NVD脆弱性情報トップ
検索メニュー表示
ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD(National Vulnerability Database)で管理されている脆弱性の一覧を検索することが出来ます。
JVN(Japan Vulnerability Note)より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN(Japan Vulnerability Note)に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

更新日:2026年6月11日5:13

No CVSS レベル
攻撃区分		 ベンダー名 プロダクト名 タイトル CWE CVE 更新日 公表日 影響表示 Exploit
PoC
検索
353051 4.6 MEDIUM
platform lsadmin The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.con… NVD-CWE-Other
CVE-2003-0337 2016-10-18 11:32 2003-05-22 表示 GitHub Exploit DB Packet Storm
353052 5.0 MEDIUM
wsmp3 wsmp3_daemon
wsmp3_web_server 		Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. NVD-CWE-Other
CVE-2003-0338 2016-10-18 11:32 2003-05-21 表示 GitHub Exploit DB Packet Storm
353053 7.5 HIGH
wsmp3 wsmp3_daemon
wsmp3_web_server 		Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests. NVD-CWE-Other
CVE-2003-0339 2016-10-18 11:32 2003-05-22 表示 GitHub Exploit DB Packet Storm
353054 6.8 MEDIUM
owl owl_intranet_engine Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field. NVD-CWE-Other
CVE-2003-0341 2016-10-18 11:32 2003-05-21 表示 GitHub Exploit DB Packet Storm
353055 4.6 MEDIUM
selom_ofori blackmoon_ftp_server BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privi… NVD-CWE-Other
CVE-2003-0342 2016-10-18 11:32 2003-05-20 表示 GitHub Exploit DB Packet Storm
353056 4.6 MEDIUM
selom_ofori blackmoon_ftp_server BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier fo… NVD-CWE-Other
CVE-2003-0343 2016-10-18 11:32 2003-05-21 表示 GitHub Exploit DB Packet Storm
353057 6.2 MEDIUM
sap sap_db Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by… NVD-CWE-Other
CVE-2003-0265 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353058 7.5 HIGH
bvrp_software slwebmail Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll… NVD-CWE-Other
CVE-2003-0266 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353059 5.0 MEDIUM
bvrp_software slwebmail ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file. NVD-CWE-Other
CVE-2003-0267 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353060 5.0 MEDIUM
bvrp_software slwebmail SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message. NVD-CWE-Other
CVE-2003-0268 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353061 7.5 HIGH
cooolsoft personal_ftp_server Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. NVD-CWE-Other
CVE-2003-0271 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353062 6.8 MEDIUM
best_practical_solutions request_tracker Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. NVD-CWE-Other
CVE-2003-0273 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353063 10.0 HIGH
cren listproc Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. NVD-CWE-Other
CVE-2003-0274 2016-10-18 11:31 2003-05-27 表示 GitHub Exploit DB Packet Storm
353064 5.1 MEDIUM
yabb yabb SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. NVD-CWE-Other
CVE-2003-0275 2016-10-18 11:31 2003-06-16 表示 GitHub Exploit DB Packet Storm
353065 6.8 MEDIUM
inktomi inktomi_traffic-server Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote attackers to insert arbitrary web script or HTML into an error page that appears to come from the domain that th… NVD-CWE-Other
CVE-2003-0292 2016-10-18 11:31 2003-06-16 表示 GitHub Exploit DB Packet Storm
353066 5.0 MEDIUM
palm palmos PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets. NVD-CWE-Other
CVE-2003-0293 2016-10-18 11:31 2003-06-16 表示 GitHub Exploit DB Packet Storm
353067 5.0 MEDIUM
php-proxima php-proxima autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. NVD-CWE-Other
CVE-2003-0294 2016-10-18 11:31 2003-06-16 表示 GitHub Exploit DB Packet Storm
353068 6.8 MEDIUM
jelsoft vbulletin Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability. NVD-CWE-Other
CVE-2003-0295 2016-10-18 11:31 2003-06-16 表示 GitHub Exploit DB Packet Storm
353069 5.1 MEDIUM
realnetworks realone_enterprise_desktop
realone_player
realplayer 		The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memo… NVD-CWE-Other
CVE-2003-0141 2016-10-18 11:30 2003-04-2 表示 GitHub Exploit DB Packet Storm
353070 7.5 HIGH
bea weblogic_server BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary f… NVD-CWE-Other
CVE-2003-0151 2016-10-18 11:30 2003-03-24 表示 GitHub Exploit DB Packet Storm
353071 6.8 MEDIUM
mozilla bonsai Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the fil… NVD-CWE-Other
CVE-2003-0154 2016-10-18 11:30 2003-04-2 表示 GitHub Exploit DB Packet Storm
353072 5.0 MEDIUM
cross_referencer lxr Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter. NVD-CWE-Other
CVE-2003-0156 2016-10-18 11:30 2003-03-24 表示 GitHub Exploit DB Packet Storm
353073 5.0 MEDIUM
gaim-encryption gaim-encryption decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negati… NVD-CWE-Other
CVE-2003-0163 2016-10-18 11:30 2003-05-5 表示 GitHub Exploit DB Packet Storm
353074 5.0 MEDIUM
hp instant_toptools hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which … NVD-CWE-Other
CVE-2003-0169 2016-10-18 11:30 2003-04-11 表示 GitHub Exploit DB Packet Storm
