JVN Vulnerability Search Top
Show Search Menu
|
You can search the list of vulnerabilities managed by JVN (Japan Vulnerability Note). |
Update Date:May 10, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 4951 | - |
-
|
Rockwell Automation | Verve Asset Manager | Rockwell Automation製Verve Asset Managerにおける複数の脆弱性 |
CWE-312 CWE-922 Cleartext Storage of Sensitive Information Insecure Storage of Sensitive Information |
CVE-2025-14376 CVE-2025-14377 |
2026-01-23 10:52 | 2026-01-22 | Show | GitHub Exploit DB Packet Storm |
| 4952 | - |
-
|
Schneider Electric クアルコム |
EcoStruxure Foxboro DCS V91 DCS Virtualization Server EcoStruxure Foxboro H92 DCS Standard Workstation (複数の製品) |
複数のSchneider Electric製品における複数の脆弱性 |
CWE-119 CWE-121 CWE-1288 CWE-20 CWE-200 CWE-307 CWE-354 CWE-427 CWE-552 CWE-668 CWE-787 CWE-822 CWE-924 Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow Improper Validation of Consistency within Input Improper Input Validation Information Exposure mproper Restriction of Excessive Authentication Attempts Improper Validation of Integrity Check Value Uncontrolled Search Path Element Files or Directories Accessible to External Parties Exposure of Resource to Wrong Sphere Out-of-bounds Write Untrusted Pointer Dereference Improper Enforcement of Message Integrity During Transmission in a Communication Channel |
CVE-2018-12130 CVE-2022-4046 CVE-2022-47378 CVE-2022-47379 CVE-2022-47380 CVE-2022-47381 CVE-2022-47382 CVE-2022-47383 CVE-2022-47384 CVE-2022-47385 CVE-2022-47386 CV… |
2026-01-23 10:52 | 2026-01-22 | Show | GitHub Exploit DB Packet Storm |
| 4953 | - |
-
|
クアルコム | (複数の製品) | PRIMERGYが搭載する「iRMC S5/S6」における不適切な権限設定の脆弱性 |
CWE-863
Incorrect Authorization |
CVE-2025-65002 | 2026-01-23 10:52 | 2026-01-22 | Show | GitHub Exploit DB Packet Storm |
| 4954 | - |
-
|
トレンドマイクロ | Apex Central | Trend Micro Apex Centralにおける複数の脆弱性(2026年1月) | - |
CVE-2025-69258 CVE-2025-69259 CVE-2025-69260 |
2026-01-23 10:52 | 2026-01-22 | Show | GitHub Exploit DB Packet Storm |
| 4955 | - |
-
|
ISC, Inc. | BIND | ISC BINDにサービス運用妨害(DoS)につながる脆弱性(CVE-2025-13878) |
CWE-617
Reachable Assertion |
CVE-2025-13878 | 2026-01-23 10:52 | 2026-01-22 | Show | GitHub Exploit DB Packet Storm |
| 4956 | 5.3 |
警告
Network |
Haxx | cURL | HaxxのcURLにおける不特定の脆弱性 |
CWE-noinfo
noinfo |
CVE-2025-10148 | 2026-01-22 11:35 | 2025-09-12 | Show | GitHub Exploit DB Packet Storm |
| 4957 | 4.3 |
警告
Network |
Haxx | cURL | HaxxのcURLにおける不特定の脆弱性 |
CWE-noinfo
noinfo |
CVE-2025-10966 | 2026-01-22 11:35 | 2025-11-7 | Show | GitHub Exploit DB Packet Storm |
| 4958 | 5.9 |
警告
Network |
Haxx | cURL | HaxxのcURLにおける証明書検証に関する脆弱性 |
CWE-295
Improper Certificate Validation |
CVE-2025-13034 | 2026-01-22 11:34 | 2026-01-8 | Show | GitHub Exploit DB Packet Storm |
| 4959 | 5.3 |
警告
Network |
Haxx | cURL | HaxxのcURLにおけるオープンリダイレクトの脆弱性 |
CWE-601
Open Redirect |
CVE-2025-14524 | 2026-01-22 11:34 | 2026-01-8 | Show | GitHub Exploit DB Packet Storm |
| 4960 | 8 |
重要
Adjacent |
TP-LINK Technologies | TL-WA850RE ファームウェア | TP-LINK TechnologiesのTL-WA850RE ファームウェアにおけるOS コマンドインジェクションの脆弱性 |
CWE-78
OS Command |
CVE-2025-14737 | 2026-01-22 11:34 | 2025-12-18 | Show | GitHub Exploit DB Packet Storm |
| 4961 | 5.3 |
警告
Network |
Haxx | cURL | HaxxのcURLにおける証明書検証に関する脆弱性 |
