|
You can search the list of vulnerabilities managed by JVN (Japan Vulnerability Note). |
Update Date:July 1, 2026, 12:08 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 101 | 9.8 |
緊急
Network |
マイクロソフト | Azure Application Gateway | Azure Application Gateway の特権の昇格の脆弱性 |
CWE-121 CWE-787 Stack-based Buffer Overflow Out-of-bounds Write |
CVE-2025-64657 | 2025-12-10 14:30 | 2025-11-20 | Show | GitHub Exploit DB Packet Storm |
| 102 | 9.8 |
緊急
Network |
マイクロソフト | Azure Application Gateway | Azure Application Gateway Elevation of Privilege Vulnerability |
CWE-125
Out-of-bounds Read |
CVE-2025-64656 | 2025-12-10 12:28 | 2025-11-20 | Show | GitHub Exploit DB Packet Storm |
| 103 | 9.9 |
緊急
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるパストラバーサルの脆弱性 |
CWE-22
Path Traversal |
CVE-2025-54347 | 2025-12-9 13:43 | 2025-11-24 | Show | GitHub Exploit DB Packet Storm |
| 104 | 5.3 |
警告
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるハードコードされた認証情報の使用に関する脆弱性 |
CWE-798
Use of Hard-coded Credentials |
CVE-2025-54341 | 2025-12-9 11:14 | 2025-11-24 | Show | GitHub Exploit DB Packet Storm |
| 105 | 7.5 |
重要
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるアクセス制御に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-54563 | 2025-12-9 11:05 | 2025-11-24 | Show | GitHub Exploit DB Packet Storm |
| 106 | 9.6 |
緊急
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるアクセス制御に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-54343 | 2025-11-28 18:03 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 107 | 4.1 |
警告
Local |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server における暗号アルゴリズムの使用に関する脆弱性 |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2025-54340 | 2025-11-28 18:02 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 108 | 3.7 |
低
Network |
オラクル 日立 |
uCosminexus Client uCosminexus Application Server-R Hitachi Ops Center Analyzer viewpoint Hitachi Replication Manager Hitachi Application… |
Oracle Java SE および Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition における Libraries に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-61748 | 2025-11-27 11:50 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 109 | 7.5 |
重要
Network |
オラクル 日立 |
uCosminexus Client uCosminexus Application Server-R Hitachi Ops Center Analyzer viewpoint Hitachi Replication Manager Hitachi Application… |
Oracle Java SE および Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition における JAXP に関する脆弱性 |
CWE-200
Information Exposure |
CVE-2025-53066 | 2025-11-27 11:49 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 110 | 5.9 |
警告
Network |
オラクル 日立 |
uCosminexus Client uCosminexus Application Server-R Hitachi Ops Center Analyzer viewpoint Hitachi Replication Manager Hitachi Application… |
Oracle Java SE および Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition における Security に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-53057 | 2025-11-27 11:47 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 111 | 6.5 |
警告
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるクロスサイトスクリプティングの脆弱性 |
CWE-80
Basic XSS |
CVE-2025-54348 | 2025-11-26 15:21 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 112 | 7.6 |
重要
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるクロスサイトスクリプティングの脆弱性 |
CWE-80
Basic XSS |
CVE-2025-54346 | 2025-11-26 15:10 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 113 | 9.8 |
緊急
Network |
oretnom23 | Survey Application System in PHP and SQLite3 Source Code | oretnom23 の Survey Application System in PHP and SQLite3 Source Code における SQL インジェクションの脆弱性 |
CWE-74 CWE-89 CWE-89 Injection SQL Injection SQL Injection |
CVE-2025-13060 | 2025-11-26 10:27 | 2025-11-12 | Show | GitHub Exploit DB Packet Storm |
| 114 | 10 |
緊急
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるアクセス制御に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-54339 | 2025-11-26 09:56 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 115 | 3.3 |
低
Local |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server における重要な情報の平文保存に関する脆弱性 |
CWE-312
Cleartext Storage of Sensitive Information |
CVE-2025-54342 | 2025-11-26 09:56 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 116 | 7.5 |
重要
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server における情報漏えいに関する脆弱性 |
CWE-200
Information Exposure |
CVE-2025-54345 | 2025-11-26 09:53 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 117 | 3.7 |
低
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるパストラバーサルの脆弱性 |
CWE-22
Path Traversal |
CVE-2025-54559 | 2025-11-26 09:53 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 118 | 3.8 |
低
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるサーバサイドのリクエストフォージェリの脆弱性 |
CWE-918
Server-Side Request Forgery (SSRF) |
CVE-2025-54560 | 2025-11-26 09:53 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 119 | 4.3 |