353075 7.2 HIGH
borland_software
firebirdsql 		interbase
firebird 		Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). NVD-CWE-Other
CVE-2003-0197 2016-10-18 11:30 2003-04-11 表示 GitHub Exploit DB Packet Storm
353076 7.5 HIGH
kde kde KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when usi… NVD-CWE-Other
CVE-2003-0204 2016-10-18 11:30 2003-05-5 表示 GitHub Exploit DB Packet Storm
353077 7.5 HIGH
gkrellm_newsticker gkrellm_newsticker gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI. NVD-CWE-Other
CVE-2003-0205 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353078 5.0 MEDIUM
gkrellm_newsticker gkrellm_newsticker gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines. NVD-CWE-Other
CVE-2003-0206 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353079 4.3 MEDIUM
macromedia flash Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. NVD-CWE-Other
CVE-2003-0208 2016-10-18 11:30 2003-05-5 表示 GitHub Exploit DB Packet Storm
353080 10.0 HIGH
smoothwall
sourcefire 		smoothwall
snort 		Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-b… NVD-CWE-Other
CVE-2003-0209 2016-10-18 11:30 2003-05-5 表示 GitHub Exploit DB Packet Storm
353081 7.5 HIGH
cisco secure_access_control_server Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user para… NVD-CWE-Other
CVE-2003-0210 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353082 7.5 HIGH
rinetd rinetd handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service an… NVD-CWE-Other
CVE-2003-0212 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353083 7.5 HIGH
poptop pptp_server ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, le… NVD-CWE-Other
CVE-2003-0213 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353084 6.8 MEDIUM
neoteris instant_virtual_extranet Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI… NVD-CWE-Other
CVE-2003-0217 2016-10-18 11:30 2003-06-16 表示 GitHub Exploit DB Packet Storm
353085 7.5 HIGH
kerio personal_firewall_2 Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration… NVD-CWE-Other
CVE-2003-0219 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353086 7.5 HIGH
kerio personal_firewall_2 Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. NVD-CWE-Other
CVE-2003-0220 2016-10-18 11:30 2003-05-12 表示 GitHub Exploit DB Packet Storm
353087 7.5 HIGH
national_university_of_singapore uxterm The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user… NVD-CWE-Other
CVE-2003-0065 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353088 7.5 HIGH
rxvt rxvt The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.… NVD-CWE-Other
CVE-2003-0066 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353089 7.5 HIGH
aterm aterm The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the … NVD-CWE-Other
CVE-2003-0067 2016-10-18 11:29 2003-03-18 表示 GitHub Exploit DB Packet Storm
353090 7.5 HIGH
michael_jennings eterm The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e… NVD-CWE-Other
CVE-2003-0068 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353091 7.5 HIGH
putty putty The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the … NVD-CWE-Other
CVE-2003-0069 2016-10-18 11:29 2003-03-18 表示 GitHub Exploit DB Packet Storm
353092 6.8 MEDIUM
nalin_dahyabhai
gnome 		vte
gnome-terminal 		VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then in… NVD-CWE-Other
CVE-2003-0070 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353093 6.8 MEDIUM
nalin_dahyabhai
gnome 		vte
gnome-terminal 		Per: http://cwe.mitre.org/data/definitions/77.html 'CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')' NVD-CWE-Other
CVE-2003-0070 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353094 2.1 LOW
xfree86_project x11r6 The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the ter… NVD-CWE-Other
CVE-2003-0071 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353095 7.2 HIGH
plptools plptools Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog. NVD-CWE-Other
CVE-2003-0074 2016-10-18 11:29 2003-02-19 表示 GitHub Exploit DB Packet Storm
353096 7.5 HIGH
bladeenc bladeenc Integer signedness error in the myFseek function of samplein.c for Blade encoder (BladeEnc) 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following … NVD-CWE-Other
CVE-2003-0075 2016-10-18 11:29 2003-02-19 表示 GitHub Exploit DB Packet Storm
353097 6.4 MEDIUM
dcgui
qt-dcgui 		dcgui
qt-dcgui 		Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist. NVD-CWE-Other
CVE-2003-0076 2016-10-18 11:29 2003-02-19 表示 GitHub Exploit DB Packet Storm
353098 7.5 HIGH
hanterm hanterm-xf The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back … NVD-CWE-Other
CVE-2003-0077 2016-10-18 11:29 2003-03-18 表示 GitHub Exploit DB Packet Storm
353099 2.1 LOW
hanterm hanterm-xf The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the termina… NVD-CWE-Other
CVE-2003-0079 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm
353100 10.0 HIGH
oracle database_server
oracle8i
oracle9i 		Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable t… CWE-119
バッファエラー 		CVE-2003-0095 2016-10-18 11:29 2003-03-3 表示 GitHub Exploit DB Packet Storm