|
You can search the list of vulnerabilities managed by JVN (Japan Vulnerability Note). |
Update Date:July 1, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 351 | 7.5 |
重要
Network |
XWiki | Confluence Migrator Application (Pro) | XWiki の Xwiki 用 Confluence Migrator Application (Pro) における脆弱性 |
CWE-200 CWE-noinfo Information Exposure noinfo |
CVE-2025-27604 | 2025-03-14 17:56 | 2025-03-7 | Show | GitHub Exploit DB Packet Storm |
| 352 | 7 |
重要
Network |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server における XML 外部エンティティの脆弱性 |
CWE-611
XXE |
CVE-2024-22354 | 2025-03-10 10:35 | 2024-04-16 | Show | GitHub Exploit DB Packet Storm |
| 353 | 9.8 |
緊急
Network |
1000projects | Human Resource Management System PHP & MySQL Web Application Project | 1000projects の Human Resource Management System PHP & MySQL Web Application Project における SQL インジェクションの脆弱性 |
CWE-74 CWE-89 CWE-89 Injection SQL Injection SQL Injection |
CVE-2024-13006 | 2025-03-7 16:50 | 2024-12-29 | Show | GitHub Exploit DB Packet Storm |
| 354 | 4.3 |
警告
Adjacent |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server におけるサーバサイドのリクエストフォージェリの脆弱性 |
CWE-918
Server-Side Request Forgery (SSRF) |
CVE-2024-22329 | 2025-03-7 11:30 | 2024-04-17 | Show | GitHub Exploit DB Packet Storm |
| 355 | 6.1 |
警告
Network |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2024-27270 | 2025-03-6 16:03 | 2024-03-26 | Show | GitHub Exploit DB Packet Storm |
| 356 | 7.5 |
重要
Network |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2024-25026 | 2025-03-4 11:25 | 2024-04-24 | Show | GitHub Exploit DB Packet Storm |
| 357 | 3.7 |
低
Network |
日立 オラクル NetApp |
Hitachi Infrastructure Analytics Advisor uCosminexus Client Hitachi Developer's Kit for Java uCosminexus Application Server(64) JDK Hi… |
Oracle Java SE および Oracle GraalVM Enterprise Edition における Concurrency に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2024-21144 | 2025-02-28 13:53 | 2024-07-16 | Show | GitHub Exploit DB Packet Storm |
| 358 | 7.5 |
重要
Network |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2024-27268 | 2025-02-28 13:48 | 2024-04-3 | Show | GitHub Exploit DB Packet Storm |
| 359 | 4.8 |
警告
Network |
日立 オラクル NetApp |
Hitachi Infrastructure Analytics Advisor uCosminexus Client Hitachi Developer's Kit for Java uCosminexus Application Server(64) JDK Hi… |
Oracle Java SE および Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition における 2D に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2024-21145 | 2025-02-28 13:43 | 2024-07-16 | Show | GitHub Exploit DB Packet Storm |
| 360 | 5.3 |
警告
Adjacent |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server における暗号アルゴリズムの使用に関する脆弱性 |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2023-50312 | 2025-02-27 18:08 | 2023-12-7 | Show | GitHub Exploit DB Packet Storm |
| 361 | 3.7 |
低
Network |
オラクル 日立 NetApp |
uCosminexus Service Platform Hitachi Device Manager Hitachi Replication Manager uCosminexus Developer Oracle GraalVM Hitachi Tuning Ma… |
Oracle Java SE および Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition における Hotspot に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2024-21138 | 2025-02-27 17:54 | 2024-07-16 | Show | GitHub Exploit DB Packet Storm |
| 362 | 3.7 |
低
Network |
オラクル 日立 NetApp |
uCosminexus Service Platform Hitachi Device Manager Hitachi Replication Manager uCosminexus Developer Oracle GraalVM Hitachi Tuning Ma… |
Oracle Java SE および Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition における Hotspot に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2024-21131 | 2025-02-27 17:49 | 2024-07-16 | Show | GitHub Exploit DB Packet Storm |
| 363 | 9.8 |
緊急
Network |
netentsec | application security gateway | netentsec の application security gateway における SQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2024-2646 | 2025-01-31 14:50 | 2024-03-19 | Show | GitHub Exploit DB Packet Storm |
| 364 | 9.8 |
緊急
Network |
netentsec | application security gateway | netentsec の application security gateway における SQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2024-2649 | 2025-01-31 14:50 | 2024-03-20 | Show | GitHub Exploit DB Packet Storm |