警告
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるアクセス制御に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-54561 | 2025-11-26 09:53 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 120 | 9.8 |
緊急
Network |
IBM | IBM Maximo Application Suite | IBM の IBM Maximo Application Suite における根本の脆弱性による認証回避の脆弱性 |
CWE-305
Authentication Bypass by Primary Weakness |
CVE-2025-36386 | 2025-11-26 09:38 | 2025-10-28 | Show | GitHub Exploit DB Packet Storm |
| 121 | 4.3 |
警告
Network |
Desktop Alert Inc. | PingAlert Application Server | Desktop Alert Inc. の PingAlert Application Server におけるエラーメッセージによる情報漏えいに関する脆弱性 |
CWE-209
Information Exposure Through an Error Message |
CVE-2025-54562 | 2025-11-25 12:26 | 2025-11-14 | Show | GitHub Exploit DB Packet Storm |
| 122 | 9.8 |
緊急
Network |
oretnom23 | Survey Application System in PHP and SQLite3 Source Code | oretnom23 の Survey Application System in PHP and SQLite3 Source Code における SQL インジェクションの脆弱性 |
CWE-74 CWE-89 CWE-89 Injection SQL Injection SQL Injection |
CVE-2025-12929 | 2025-11-20 14:00 | 2025-11-10 | Show | GitHub Exploit DB Packet Storm |
| 123 | 4.8 |
警告
Network |
NetApp オラクル 日立 |
uCosminexus Service Platform(64) Hitachi Ops Center Analyzer viewpoint Hitachi Ops Center Automator Hitachi Replication Manager uCos… |
Oracle Java SE における Compiler に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-30691 | 2025-11-13 15:06 | 2025-04-15 | Show | GitHub Exploit DB Packet Storm |
| 124 | 7.5 |
重要
Network |
オラクル | Oracle Financial Services Analytical Applications Infrastructure | Oracle Financial Services Applications の Oracle Financial Services Analytical Applications Infrastructure における System Configuration に関する脆弱性 |
CWE-306
Missing Authentication for Critical Function |
CVE-2025-61756 | 2025-10-31 16:24 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 125 | 6.1 |
警告
Network |
オラクル |
Oracle E-Business Suite Oracle Applications Manager |
Oracle E-Business Suite の Oracle Applications Manager における Application Logging Interfaces に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-53058 | 2025-10-31 14:50 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 126 | 6.5 |
警告
Network |
オラクル | Oracle Financial Services Analytical Applications Infrastructure | Oracle Financial Services Applications の Oracle Financial Services Analytical Applications Infrastructure における Platform に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-53035 | 2025-10-31 14:13 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 127 | 4.3 |
警告
Network |
オラクル |
Oracle Applications Framework Oracle E-Business Suite |
Oracle E-Business Suite の Oracle Applications Framework における Personalization に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-53064 | 2025-10-30 18:09 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 128 | 5.4 |
警告
Network |
オラクル | Oracle Financial Services Analytical Applications Infrastructure | Oracle Financial Services Applications の Oracle Financial Services Analytical Applications Infrastructure における Platform に関する脆弱性 |
CWE-306
Missing Authentication for Critical Function |
CVE-2025-53034 | 2025-10-30 18:07 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 129 | 6.1 |
警告
Network |
languagesloth | The Language Sloth Web Application | languagesloth の The Language Sloth Web Application におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2025-45778 | 2025-10-30 16:15 | 2025-08-1 | Show | GitHub Exploit DB Packet Storm |
| 130 | 4.3 |
警告
Network |
オラクル |
Oracle E-Business Suite Oracle Applications Framework |
Oracle E-Business Suite の Oracle Applications Framework における Upload Attachments に関する脆弱性 |
CWE-284
Improper Access Control |
CVE-2025-53071 | 2025-10-29 16:49 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 131 | 9.8 |
緊急
Network |
オラクル | Oracle Financial Services Analytical Applications Infrastructure | Oracle Financial Services Applications の Oracle Financial Services Analytical Applications Infrastructure における Platform に関する脆弱性 |
CWE-306
Missing Authentication for Critical Function |
CVE-2025-53037 | 2025-10-29 15:10 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 132 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP Edge Gateway BIG-IP Global Traffic Manager (GTM) BIG-IP SSL Orchestrator big-ip next central manager BIG-IP Advanced&nbs… |
複数の F5 Networks 製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2025-54500 | 2025-10-28 16:15 | 2025-08-13 | Show | GitHub Exploit DB Packet Storm |
| 133 | 8.1 |
重要
Network |
オラクル | Oracle Financial Services Analytical Applications Infrastructure | Oracle Financial Services Applications の Oracle Financial Services Analytical Applications Infrastructure における Platform に関する脆弱性 |
CWE-862
Missing Authorization |
