NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年7月16日4:30

No CVSS レベル
攻撃区分
ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
365951 7.2 HIGH
joe_rumsey xgalaga Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. NVD-CWE-Other
CVE-2003-0454 2008-09-6 05:34 2003-08-7 表示 GitHub Exploit DB Packet Storm
365952 4.6 MEDIUM
hp nonstop_seeview_server_gateway Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges. NVD-CWE-Other
CVE-2003-0458 2008-09-6 05:34 2003-08-18 表示 GitHub Exploit DB Packet Storm
365953 7.2 HIGH
michael_c._toren tcptraceroute tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulne… NVD-CWE-Other
CVE-2003-0489 2008-09-6 05:34 2003-08-7 表示 GitHub Exploit DB Packet Storm
365954 10.0 HIGH
proftpd_project proftpd SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing au… NVD-CWE-Other
CVE-2003-0500 2008-09-6 05:34 2003-08-7 表示 GitHub Exploit DB Packet Storm
365955 7.5 HIGH
apple safari Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to s… NVD-CWE-Other
CVE-2003-0514 2008-09-6 05:34 2004-04-15 表示 GitHub Exploit DB Packet Storm
365956 4.6 MEDIUM
daiki_ueno liece_emacs_irc_client The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. NVD-CWE-Other
CVE-2003-0537 2008-09-6 05:34 2003-08-18 表示 GitHub Exploit DB Packet Storm
365957 5.0 MEDIUM
sgi irix The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. NVD-CWE-Other
CVE-2003-0573 2008-09-6 05:34 2003-08-18 表示 GitHub Exploit DB Packet Storm
365958 10.0 HIGH
phpgroupware phpgroupware Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web do… NVD-CWE-Other
CVE-2003-0599 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365959 6.8 MEDIUM
mozilla bugzilla Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default Ge… NVD-CWE-Other
CVE-2003-0602 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365960 2.1 LOW
mozilla bugzilla Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with … NVD-CWE-Other
CVE-2003-0603 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365961 4.6 MEDIUM
xtokkaetama xtokkaetama Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. NVD-CWE-Other
CVE-2003-0611 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365962 7.5 HIGH
novell ichain Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. NVD-CWE-Other
CVE-2003-0636 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365963 10.0 HIGH
bea weblogic_server BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privile… NVD-CWE-Other
CVE-2003-0640 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365964 4.6 MEDIUM
johannes_sixt kdbg Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands. NVD-CWE-Other
CVE-2003-0644 2008-09-6 05:34 2003-09-7 表示 GitHub Exploit DB Packet Storm
365965 7.5 HIGH
mod_mylo mod_mylo Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. NVD-CWE-Other
CVE-2003-0651 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365966 7.5 HIGH
phpgroupware phpgroupware Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions. NVD-CWE-Other
CVE-2003-0657 2008-09-6 05:34 2003-08-27 表示 GitHub Exploit DB Packet Storm
365967 7.5 HIGH
sgi irix NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypas… NVD-CWE-Other
CVE-2003-0683 2008-09-6 05:34 2003-11-3 表示 GitHub Exploit DB Packet Storm
365968 7.2 HIGH
hp hp-ux Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. NVD-CWE-Other
CVE-2003-0061 2008-09-6 05:33 2002-01-11 表示 GitHub Exploit DB Packet Storm
365969 5.0 MEDIUM
nokia 6210_handset Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of form… NVD-CWE-Other
CVE-2003-0103 2008-09-6 05:33 2003-03-7 表示 GitHub Exploit DB Packet Storm
365970 5.0 MEDIUM
peoplesoft peopletools Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. NVD-CWE-Other
CVE-2003-0104 2008-09-6 05:33 2003-03-18 表示 GitHub Exploit DB Packet Storm
365971 7.5 HIGH
ibm aix The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorize… NVD-CWE-Other
CVE-2003-0119 2008-09-6 05:33 2004-02-3 表示 GitHub Exploit DB Packet Storm
365972 1.2 LOW
mhc-utils mhc-utils adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. NVD-CWE-Other
CVE-2003-0120 2008-09-6 05:33 2003-03-7 表示 GitHub Exploit DB Packet Storm
365973 7.5 HIGH
multitech routefinder_550_vpn The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to … NVD-CWE-Other
CVE-2003-0126 2008-09-6 05:33 2003-03-18 表示 GitHub Exploit DB Packet Storm
365974 5.0 MEDIUM
adobe acrobat_reader Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, whic… NVD-CWE-Other
CVE-2003-0142 2008-09-6 05:33 2003-08-18 表示 GitHub Exploit DB Packet Storm
365975 7.5 HIGH
mozilla bonsai Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user. NVD-CWE-Other
CVE-2003-0152 2008-09-6 05:33 2003-04-2 表示 GitHub Exploit DB Packet Storm
365976 5.0 MEDIUM
mozilla bonsai bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. NVD-CWE-Other
