Vulnerability Reports JP

past 12 months20242023202220212020201920182017201620152014201320122011

2025

2025/04/03 JVN#59547048:
WinRAR vulnerable to the symbolic link based "Mark of the Web" check bypass
2025/04/02 JVN#17260367:
Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products
2025/04/01 JVN#87266215:
WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization
2025/03/28 JVN#66982699:[Critical]
a-blog cms vulnerable to untrusted data deserialization
2025/03/26 JVN#39026557:
Multiple vulnerabilities in PowerCMS
2025/03/25 JVN#26321838:
Multiple vulnerabilities in AssetView
2025/03/19 JVN#04278547:
Multiple vulnerabilities in home gateway HGW-BL1500HM
2025/03/18 JVN#11230428:
+F FS010M vulnerable to OS command injection
2025/03/12 JVN#19358384:
hostapd vulnerable to improper processing of RADIUS packets
2025/03/06 JVN#24992507:
Multiple vulnerabilities in RemoteView Agent (for Windows)
2025/02/19 JVN#91300609:
RevoWorks SCVX and RevoWorks Browser vulnerable to incorrect resource transfer between spheres
2025/02/19 JVN#48742353:
Multiple cross-site scripting vulnerabilities in Movable Type
2025/02/17 JVN#26024080:
Multiple vulnerabilities in The LuxCal Web Calendar
2025/02/14 JVN#96957439:
acmailer CGI and acmailer DB vulnerable to OS command injection
2025/02/14 JVN#65447879:
Multiple vulnerabilities in NEC Aterm series (NV25-003)
2025/02/13 JVN#80527854:
Multiple vulnerabilities in FileMegane
2025/02/12 JVN#84319378:
acmailer vulnerable to cross-site scripting
2025/02/05 JVN#66673020:
Multiple vulnerabilities in Defense Platform Home Edition
2025/02/04 JVN#94806805:
WordPress Plugin "Activity Log WinterLock" vulnerable to cross-site request forgery
2025/01/29 JVN#23839833:
SXF Common Library vulnerable to improper input data handling
2025/01/28 JVN#88046370:
WordPress Plugin "Simple Image Sizes" vulnerable to cross-site scripting
2025/01/27 JVN#05508012:
EXIF Viewer Classic vulnerable to cross-site scripting
2025/01/22 JVN#15293958:
Multiple vulnerabilities in I-O DATA router UD-LT2
2025/01/21 JVN#83855727:
FortiWeb vulnerable to SQL injection
2025/01/08 JVN#57428125:
PLANEX COMMUNICATIONS MZK-DP300N vulnerable to cross-site scripting