| 365 | 5.3 |
警告
Network |
netentsec | application security gateway | netentsec の application security gateway におけるブラインド XPath インジェクションの脆弱性 |
CWE-643 CWE-91 XPath Injection Blind XPath Injection |
CVE-2024-2648 | 2025-01-31 11:43 | 2024-03-19 | Show | GitHub Exploit DB Packet Storm |
| 366 | 5.3 |
警告
Network |
netentsec | application security gateway | netentsec の application security gateway におけるブラインド XPath インジェクションの脆弱性 |
CWE-643 CWE-91 XPath Injection Blind XPath Injection |
CVE-2024-2645 | 2025-01-31 10:48 | 2024-03-19 | Show | GitHub Exploit DB Packet Storm |
| 367 | 7.5 |
重要
Network |
Apache Software Foundation Fedora Project 日立 |
uCosminexus Service Architect Apache HTTP Server uCosminexus Developer Cosminexus HTTP Server Fedora uCosminexus Service Platform uCosmi… |
Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2024-27316 | 2025-01-30 15:28 | 2024-04-4 | Show | GitHub Exploit DB Packet Storm |
| 368 | 9.8 |
緊急
Network |
Apache Software Foundation 日立 |
Hitachi Application Server for Developers uCosminexus Developer Hitachi Web Server uCosminexus Application Server Express uCosminexus&nbs… |
Apache Software Foundation の Apache HTTP Server 等複数ベンダの製品における脆弱性 |
CWE-noinfo
noinfo |
CVE-2024-38476 | 2025-01-30 15:19 | 2024-07-1 | Show | GitHub Exploit DB Packet Storm |
| 369 | 9.8 |
緊急
Network |
netentsec | application security gateway | netentsec の application security gateway における SQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2024-5773 | 2025-01-30 11:55 | 2024-06-9 | Show | GitHub Exploit DB Packet Storm |
| 370 | 9.8 |
緊急
Network |
netentsec | application security gateway | netentsec の application security gateway における SQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2024-5772 | 2025-01-30 09:36 | 2024-06-9 | Show | GitHub Exploit DB Packet Storm |
| 371 | 7.8 |
重要
Local |
Ivanti | Ivanti Application Control | Ivanti の Ivanti Application Control における不適切なデフォルトパーミッションに関する脆弱性 |
CWE-276 CWE-276 Incorrect Default Permissions Incorrect Default Permissions |
CVE-2024-11598 | 2025-01-24 17:18 | 2024-12-11 | Show | GitHub Exploit DB Packet Storm |
| 372 | 9.6 |
緊急
Network |
F5 Networks |
BIG-IP Advanced Firewall Manager (AFM) BIG-IP Analytics BIG-IP Link Controller BIG-IP Application Security Manager (ASM) BIG-IP … |
複数の F5 Networks 製品におけるコマンドインジェクションの脆弱性 |
CWE-77 CWE-77 Command Injection Command Injection |
CVE-2024-22093 | 2025-01-24 11:55 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 373 | 4.4 |
警告
Local |
F5 Networks |
BIG-IP Advanced Firewall Manager (AFM) BIG-IP Analytics BIG-IP Link Controller BIG-IP Application Security Manager (ASM) BIG-IP … |
複数の F5 Networks 製品における脆弱性 |
CWE-266 CWE-noinfo Incorrect Privilege Assignment noinfo |
CVE-2024-23976 | 2025-01-24 11:55 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 374 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP Application Security Manager (ASM) BIG-IP Advanced Web Application Firewall (WAF) |
F5 Networks の BIG-IP Advanced Web Application Firewall (WAF) および BIG-IP Application Security Manager (ASM) におけるバッファサイズの計算の誤りに関する脆弱性 |
CWE-131 CWE-131 Incorrect Calculation of Buffer Size Incorrect Calculation of Buffer Size |
CVE-2024-23805 | 2025-01-24 11:45 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 375 | 6.7 |
警告
Local |
F5 Networks |
BIG-IP Advanced Firewall Manager (AFM) BIG-IP Analytics BIG-IP Link Controller BIG-IP Application Security Manager (ASM) BIG-IP … |
複数の F5 Networks 製品における OS コマンドインジェクションの脆弱性 |
CWE-78 CWE-78 OS Command OS Command |
CVE-2024-21782 | 2025-01-24 10:43 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 376 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP Advanced Firewall Manager (AFM) BIG-IP Analytics BIG-IP Link Controller BIG-IP Application Security Manager (ASM) BIG-IP … |
複数の F5 Networks 製品における脆弱性 |
CWE-908 CWE-noinfo Use of Uninitialized Resource noinfo |