CWE-295
Improper Certificate Validation |
CVE-2025-14819 | 2026-01-22 11:34 | 2026-01-8 | Show | GitHub Exploit DB Packet Storm |
| 4962 | 5.3 |
警告
Network |
Haxx | cURL | HaxxのcURLにおけるホストの不一致による証明書の検証に関する脆弱性 |
CWE-297
Improper Validation of Certificate with Host Mismatch |
CVE-2025-15079 | 2026-01-22 11:34 | 2026-01-8 | Show | GitHub Exploit DB Packet Storm |
| 4963 | 7.5 |
重要
Network |
Tozed Kangwei Tech Co.,Ltd. | ZLT M30S Firmware | Tozed Kangwei Tech Co.,Ltd.のZLT M30S Firmwareにおける複数の脆弱性 |
CWE-200 CWE-284 CWE-noinfo Information Exposure Improper Access Control noinfo |
CVE-2025-15082 | 2026-01-22 11:34 | 2025-12-25 | Show | GitHub Exploit DB Packet Storm |
| 4964 | 4.6 |
警告
Physics |
Tozed Kangwei Tech Co.,Ltd. | ZLT M30S Firmware | Tozed Kangwei Tech Co.,Ltd.のZLT M30S Firmwareにおけるアクセス制御を行うオンチップデバッグおよびテストインターフェースに関する脆弱性 |
CWE-1191
On-Chip Debug and Test Interface With Improper Access Control |
CVE-2025-15083 | 2026-01-22 11:34 | 2025-12-25 | Show | GitHub Exploit DB Packet Storm |
| 4965 | 3.1 |
低
Network |
Haxx | cURL | HaxxのcURLにおける認証に関する脆弱性 |
CWE-287
Improper Authentication |
CVE-2025-15224 | 2026-01-22 11:34 | 2026-01-8 | Show | GitHub Exploit DB Packet Storm |
| 4966 | 5.3 |
警告
Local |
Quest Software Inc. | KACE Desktop Authority | Quest Software Inc.のKACE Desktop Authorityにおける不適切なデフォルトパーミッションに関する脆弱性 |
CWE-276
Incorrect Default Permissions |
CVE-2025-67813 | 2026-01-22 11:34 | 2026-01-12 | Show | GitHub Exploit DB Packet Storm |
| 4967 | 6.1 |
警告
Network |
Paessler AG | PRTG Network Monitor | Paessler AGのPRTG Network Monitorにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2025-67833 | 2026-01-22 11:34 | 2026-01-14 | Show | GitHub Exploit DB Packet Storm |
| 4968 | 5.4 |
警告
Network |
Paessler AG | PRTG Network Monitor | Paessler AGのPRTG Network Monitorにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2025-67834 | 2026-01-22 11:34 | 2026-01-14 | Show | GitHub Exploit DB Packet Storm |
| 4969 | 6.5 |
警告
Network |
Paessler AG | PRTG Network Monitor | Paessler AGのPRTG Network Monitorにおけるリソースの枯渇に関する脆弱性 |
CWE-400
Uncontrolled Resource Consumption |
CVE-2025-67835 | 2026-01-22 11:34 | 2026-01-14 | Show | GitHub Exploit DB Packet Storm |
| 4970 | 7.5 |
重要
Network |
Haxx Debian |
Debian GNU/Linux cURL |
Debian等の複数ベンダの製品における境界外読み取りに関する脆弱性 |
CWE-125
Out-of-bounds Read |
CVE-2025-9086 | 2026-01-22 11:34 | 2025-09-12 | Show | GitHub Exploit DB Packet Storm |
| 4971 | 7.8 |
重要
Local |
UPDF | UPDF | UPDFにおける制御されていない検索パスの要素に関する脆弱性 |
CWE-427
Uncontrolled Search Path Element |
CVE-2025-10215 | 2026-01-22 11:34 | 2025-09-10 | Show | GitHub Exploit DB Packet Storm |
| 4972 | 6.5 |
警告
Network |
Quanta Computer Inc. | QOCA aim AI Medical Cloud Platform | Quanta Computer Inc.のQOCA aim AI Medical Cloud Platformにおける認証の欠如に関する脆弱性 |
CWE-862
Missing Authorization |
CVE-2025-15235 | 2026-01-22 11:34 | 2026-01-5 | Show | GitHub Exploit DB Packet Storm |
| 4973 | 4.3 |
警告
Network |
Quanta Computer Inc. | QOCA aim AI Medical Cloud Platform | Quanta Computer Inc.のQOCA aim AI Medical Cloud Platformにおける絶対パストラバーサルに関する脆弱性 |
CWE-36
Absolute Path Traversal |
CVE-2025-15236 | 2026-01-22 11:34 | 2026-01-5 | Show | GitHub Exploit DB Packet Storm |
| 4974 | 4.3 |
警告
Network |