CVE-2025-61751 | 2025-10-28 14:48 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 134 | 6.5 |
警告
Network |
Zoho Corporation | manageengine applications manager | Zoho Corporation の ManageEngine Applications Manager における脆弱性 |
CWE-200 CWE-noinfo Information Exposure noinfo |
CVE-2025-6239 | 2025-10-28 14:02 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 135 | 8.6 |
重要
Network |
オラクル | Oracle Financial Services Analytical Applications Infrastructure | Oracle Financial Services Applications の Oracle Financial Services Analytical Applications Infrastructure における Platform に関する脆弱性 |
CWE-200
Information Exposure |
CVE-2025-53036 | 2025-10-27 17:20 | 2025-10-21 | Show | GitHub Exploit DB Packet Storm |
| 136 | 5.3 |
警告
Network |
SAP | netweaver application server java | SAP の netweaver application server java における重要な機能に対する認証の欠如に関する脆弱性 |
CWE-306
Missing Authentication for Critical Function |
CVE-2025-42926 | 2025-10-27 16:00 | 2025-09-9 | Show | GitHub Exploit DB Packet Storm |
| 137 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP DDoS Hybrid Defender BIG-IP Domain Name System (DNS) big-ip automation toolchain BIG-IP Application Visibility and Rep… |
複数の F5 Networks 製品における例外的な状況に対する不適切なチェックまたは処理に関する脆弱性 |
CWE-667 CWE-703 Improper Locking Improper Check or Handling of Exceptional Conditions |
CVE-2025-58153 | 2025-10-24 10:57 | 2025-10-15 | Show | GitHub Exploit DB Packet Storm |
| 138 | 5.3 |
警告
Network |
F5 Networks |
BIG-IP DDoS Hybrid Defender BIG-IP Domain Name System (DNS) big-ip automation toolchain BIG-IP Application Visibility and Rep… |
複数の F5 Networks 製品における予測可能な数字や識別子の生成に関する脆弱性 |
CWE-340
Generation of Predictable Numbers or Identifiers |
CVE-2025-58424 | 2025-10-24 10:57 | 2025-10-15 | Show | GitHub Exploit DB Packet Storm |
| 139 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP DDoS Hybrid Defender BIG-IP Domain Name System (DNS) big-ip automation toolchain BIG-IP Application Visibility and Rep… |
複数の F5 Networks 製品における不完全なクリーンアップに関する脆弱性 |
CWE-459
Incomplete Cleanup |
CVE-2025-59781 | 2025-10-24 10:35 | 2025-10-15 | Show | GitHub Exploit DB Packet Storm |
| 140 | 7.5 |
重要
Network |
F5 Networks | BIG-IP Application Security Manager (ASM) | F5 Networks の BIG-IP Application Security Manager (ASM) における有効期限後または解放後のリソースの操作に関する脆弱性 |
CWE-672 CWE-672 Operation on a Resource after Expiration or Release Operation on a Resource after Expiration or Release |
CVE-2025-55669 | 2025-10-24 10:09 | 2025-10-15 | Show | GitHub Exploit DB Packet Storm |
| 141 | 5.3 |
警告
Network |
F5 Networks |
BIG-IP Advanced Web Application Firewall (WAF) BIG-IP Application Security Manager (ASM) |
F5 Networks の BIG-IP Advanced Web Application Firewall (WAF) および BIG-IP Application Security Manager (ASM) における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2025-58474 | 2025-10-24 10:09 | 2025-10-15 | Show | GitHub Exploit DB Packet Storm |
| 142 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品における NULL ポインタデリファレンスに関する脆弱性 |
CWE-476
NULL Pointer Dereference |
CVE-2024-25560 | 2025-10-23 14:49 | 2024-05-8 | Show | GitHub Exploit DB Packet Storm |
| 143 | 4.7 |
警告
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2024-27202 | 2025-10-23 14:49 | 2024-05-8 | Show | GitHub Exploit DB Packet Storm |
| 144 | 5.9 |
警告
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品における期限切れのポインタデリファレンスに関する脆弱性 |
CWE-825
Expired Pointer Dereference |
CVE-2024-28889 | 2025-10-23 14:49 | 2024-05-8 | Show | GitHub Exploit DB Packet Storm |
| 145 | 8 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2024-31156 | 2025-10-23 14:49 | 2024-05-8 | Show | GitHub Exploit DB Packet Storm |
| 146 | 8.8 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品における OS コマンドインジェクションの脆弱性 |
CWE-78
OS Command |
CVE-2025-20029 | 2025-10-23 14:49 | 2025-02-5 | Show | GitHub Exploit DB Packet Storm |
| 147 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品におけるリソースの枯渇に関する脆弱性 |
CWE-400
Uncontrolled Resource Consumption |
CVE-2025-20058 | 2025-10-23 14:49 | 2025-02-5 | Show | GitHub Exploit DB Packet Storm |
| 148 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品におけるリソースの枯渇に関する脆弱性 |
CWE-400
Uncontrolled Resource Consumption |
CVE-2025-21087 | 2025-10-23 14:49 | 2025-02-5 | Show | GitHub Exploit DB Packet Storm |
| 149 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品における有効期限後のメモリの解放の欠如に関する脆弱性 |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2025-21091 | 2025-10-23 14:49 | 2025-02-5 | Show | GitHub Exploit DB Packet Storm |
| 150 | 8 |
重要
Network |
F5 Networks |
BIG-IP SSL Orchestrator BIG-IP Fraud Protection Service (FPS) BIG-IP Application Visibility and Reporting BIG-IP Local Traffic&nbs… |
複数の F5 Networks 製品におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2025-24320 | 2025-10-23 14:49 | 2025-02-5 | Show | GitHub Exploit DB Packet Storm |