2024

2024/12/16 JVN#08430039:
"Shonen Jump+" App for Android fails to restrict custom URL schemes properly
2024/12/16 JVN#61635834:
Multiple vulnerabilities in SHARP routers
2024/12/04 JVN#46615026:[Critical]
Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX
2024/12/02 JVN#53958863:
Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers
2024/11/29 JVN#43845108:
Multiple FCNT Android devices vulnerable to authentication bypass
2024/11/27 JVN#88385716:
HAProxy vulnerable to HTTP request/response smuggling
2024/11/26 JVN#87182660:
WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting
2024/11/20 JVN#16114985:
"Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key
2024/11/15 JVN#36791327:
Multiple vulnerabilities in FitNesse
2024/11/13 JVN#05136799:
WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting
2024/10/31 JVN#87770340:
Stack-based buffer overflow vulnerability in multiple Ricoh laser printers and MFPs which implement Web Image Monitor
2024/10/30 JVN#11779839:
Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials
2024/10/28 JVN#78335885:
Chatwork Desktop Application (Windows) uses a potentially dangerous function
2024/10/25 JVN#00876083:
Multiple vulnerabilities in baserCMS
2024/10/18 JVN#41397971:
Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software
2024/10/18 JVN#57285747:
N-LINE vulnerable to HTML injection
2024/10/18 JVN#31982676:
MUSASI version 3 performing authentication on client-side
2024/10/15 JVN#58721679:
SHIRASAGI vulnerable to path traversal
2024/10/11 JVN#74538317:
Multiple vulnerabilities in Exment
2024/10/10 JVN#54676967:
baserCMS plugin "BurgerEditor" vulnerable to directory listing
2024/10/01 JVN#72148744:
Apache Tomcat improper handling of TLS handshake process data
2024/09/30 JVN#39280069:
RevoWorks Cloud vulnerable to unintended process execution
2024/09/30 JVN#42445661:
Multiple vulnerabilities in Smart-tab
2024/09/27 JVN#21176842:
MF Teacher Performance Management System vulnerable to cross-site scripting
2024/09/24 JVN#57749899:
The installer of e-Tax software(common program) vulnerable to privilege escalation
2024/09/24 JVN#78356367:
Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions
2024/09/24 JVN#81966868:
Multiple vulnerabilities in PLANEX COMMUNICATIONS network devices
2024/09/18 JVN#19766555:
Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
2024/09/18 JVN#42386607:
Assimp vulnerable to heap-based buffer overflow
2024/09/09 JVN#05579230:
Multiple Alps System Integration products and the OEM products vulnerable to cross-site request forgery
2024/09/09 JVN#67456481:
Pgpool-II vulnerable to information disclosure
2024/09/09 JVN#65724976:
WordPress Plugin "Forminator" vulnerable to cross-site scripting
2024/09/09 JVN#81570776:
"@cosme" App fails to restrict custom URL schemes properly
2024/09/06 JVN#32529796:
Multiple products from KINGSOFT JAPAN vulnerable to path traversal
2024/09/06 JVN#49873988:
Secure Boot bypass Vulnerability in PRIMERGY
2024/09/04 JVN#67963942:
WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting
2024/08/30 JVN#29238389:
IPCOM vulnerable to information disclosure
2024/08/30 JVN#25264194:
Multiple vulnerabilities in WordPress plugin "Carousel Slider"
2024/08/29 JVN#08342147:
WindLDR and WindO/I-NV4 store sensitive information in cleartext
2024/08/27 JVN#24885537:
Multiple vulnerabilities in ELECOM wireless LAN routers and access points
2024/08/23 JVN#12824024:
BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
2024/08/22 JVN#83440451:
Multiple Safie products vulnerable to improper server certificate verification
2024/08/20 JVN#56648919:
"Rakuten Ichiba App" fails to restrict custom URL schemes properly
2024/08/06 JVN#78728294:
Firmware update for RICOH JavaTM Platform resets the TLS configuration
2024/08/06 JVN#29845579:
Cybozu Office vulnerable to bypass browsing restrictions in Custom App
2024/08/05 JVN#70666401:
Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN
2024/08/05 JVN#50850706:
Pimax Play and PiTool accept WebSocket connections from unintended endpoints
2024/07/30 JVN#26734798:
FFRI AMC vulnerable to OS command injection
2024/07/30 JVN#26225832:
EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting
2024/07/30 JVN#48324254:
EC-CUBE 4 Series improper input validation when installing plugins
2024/07/30 JVN#06672778:
Multiple vulnerabilities in ELECOM wireless LAN routers
2024/07/29 JVN#84326763:
Multiple vulnerabilities in SKYSEA Client View
2024/07/29 JVN#16420523:
SDoP vulnerable to stack-based buffer overflow
2024/07/26 JVN#02030803:
ORC vulnerable to stack-based buffer overflow
2024/07/18 JVN#87710540:
Assimp vulnerable to heap-based buffer overflow
2024/07/16 JVN#74825766:
Cybozu Garoon vulnerable to cross-site scripting
2024/07/16 JVN#25583987:
FUJITSU Network Edgiot GW1500 vulnerable to path traversal
2024/07/10 JVN#14294633:
Out-of-bounds write vulnerability in Ricoh MFPs and printers
2024/07/09 JVN#81442045:
Multiple vulnerabilities in multiple Webmin products
2024/07/08 JVN#28515217:
Cleartext transmission issue in TONE store App to TONE store
2024/07/03 JVN#94347255:
JP1/Extensible SNMP Agent fails to restrict access permissions
2024/06/28 JVN#01073312:
"Piccoma" App uses a hard-coded API key for an external service
2024/06/26 JVN#34977158:
WordPress plugins "WP Tweet Walls" and "Sola Testimonials" vulnerable to cross-site request forgery
2024/06/19 JVN#37818611:
"ZOZOTOWN" App for Android fails to restrict custom URL schemes properly
2024/06/19 JVN#60331535:
WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page
2024/06/18 JVN#00442488:
Multiple vulnerabilities in Ricoh Streamline NX PC Client
2024/06/18 JVN#65171386:
Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR
2024/06/12 JVN#25594256:
Denial-of-service (DoS) vulnerability in IPCOM WAF function
2024/06/07 JVN#79213252:
WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection
2024/06/07 JVN#55045256:
Multiple vulnerabilities in "FreeFrom - the nostr client" App
2024/06/03 JVN#43215077:
Multiple vulnerabilities in UNIVERSAL PASSPORT RX
2024/05/30 JVN#80506242:
awkblog vulnerable to OS command injection
2024/05/29 JVN#22182715:
Redmine DMSF Plugin vulnerable to path traversal
2024/05/29 JVN#15637138:
EC-Orange vulnerable to authorization bypass
2024/05/28 JVN#17680667:
Multiple vulnerabilities in Unifier and Unifier Cast
2024/05/28 JVN#71404925:
Multiple vulnerabilities in UTAU
2024/05/24 JVN#56781258:
Splunk Config Explorer vulnerable to cross-site scripting
2024/05/24 JVN#35838128:
WordPress Plugin "WP Booking" vulnerable to cross-site scripting
2024/05/21 JVN#29471697:
Android App "TP-Link Tether" and "TP-Link Tapo" vulnerable to improper server certificate verification
2024/05/17 JVN#85380030:
WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal
2024/05/13 JVN#28869536:
Multiple vulnerabilities in Cybozu Garoon
2024/05/10 JVN#83405304:
"OfferBox" App uses a hard-coded secret key
2024/05/10 JVN#61054671:
Phormer vulnerable to cross-site scripting
2024/05/09 JVN#97751842:
Multiple vulnerabilities in MosP kintai kanri
2024/05/08 JVN#87694318:
WordPress Plugin "Heateor Social Login WordPress" vulnerable to cross-site scripting
2024/04/24 JVN#62737544:
Multiple vulnerabilities in RoamWiFi R10
2024/04/23 JVN#40079147:[Unreachable]
TvRock vulnerable to denial-of-service (DoS)
2024/04/23 JVN#24683352:[Unreachable]
TvRock vulnerable to cross-site request forgery
2024/04/18 JVN#50132400:
Multiple vulnerabilities in WordPress Plugin "Forminator"
2024/04/16 JVN#23835228:
Proscend Communications M330-W and M330-W5 vulnerable to OS command injection
2024/04/15 JVN#58236836:
Multiple vulnerabilities in BUFFALO wireless LAN routers
2024/04/10 JVN#70977403:
Multiple vulnerabilities in a-blog cms
2024/04/08 JVN#50361500:
Multiple vulnerabilities in WordPress Plugin "Ninja Forms"
2024/04/05 JVN#82074338:
Multiple vulnerabilities in NEC Aterm series