NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月23日4:00

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
356651	7.5	HIGH	digium	asterisk	SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.	NVD-CWE-Other	CVE-2003-0779	2008-09-11 04:20	2003-09-22	表示	GitHub Exploit DB Packet Storm

356652	10.0	HIGH	ibm	aix	Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, …	NVD-CWE-Other	CVE-2003-0784	2008-09-11 04:20	2003-10-6	表示	GitHub Exploit DB Packet Storm

356653	7.5	HIGH	brian_bassett	ipmasq	ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attacker…	NVD-CWE-Other	CVE-2003-0785	2008-09-11 04:20	2003-10-6	表示	GitHub Exploit DB Packet Storm

356654	10.0	HIGH	openbsd	openssh	The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote att…	NVD-CWE-Other	CVE-2003-0786	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356655	7.5	HIGH	openbsd	openssh	The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.	NVD-CWE-Other	CVE-2003-0787	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356656	4.3	MEDIUM	nokia	electronic_documentation	Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that co…	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2003-0801	2008-09-11 04:20	2003-10-6	表示	GitHub Exploit DB Packet Storm

356657	5.0	MEDIUM	nokia	electronic_documentation	Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a locati…	NVD-CWE-Other	CVE-2003-0802	2008-09-11 04:20	2003-10-6	表示	GitHub Exploit DB Packet Storm

356658	7.5	HIGH	nokia	electronic_documentation	Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.	NVD-CWE-Other	CVE-2003-0803	2008-09-11 04:20	2003-10-6	表示	GitHub Exploit DB Packet Storm

356659	5.0	MEDIUM	apple freebsd openbsd	mac_os_x mac_os_x_server freebsd openbsd	The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starv…	NVD-CWE-Other	CVE-2003-0804	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356660	4.6	MEDIUM	marbles	marbles	Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.	NVD-CWE-Other	CVE-2003-0830	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356661	5.0	MEDIUM	webfs	webfs	Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.	NVD-CWE-Other	CVE-2003-0832	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356662	7.5	HIGH	webfs	webfs	Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.	NVD-CWE-Other	CVE-2003-0833	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356663	5.0	MEDIUM	gnu washington_university	fileutils wu-ftpd	An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited v…	NVD-CWE-Other	CVE-2003-0853	2008-09-11 04:20	2003-11-17	表示	GitHub Exploit DB Packet Storm

356664	7.5	HIGH	apple	mac_os_x mac_os_x_server	Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system."	NVD-CWE-Other	CVE-2003-0871	2008-09-11 04:20	2003-11-3	表示	GitHub Exploit DB Packet Storm

356665	7.5	HIGH	minimalist	minimalist	Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands.	NVD-CWE-Other	CVE-2003-0902	2008-09-11 04:20	2004-02-3	表示	GitHub Exploit DB Packet Storm

356666	4.6	MEDIUM	omega-rpg	omega-rpg	Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable.	NVD-CWE-Other	CVE-2003-0932	2008-09-11 04:20	2003-12-15	表示	GitHub Exploit DB Packet Storm

356667	4.6	MEDIUM	conquest	conquest	Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable.	NVD-CWE-Other	CVE-2003-0933	2008-09-11 04:20	2003-12-1	表示	GitHub Exploit DB Packet Storm

356668	7.5	HIGH	mnogosearch	mnogosearch	Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.	NVD-CWE-Other	CVE-2003-0436	2008-09-11 04:19	2003-07-24	表示	GitHub Exploit DB Packet Storm

356669	7.5	HIGH	mnogosearch	mnogosearch	Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.	NVD-CWE-Other	CVE-2003-0437	2008-09-11 04:19	2003-07-24	表示	GitHub Exploit DB Packet Storm

356670	7.5	HIGH	cistron	radius_daemon	Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is…	NVD-CWE-Other	CVE-2003-0450	2008-09-11 04:19	2003-08-7	表示	GitHub Exploit DB Packet Storm

356671	7.5	HIGH	teapop	teapop	SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.	NVD-CWE-Other	CVE-2003-0515	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356672	7.5	HIGH	gert_doering	mgetty	cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller …	NVD-CWE-Other	CVE-2003-0516	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356673	4.6	MEDIUM	apple	mac_os_x mac_os_x_server	The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, poss…	NVD-CWE-Other	CVE-2003-0518	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356674	7.2	HIGH	xblockout	xbl	Buffer overflow in xbl 1.0k and earlier allows local users to gain privileges via a long -display command line option.	NVD-CWE-Other	CVE-2003-0535	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356675	7.5	HIGH	mozart	mozart	The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program.	NVD-CWE-Other	CVE-2003-0538	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356676	7.2	HIGH	sgi	irix	Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables…	NVD-CWE-Other	CVE-2003-0574	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356677	5.0	MEDIUM	sgi	irix	Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, …	NVD-CWE-Other	CVE-2003-0576	2008-09-11 04:19	2003-08-27	表示	GitHub Exploit DB Packet Storm

356678	7.5	HIGH	mpg123	mpg123	mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.	NVD-CWE-Other	CVE-2003-0577	2008-09-11 04:19	2003-08-18	表示	GitHub Exploit DB Packet Storm