Quanta Computer Inc. | QOCA aim AI Medical Cloud Platform | Quanta Computer Inc.のQOCA aim AI Medical Cloud Platformにおける絶対パストラバーサルに関する脆弱性 |
CWE-36
Absolute Path Traversal |
CVE-2025-15237 | 2026-01-22 11:34 | 2026-01-5 | Show | GitHub Exploit DB Packet Storm |
| 4975 | 6.5 |
警告
Network |
Quanta Computer Inc. | QOCA aim AI Medical Cloud Platform | Quanta Computer Inc.のQOCA aim AI Medical Cloud PlatformにおけるSQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2025-15238 | 2026-01-22 11:34 | 2026-01-5 | Show | GitHub Exploit DB Packet Storm |
| 4976 | 6.5 |
警告
Network |
Quanta Computer Inc. | QOCA aim AI Medical Cloud Platform | Quanta Computer Inc.のQOCA aim AI Medical Cloud PlatformにおけるSQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2025-15239 | 2026-01-22 11:34 | 2026-01-5 | Show | GitHub Exploit DB Packet Storm |
| 4977 | 8.8 |
重要
Network |
Quanta Computer Inc. | QOCA aim AI Medical Cloud Platform | Quanta Computer Inc.のQOCA aim AI Medical Cloud Platformにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2025-15240 | 2026-01-22 11:34 | 2026-01-5 | Show | GitHub Exploit DB Packet Storm |
| 4978 | 4.8 |
警告
Network |
WPEverest |
User Registration & Membership - Custom Registration Form Login Form and User Profile |
WPEverestのWordPress用User Registration & Membership - Custom Registration Form, Login Form, and User Profileにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2025-30899 | 2026-01-22 11:34 | 2025-03-27 | Show | GitHub Exploit DB Packet Storm |
| 4979 | 7.5 |
重要
Network |
ヒューレット・パッカード | HP Universal Print Driver | ヒューレット・パッカードのHP Universal Print Driverにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-121
Stack-based Buffer Overflow |
CVE-2025-43025 | 2026-01-22 11:34 | 2025-07-2 | Show | GitHub Exploit DB Packet Storm |
| 4980 | 9.8 |
緊急
Network |
Eclipse Foundation | Eclipse ThreadX FileX | Eclipse FoundationのEclipse ThreadX FileXにおけるバッファエラーの脆弱性 |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2025-55089 | 2026-01-22 11:34 | 2025-10-16 | Show | GitHub Exploit DB Packet Storm |
| 4981 | 7.5 |
重要
Network |
JetBrains | Junie | JetBrainsのJunieにおけるユーザによる危険なアクションに対する警告の非表示に関する脆弱性 |
CWE-356
Product UI does not Warn User of Unsafe Actions |
CVE-2025-58335 | 2026-01-22 11:34 | 2025-08-28 | Show | GitHub Exploit DB Packet Storm |
| 4982 | 9.8 |
緊急
Network |
JetBrains | Junie | JetBrainsのJunieにおけるコマンドインジェクションの脆弱性 |
CWE-77
Command Injection |
CVE-2025-59458 | 2026-01-22 11:33 | 2025-09-17 | Show | GitHub Exploit DB Packet Storm |
| 4983 | 7.5 |
重要
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおける暗号アルゴリズムの使用に関する脆弱性 |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2025-68698 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4984 | 7.5 |
重要
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおける複数の脆弱性 |
CWE-327 CWE-340 Use of a Broken or Risky Cryptographic Algorithm Generation of Predictable Numbers or Identifiers |
CVE-2025-68701 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4985 | 7.5 |
重要
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおける暗号アルゴリズムの使用に関する脆弱性 |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2025-68702 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4986 | 7.5 |
重要
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおける暗号強度に関する脆弱性 |
CWE-326