CVE-2024-23314 | 2025-01-24 10:25 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 377 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP Advanced Firewall Manager (AFM) BIG-IP Analytics BIG-IP Link Controller BIG-IP Application Security Manager (ASM) BIG-IP … |
複数の F5 Networks 製品における制限またはスロットリング無しのリソースの割り当てに関する脆弱性 |
CWE-770 CWE-770 Allocation of Resources Without Limits or Throttling Allocation of Resources Without Limits or Throttling |
CVE-2024-23979 | 2025-01-24 10:24 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 378 | 6.5 |
警告
Network |
F5 Networks |
BIG-IP Access Policy Manager (APM) BIG-IP Fraud Protection Service (FPS) BIG-IP Application Security Manager (ASM) BIG-IP Adv… |
複数の F5 Networks 製品における脆弱性 |
CWE-613 CWE-noinfo Insufficient Session Expiration noinfo |
CVE-2024-22389 | 2025-01-24 09:56 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 379 | 7.5 |
重要
Network |
F5 Networks |
BIG-IP Access Policy Manager (APM) BIG-IP Fraud Protection Service (FPS) BIG-IP Application Security Manager (ASM) BIG-IP Adv… |
複数の F5 Networks 製品における NULL ポインタデリファレンスに関する脆弱性 |
CWE-476 CWE-476 NULL Pointer Dereference NULL Pointer Dereference |
CVE-2024-24775 | 2025-01-24 09:35 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 380 | 8.8 |
重要
Network |
F5 Networks |
BIG-IP Application Security Manager (ASM) BIG-IP Advanced Web Application Firewall (WAF) |
F5 Networks の BIG-IP Application Security Manager (ASM) および BIG-IP Advanced Web Application Firewall (WAF) における SQL インジェクションの脆弱性 |
CWE-89 CWE-89 SQL Injection SQL Injection |
CVE-2024-23603 | 2025-01-24 09:34 | 2024-02-14 | Show | GitHub Exploit DB Packet Storm |
| 381 | 9.8 |
緊急
Network |
netentsec | application security gateway | netentsec の application security gateway における SQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2024-2022 | 2025-01-22 15:12 | 2024-03-1 | Show | GitHub Exploit DB Packet Storm |
| 382 | 9.8 |
緊急
Network |
netentsec | application security gateway | netentsec の application security gateway における SQL インジェクションの脆弱性 |
CWE-89
SQL Injection |
CVE-2024-2021 | 2025-01-22 13:39 | 2024-03-1 | Show | GitHub Exploit DB Packet Storm |
| 383 | 6.4 |
警告
Network |
IBM | IBM Maximo Application Suite | IBM の IBM Maximo Application Suite におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
Cross-site Scripting |
CVE-2023-38723 | 2025-01-20 09:53 | 2023-08-1 | Show | GitHub Exploit DB Packet Storm |
| 384 | 7.5 |
重要
Network |
IBM | IBM Maximo Application Suite | IBM の IBM Maximo Application Suite におけるパストラバーサルの脆弱性 |
CWE-22
Path Traversal |
CVE-2024-22328 | 2025-01-15 12:10 | 2024-04-5 | Show | GitHub Exploit DB Packet Storm |
| 385 | 7.5 |
重要
Network |
IBM |
IBM Maximo Asset Management IBM Maximo Application Suite |
IBM の IBM Maximo Application Suite および IBM Maximo Asset Management における脆弱性 |
CWE-598 CWE-Other Information Exposure Through Query Strings in GET Request Other |
CVE-2023-32335 | 2025-01-15 11:02 | 2023-05-8 | Show | GitHub Exploit DB Packet Storm |
| 386 | 5.5 |
警告
Local |
マイクロソフト | Microsoft Intune Mobile Application Management | Microsoft Intune for Android モバイル アプリケーション管理の改ざんの脆弱性 |
CWE-284 CWE-noinfo Improper Access Control noinfo |
CVE-2024-30059 | 2025-01-10 13:49 | 2024-05-14 | Show | GitHub Exploit DB Packet Storm |
| 387 | 4.8 |
警告
Network |
IBM | IBM WebSphere Application Server | IBM の IBM WebSphere Application Server におけるクロスサイトスクリプティングの脆弱性 |
CWE-79 CWE-79 Cross-site Scripting Cross-site Scripting |
CVE-2024-45073 | 2025-01-8 11:03 | 2024-09-30 | Show | GitHub Exploit DB Packet Storm |
| 388 | 5.3 |
警告
Network |
レッドハット 日立 |
uCosminexus Application Server Light uCosminexus Application Server-R uCosminexus Client for ATM uCosminexus Developer Professional プログラミ… |
Xerces JBoss における入力確認に関する脆弱性 |
CWE-20
Improper Input Validation |
CVE-2020-14338 | 2024-12-24 17:09 | 2020-10-13 | Show | GitHub Exploit DB Packet Storm |
| 389 | 5.3 |
警告
Network |
オラクル 日立 |
uCosminexus Application Server Light uCosminexus Application Server-R uCosminexus Client for ATM uCosminexus Developer Professional プログラミ… |