356679	4.6	MEDIUM	cvsup sup	cvsup-mirror sup	sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0606	2008-09-11 04:19	2003-08-27	表示	GitHub Exploit DB Packet Storm

356680	5.0	MEDIUM	mcafee	epolicy_orchestrator	Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.	NVD-CWE-Other	CVE-2003-0610	2008-09-11 04:19	2003-08-27	表示	GitHub Exploit DB Packet Storm

356681	4.6	MEDIUM	zblast	zblast	Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.	NVD-CWE-Other	CVE-2003-0613	2008-09-11 04:19	2003-08-27	表示	GitHub Exploit DB Packet Storm

356682	5.0	MEDIUM	nokia	sgsn_dx200	SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings.	NVD-CWE-Other	CVE-2003-0137	2008-09-11 04:18	2003-03-18	表示	GitHub Exploit DB Packet Storm

356683	7.2	HIGH	mcafee	epolicy_orchestrator	The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username a…	NVD-CWE-Other	CVE-2003-0148	2008-09-11 04:18	2003-08-27	表示	GitHub Exploit DB Packet Storm

356684	7.5	HIGH	mcafee	epolicy_orchestrator	Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.	NVD-CWE-Other	CVE-2003-0149	2008-09-11 04:18	2003-08-27	表示	GitHub Exploit DB Packet Storm

356685	7.2	HIGH	apple	mac_os_x mac_os_x_server	DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a d…	NVD-CWE-Other	CVE-2003-0171	2008-09-11 04:18	2003-05-5	表示	GitHub Exploit DB Packet Storm

356686	7.2	HIGH	xfsdump sgi	xfsdump irix	xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.	NVD-CWE-Other	CVE-2003-0173	2008-09-11 04:18	2003-05-5	表示	GitHub Exploit DB Packet Storm

356687	6.4	MEDIUM	apple	mac_os_x mac_os_x_server	Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.	NVD-CWE-Other	CVE-2003-0198	2008-09-11 04:18	2003-05-5	表示	GitHub Exploit DB Packet Storm

356688	2.1	LOW	gs-common	gs-common	ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.	NVD-CWE-Other	CVE-2003-0207	2008-09-11 04:18	2003-05-5	表示	GitHub Exploit DB Packet Storm

356689	9.3	HIGH	cisco	catos	Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.	NVD-CWE-noinfo CWE-287 不適切な認証	CVE-2003-0216	2008-09-11 04:18	2003-05-12	表示	GitHub Exploit DB Packet Storm

356690	7.5	HIGH	happycgi	happymall	Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.	NVD-CWE-Other	CVE-2003-0243	2008-09-11 04:18	2003-05-27	表示	GitHub Exploit DB Packet Storm

356691	7.5	HIGH	kde	kopete	The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.	NVD-CWE-Other	CVE-2003-0256	2008-09-11 04:18	2003-05-27	表示	GitHub Exploit DB Packet Storm

356692	4.6	MEDIUM	fuzz	fuzz	fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.	NVD-CWE-Other	CVE-2003-0261	2008-09-11 04:18	2003-05-27	表示	GitHub Exploit DB Packet Storm

356693	7.5	HIGH	apple kde redhat turbolinux	safari konqueror_embedded kde linux turbolinux_server turbolinux_workstation	Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle atta…	NVD-CWE-Other	CVE-2003-0370	2008-09-11 04:18	2003-06-16	表示	GitHub Exploit DB Packet Storm

356694	5.0	MEDIUM	apple	darwin_streaming_server	Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters.	NVD-CWE-Other	CVE-2003-0422	2008-09-11 04:18	2003-08-27	表示	GitHub Exploit DB Packet Storm

356695	5.0	MEDIUM	apple	darwin_streaming_server	parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter.	NVD-CWE-Other	CVE-2003-0423	2008-09-11 04:18	2003-08-27	表示	GitHub Exploit DB Packet Storm

356696	5.0	MEDIUM	apple	darwin_streaming_server	Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the…	NVD-CWE-Other	CVE-2003-0424	2008-09-11 04:18	2003-08-27	表示	GitHub Exploit DB Packet Storm

356697	5.0	MEDIUM	apple	darwin_streaming_server	Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request.	NVD-CWE-Other	CVE-2003-0425	2008-09-11 04:18	2003-08-27	表示	GitHub Exploit DB Packet Storm

356698	7.2	HIGH	apc	apcupsd	Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.	NVD-CWE-Other	CVE-2003-0099	2008-09-11 04:17	2003-03-3	表示	GitHub Exploit DB Packet Storm

356699	1.2	LOW	jmcce mandrakesoft	jmcce mandrake_linux	jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.	NVD-CWE-Other	CVE-2002-2001	2008-09-11 04:16	2002-12-31	表示	GitHub Exploit DB Packet Storm

356700	7.2	HIGH	qnx	rtos	Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-…	NVD-CWE-Other	CVE-2002-2041	2008-09-11 04:16	2002-12-31	表示	GitHub Exploit DB Packet Storm