CVE-2003-0155 2008-09-6 05:33 2003-04-2 表示 GitHub Exploit DB Packet Storm
365977 7.5 HIGH
mutt mutt Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and pos… NVD-CWE-Other
CVE-2003-0167 2008-09-6 05:33 2003-04-2 表示 GitHub Exploit DB Packet Storm
365978 5.0 MEDIUM
sgi irix The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP p… NVD-CWE-Other
CVE-2003-0176 2008-09-6 05:33 2003-08-18 表示 GitHub Exploit DB Packet Storm
365979 4.6 MEDIUM
sgi irix SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently. NVD-CWE-Other
CVE-2003-0177 2008-09-6 05:33 2003-08-18 表示 GitHub Exploit DB Packet Storm
365980 4.6 MEDIUM
redhat tcpdump
linux
tcpdump does not properly drop privileges to the pcap user when starting up. NVD-CWE-Other
CVE-2003-0194 2008-09-6 05:33 2003-06-9 表示 GitHub Exploit DB Packet Storm
365981 4.6 MEDIUM
debian mime-support run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. NVD-CWE-Other
CVE-2003-0214 2008-09-6 05:33 2003-05-12 表示 GitHub Exploit DB Packet Storm
365982 7.5 HIGH
frontrange goldmine FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attacker… NVD-CWE-Other
CVE-2003-0241 2008-09-6 05:33 2003-06-9 表示 GitHub Exploit DB Packet Storm
365983 7.5 HIGH
adobe acrobat Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated… NVD-CWE-Other
CVE-2003-0284 2008-09-6 05:33 2003-06-16 表示 GitHub Exploit DB Packet Storm
365984 5.8 MEDIUM
neosoft neobook The NBActiveX.ocx ActiveX control in NeoBook 4 allows remote attackers to install and execute arbitrary programs. NVD-CWE-Other
CVE-2002-2352 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365985 7.8 HIGH
netgear fm114p Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. CWE-20
不適切な入力確認
CVE-2002-2354 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365986 7.1 HIGH
netgear fm114p Netgear FM114P firmware 1.3 wireless firewall, when configured to backup configuration information, stores DDNS (DynDNS) user name and password, MAC address filtering table and possibly other informa… CWE-255
証明書・パスワード管理
CVE-2002-2355 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365987 6.4 MEDIUM
hamweather hamweather HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. CWE-264
認可・権限・アクセス制御
CVE-2002-2356 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365988 5.0 MEDIUM
mailenable mailenable MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. CWE-119
バッファエラー
CVE-2002-2357 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365989 4.3 MEDIUM
opera_software opera_web_browser Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2002-2358 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365990 4.3 MEDIUM
mozilla mozilla Cross-site scripting (XSS) vulnerability in the FTP view feature in Mozilla 1.0 allows remote attackers to inject arbitrary web script or HTML via the title tag of an ftp URL. CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2002-2359 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365991 9.3 HIGH
webmin webmin The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_for… CWE-264
認可・権限・アクセス制御
CVE-2002-2360 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365992 5.8 MEDIUM
yahoo messenger The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. CWE-264
認可・権限・アクセス制御
CVE-2002-2361 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365993 4.3 MEDIUM
sourceforge mymarket Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2002-2362 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365994 7.2 HIGH
hp hp-ux VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. CWE-264
認可・権限・アクセス制御
CVE-2002-2363 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365995 4.3 MEDIUM
sourceforge php_ticket Cross-site scripting (XSS) vulnerability in PHP Ticket 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a help ticket. CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2002-2364 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365996 10.0 HIGH
springer_verlag_berlin_heidelberg simple_wais Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. CWE-20
不適切な入力確認
CVE-2002-2365 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365997 6.8 MEDIUM
cerulean_studios trillian Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors fil… CWE-119
バッファエラー
CVE-2002-2366 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365998 7.8 HIGH
socks5 socks5 Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. CWE-189
CWE-119
数値処理の問題
バッファエラー
CVE-2002-2367 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
365999 10.0 HIGH
nec socks_5 Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function i… CWE-119
バッファエラー
CVE-2002-2368 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm
366000 5.0 MEDIUM
perception liteserve Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "/./" in a URL. CWE-200
情報漏えい
CVE-2002-2369 2008-09-6 05:33 2002-12-31 表示 GitHub Exploit DB Packet Storm