Oracle Java SE および Java SE Embedded における JAXP に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14621 | 2024-12-24 17:05 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 390 | 7.4 |
重要
Network |
オラクル NetApp 日立 |
uCosminexus Application Server Light uCosminexus Application Server-R uCosminexus Client for ATM uCosminexus Developer Professional E-Ser… |
Oracle Java SE および Java SE Embedded における 2D に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14593 | 2024-12-24 16:58 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 391 | 8.3 |
重要
Network |
オラクル NetApp 日立 |
uCosminexus Application Server Light uCosminexus Application Server-R uCosminexus Client for ATM uCosminexus Developer Professional E-Ser… |
Oracle Java SE および Java SE Embedded における Libraries に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14583 | 2024-12-24 16:54 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 392 | 3.7 |
低
Network |
オラクル NetApp 日立 |
uCosminexus Application Server Light uCosminexus Application Server-R uCosminexus Client for ATM uCosminexus Developer Professional E-Ser… |
Oracle Java SE および Java SE Embedded における 2D に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14581 | 2024-12-24 16:38 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 393 | 3.7 |
低
Network |
日立 NetApp オラクル |
uCosminexus Application Standard Hitachi Replication Manager E-Series SANtricity Storage Manager uCosminexus Application Express uCosminexus&n… |
Oracle Java SE および Java SE Embedded における Libraries に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14579 | 2024-12-23 18:14 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 394 | 3.7 |
低
Network |
オラクル 日立 NetApp |
E-Series SANtricity OS Controller JDK uCosminexus Application Smart Edition uCosminexus Developer Professional Hitachi Tiered Storage&nbs… |
Oracle Java SE および Java SE Embedded における Libraries に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14578 | 2024-12-23 17:54 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 395 | 3.7 |
低
Network |
オラクル 日立 NetApp |
E-Series SANtricity OS Controller JDK uCosminexus Application Smart Edition uCosminexus Developer Professional Hitachi Tiered Storage&nbs… |
Oracle Java SE における JSSE に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14577 | 2024-12-23 17:51 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 396 | 3.7 |
低
Network |
オラクル 日立 NetApp |
E-Series SANtricity OS Controller JDK uCosminexus Application Smart Edition uCosminexus Developer Professional Hitachi Tiered Storage&nbs… |
Oracle Java SE における Hotspot に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14573 | 2024-12-23 17:48 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 397 | 5.3 |
警告
Network |
オラクル 日立 NetApp |
E-Series SANtricity OS Controller JDK uCosminexus Application Smart Edition uCosminexus Developer Professional Hitachi Tiered Storage&nbs… |
Oracle Java SE における ImageIO に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14562 | 2024-12-23 17:46 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 398 | 4.8 |
警告
Network |
オラクル 日立 NetApp |
E-Series SANtricity OS Controller JDK uCosminexus Application Smart Edition uCosminexus Developer Professional Hitachi Tiered Storage&nbs… |
Oracle Java SE および Java SE Embedded における Libraries に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-14556 | 2024-12-23 17:41 | 2020-07-14 | Show | GitHub Exploit DB Packet Storm |
| 399 | 3.7 |
低
Network |
オラクル 日立 NetApp レッドハット |
E-Series SANtricity OS Controller JDK Hitachi Tiered Storage Manager uCosminexus Primary Server Base Hitachi Ops Center Analyze… |
Oracle Java SE および Java SE Embedded における Networking に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-2659 | 2024-12-23 17:24 | 2020-01-14 | Show | GitHub Exploit DB Packet Storm |
| 400 | 4.8 |
警告
Network |
オラクル 日立 Debian レッドハット |
JDK Debian GNU/Linux Hitachi Tiered Storage Manager uCosminexus Primary Server Base Hitachi Ops Center Analyzer Hitachi Applicati… |
Oracle Java SE における JSSE に関する脆弱性 |
CWE-noinfo
noinfo |
CVE-2020-2655 | 2024-12-23 17:21 | 2020-01-14 | Show | GitHub Exploit DB Packet Storm |