Inadequate Encryption Strength |
CVE-2025-68703 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4987 | 7.5 |
重要
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおける不十分なランダム値の使用に関する脆弱性 |
CWE-330
Use of Insufficiently Random Values |
CVE-2025-68704 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4988 | 5.3 |
警告
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおけるデジタル署名の検証に関する脆弱性 |
CWE-347
Improper Verification of Cryptographic Signature |
CVE-2025-68925 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4989 | 7.5 |
重要
Network |
Samrocketman (Sam Gleske) | Jervis | Samrocketman (Sam Gleske)のJervisにおける複数の脆弱性 |
CWE-287 CWE-327 Improper Authentication Use of a Broken or Risky Cryptographic Algorithm |
CVE-2025-68931 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4990 | 7.5 |
重要
Network |
マイクロソフト | azure_sdk_for_python | Python 用の Azure Core 共有クライアント ライブラリのリモートでコードが実行される脆弱性 |
CWE-502
Deserialization of Untrusted Data |
CVE-2026-21226 | 2026-01-22 11:33 | 2026-01-13 | Show | GitHub Exploit DB Packet Storm |
| 4991 | 7.3 |
重要
Network |
uchicago (The University of Chicago) | Parsl | uchicago (The University of Chicago)のParslにおけるSQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2026-21892 | 2026-01-22 11:33 | 2026-01-8 | Show | GitHub Exploit DB Packet Storm |
| 4992 | 7.5 |
重要
Network |
Svelte project | devalue | Svelte projectのdevalueにおける非対称のリソース消費に関する脆弱性 |
CWE-405
Asymmetric Resource Consumption (Amplification) |
CVE-2026-22774 | 2026-01-22 11:33 | 2026-01-15 | Show | GitHub Exploit DB Packet Storm |
| 4993 | 7.5 |
重要
Network |
Svelte project | devalue | Svelte projectのdevalueにおける非対称のリソース消費に関する脆弱性 |
CWE-405
Asymmetric Resource Consumption (Amplification) |
CVE-2026-22775 | 2026-01-22 11:33 | 2026-01-15 | Show | GitHub Exploit DB Packet Storm |
| 4994 | 3.1 |
低
Network |
OutRay | Outray | OutRayのOutrayにおけるスレッド内の競合状態に関する脆弱性 |
CWE-366
Race Condition within a Thread |
CVE-2026-22819 | 2026-01-22 11:33 | 2026-01-14 | Show | GitHub Exploit DB Packet Storm |
| 4995 | 3.7 |
低
Network |
OutRay | Outray | OutRayのOutrayにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2026-22820 | 2026-01-22 11:33 | 2026-01-14 | Show | GitHub Exploit DB Packet Storm |
| 4996 | 5.5 |
警告
Local |
Linux | Linux Kernel | LinuxのLinux KernelにおけるNULL ポインタデリファレンスに関する脆弱性 |
CWE-476
NULL Pointer Dereference |
CVE-2022-50425 | 2026-01-22 11:33 | 2025-10-1 | Show | GitHub Exploit DB Packet Storm |
| 4997 | 5.5 |
警告
Local |
Linux | Linux Kernel | LinuxのLinux Kernelにおける不特定の脆弱性 |
CWE-noinfo
noinfo |
CVE-2022-50426 | 2026-01-22 11:33 | 2025-10-1 | Show | GitHub Exploit DB Packet Storm |
| 4998 | 5.5 |
警告
Local |
Linux | Linux Kernel | LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2022-50427 | 2026-01-22 11:33 | 2025-10-1 | Show | GitHub Exploit DB Packet Storm |
| 4999 | 5.5 |
警告
Local |
Linux | Linux Kernel | LinuxのLinux Kernelにおける境界条件の判定に関する脆弱性 |
CWE-193
Off-by-one Error |
CVE-2022-50428 | 2026-01-22 11:33 | 2025-10-1 | Show | GitHub Exploit DB Packet Storm |
| 5000 | 5.5 |
警告
Local |
Linux | Linux Kernel | LinuxのLinux Kernelにおける有効期限後のメモリの解放の欠如に関する脆弱性 |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2022-50431 | 2026-01-22 11:33 | 2025-10-1 | Show | GitHub Exploit DB Packet Storm |