.5 HIGH
realnetworks realplayer ** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPla… NVD-CWE-Other
CVE-2005-4130 2008-09-6 05:56 2005-12-9 表示 GitHub Exploit DB Packet Storm
364824 7.5 HIGH
adaptive_technology_resource_centre atutor registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NO… NVD-CWE-Other
CVE-2005-4155 2008-09-6 05:56 2005-12-11 表示 GitHub Exploit DB Packet Storm
364825 9.4 HIGH
mambo mambo_open_source_4.5 Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), with magic_quotes_gpc disabled, allows remote attackers to read arbitrary files and possibly cause a denial of service via a query … NVD-CWE-Other
CVE-2005-4156 2008-09-6 05:56 2005-12-11 表示 GitHub Exploit DB Packet Storm
364826 4.3 MEDIUM
efiction_project efiction Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the let parameter in a viewlist action to titles.php. NVD-CWE-Other
CVE-2005-4167 2008-09-6 05:56 2005-12-12 表示 GitHub Exploit DB Packet Storm
364827 7.5 HIGH
efiction_project efiction Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter in a viewlist action to titles.php and (2) the … NVD-CWE-Other
CVE-2005-4168 2008-09-6 05:56 2005-12-12 表示 GitHub Exploit DB Packet Storm
364828 7.5 HIGH
efiction_project efiction The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .ph… NVD-CWE-Other
CVE-2005-4171 2008-09-6 05:56 2005-12-12 表示 GitHub Exploit DB Packet Storm
364829 5.0 MEDIUM
efiction_project efiction eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error m… NVD-CWE-Other
CVE-2005-4172 2008-09-6 05:56 2005-12-12 表示 GitHub Exploit DB Packet Storm
364830 5.0 MEDIUM
efiction_project efiction eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information by accessing phpinfo.php, which executes the PHP phpinfo function. NVD-CWE-Other
CVE-2005-4173 2008-09-6 05:56 2005-12-12 表示 GitHub Exploit DB Packet Storm
364831 7.5 HIGH
- - eFiction 1.0, 1.1, and 2.0, in unspecified environments, might allow remote attackers to conduct unauthorized operations by directly accessing (1) install.php or (2) upgrade.php. NOTE: it is unclear… NVD-CWE-Other
CVE-2005-4174 2008-09-6 05:56 2005-12-12 表示 GitHub Exploit DB Packet Storm
364832 4.3 MEDIUM
logisphere logisphere Cross-site scripting (XSS) vulnerability in LogiSphere 0.9.9j allows remote attackers to inject arbitrary Javascript via the msg command. NOTE: due to lack of appropriate details by the original rese… NVD-CWE-Other
CVE-2005-4204 2008-09-6 05:56 2005-12-13 表示 GitHub Exploit DB Packet Storm
364833 4.3 MEDIUM
asp-dev xm_forum Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forum_title parameter. NOTE: the provenance of th… NVD-CWE-Other
CVE-2005-4256 2008-09-6 05:56 2005-12-15 表示 GitHub Exploit DB Packet Storm
364834 7.8 HIGH
linksys befw11s4
befw11s4_v3
befw11s4_v4
wrt54gs
Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LA… NVD-CWE-Other
CVE-2005-4257 2008-09-6 05:56 2005-12-15 表示 GitHub Exploit DB Packet Storm
364835 7.5 HIGH
alt-n mdaemon
worldclient
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to pe… NVD-CWE-Other
CVE-2005-4266 2008-09-6 05:56 2005-12-15 表示 GitHub Exploit DB Packet Storm
364836 7.8 HIGH
microsoft ie
windows_2003_server
windows_xp
mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer 6.0 SP1 allows attackers to cause a denial of service (access violation) by causing mshtml.dll to process button-focus events at… NVD-CWE-Other
CVE-2005-4269 2008-09-6 05:56 2005-12-16 表示 GitHub Exploit DB Packet Storm
364837 7.8 HIGH
scientific_atlanta dpx2100_cable_modem Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag s… NVD-CWE-Other
CVE-2005-4275 2008-09-6 05:56 2005-12-16 表示 GitHub Exploit DB Packet Storm
364838 7.8 HIGH
westell versalink Westell Versalink 327W allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). N… NVD-CWE-Other
CVE-2005-4276 2008-09-6 05:56 2005-12-16 表示 GitHub Exploit DB Packet Storm
364839 7.8 HIGH
- - AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request. NVD-CWE-Other
CVE-2005-4296 2008-09-6 05:56 2005-12-16 表示 GitHub Exploit DB Packet Storm
364840 7.5 HIGH
john_andersson zixforum SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.… NVD-CWE-Other
CVE-2005-4334 2008-09-6 05:56 2005-12-17 表示 GitHub Exploit DB Packet Storm
364841 7.5 HIGH
blackboard academic_suite The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileg… NVD-CWE-Other
CVE-2005-4337 2008-09-6 05:56 2005-12-19 表示 GitHub Exploit DB Packet Storm
364842 10.0 HIGH
blackboard academic_suite announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setti… NVD-CWE-Other
CVE-2005-4338 2008-09-6 05:56 2005-12-19 表示 GitHub Exploit DB Packet Storm
364843 4.3 MEDIUM
blackboard academic_suite Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitr… NVD-CWE-Other
CVE-2005-4339 2008-09-6 05:56 2005-12-19 表示 GitHub Exploit DB Packet Storm
364844 5.0 MEDIUM
blackboard academic_suite Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id par… NVD-CWE-Other
CVE-2005-4341 2008-09-6 05:56 2005-12-19 表示 GitHub Exploit DB Packet Storm
364845 4.3 MEDIUM
icms_content_management_systems icms Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. NOTE: the provenance of this issue is… NVD-CWE-Other
CVE-2005-4396 2008-09-6 05:56 2005-12-20 表示 GitHub Exploit DB Packet Storm
364846 7.5 HIGH
icms_content_management_systems icms SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter. NVD-CWE-Other
CVE-2005-4397 2008-09-6 05:56 2005-12-20 表示 GitHub Exploit DB Packet Storm
364847 7.5 HIGH
media2_cms media2_cms_shop SQL injection vulnerability in default.asp in Media2 CMS Shop 18.x allows remote attackers to execute arbitrary SQL commands via the item parameter. NOTE: the provenance of this issue is unknown; th… NVD-CWE-Other
CVE-2005-4404 2008-09-6 05:56 2005-12-20 表示 GitHub Exploit DB Packet Storm
364848 2.1 LOW
citrix program_neighborhood_client Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the… NVD-CWE-Other
CVE-2005-4412 2008-09-6 05:56 2005-12-20 表示 GitHub Exploit DB Packet Storm
364849 4.3 MEDIUM
ibm websphere_application_server Multiple cross-site scripting (XSS) vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the (1) E-mail address fi… NVD-CWE-Other
CVE-2005-4413 2008-09-6 05:56 2005-12-20 表示 GitHub Exploit DB Packet Storm
364850 10.0 HIGH
open_lab teamwork Unspecified vulnerability in Teamwork 3 before alpha 1.7 has unknown impact and attack vectors, related to "a menu security bug." NVD-CWE-Other
CVE-2005-4414 2008-09-6 05:56 2005-12-20 表示 GitHub Exploit DB Packet Storm