Vulnerability Reports JP

past 12 months20232022202120202019201820172016201520142013201220112010

2024

2024/11/20 JVN#16114985:
"Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key
2024/11/15 JVN#36791327:
Multiple vulnerabilities in FitNesse
2024/11/13 JVN#05136799:
WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting
2024/10/31 JVN#87770340:
Stack-based buffer overflow vulnerability in multiple Ricoh laser printers and MFPs which implement Web Image Monitor
2024/10/30 JVN#11779839:
Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials
2024/10/28 JVN#78335885:
Chatwork Desktop Application (Windows) uses a potentially dangerous function
2024/10/25 JVN#00876083:
Multiple vulnerabilities in baserCMS
2024/10/18 JVN#41397971:
Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software
2024/10/18 JVN#57285747:
N-LINE vulnerable to HTML injection
2024/10/18 JVN#31982676:
MUSASI version 3 performing authentication on client-side
2024/10/15 JVN#58721679:
SHIRASAGI vulnerable to path traversal
2024/10/11 JVN#74538317:
Multiple vulnerabilities in Exment
2024/10/10 JVN#54676967:
baserCMS plugin "BurgerEditor" vulnerable to directory listing
2024/10/01 JVN#72148744:
Apache Tomcat improper handling of TLS handshake process data
2024/09/30 JVN#39280069:
RevoWorks Cloud vulnerable to unintended process execution
2024/09/30 JVN#42445661:
Multiple vulnerabilities in Smart-tab
2024/09/27 JVN#21176842:
MF Teacher Performance Management System vulnerable to cross-site scripting
2024/09/24 JVN#57749899:
The installer of e-Tax software(common program) vulnerable to privilege escalation
2024/09/24 JVN#78356367:
Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions
2024/09/24 JVN#81966868:
Multiple vulnerabilities in PLANEX COMMUNICATIONS network devices
2024/09/18 JVN#19766555:
Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
2024/09/18 JVN#42386607:
Assimp vulnerable to heap-based buffer overflow
2024/09/09 JVN#05579230:
Multiple Alps System Integration products and the OEM products vulnerable to cross-site request forgery
2024/09/09 JVN#67456481:
Pgpool-II vulnerable to information disclosure
2024/09/09 JVN#65724976:
WordPress Plugin "Forminator" vulnerable to cross-site scripting
2024/09/09 JVN#81570776:
"@cosme" App fails to restrict custom URL schemes properly
2024/09/06 JVN#32529796:
Multiple products from KINGSOFT JAPAN vulnerable to path traversal
2024/09/06 JVN#49873988:
Secure Boot bypass Vulnerability in PRIMERGY
2024/09/04 JVN#67963942:
WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting
2024/08/30 JVN#29238389:
IPCOM vulnerable to information disclosure
2024/08/30 JVN#25264194:
Multiple vulnerabilities in WordPress plugin "Carousel Slider"
2024/08/29 JVN#08342147:
WindLDR and WindO/I-NV4 store sensitive information in cleartext
2024/08/27 JVN#24885537:
Multiple vulnerabilities in ELECOM wireless LAN routers and access points
2024/08/23 JVN#12824024:
BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
2024/08/22 JVN#83440451:
Multiple Safie products vulnerable to improper server certificate verification
2024/08/20 JVN#56648919:
"Rakuten Ichiba App" fails to restrict custom URL schemes properly
2024/08/06 JVN#78728294:
Firmware update for RICOH JavaTM Platform resets the TLS configuration
2024/08/06 JVN#29845579:
Cybozu Office vulnerable to bypass browsing restrictions in Custom App
2024/08/05 JVN#70666401:
Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN
2024/08/05 JVN#50850706:
Pimax Play and PiTool accept WebSocket connections from unintended endpoints
2024/07/30 JVN#26734798:
FFRI AMC vulnerable to OS command injection
2024/07/30 JVN#26225832:
EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting
2024/07/30 JVN#48324254:
EC-CUBE 4 Series improper input validation when installing plugins
2024/07/30 JVN#06672778:
Multiple vulnerabilities in ELECOM wireless LAN routers
2024/07/29 JVN#84326763:
Multiple vulnerabilities in SKYSEA Client View
2024/07/29 JVN#16420523:
SDoP vulnerable to stack-based buffer overflow
2024/07/26 JVN#02030803:
ORC vulnerable to stack-based buffer overflow
2024/07/18 JVN#87710540:
Assimp vulnerable to heap-based buffer overflow
2024/07/16 JVN#74825766:
Cybozu Garoon vulnerable to cross-site scripting
2024/07/16 JVN#25583987:
FUJITSU Network Edgiot GW1500 vulnerable to path traversal
2024/07/10 JVN#14294633:
Out-of-bounds write vulnerability in Ricoh MFPs and printers
2024/07/09 JVN#81442045:
Multiple vulnerabilities in multiple Webmin products
2024/07/08 JVN#28515217:
Cleartext transmission issue in TONE store App to TONE store
2024/07/03 JVN#94347255:
JP1/Extensible SNMP Agent fails to restrict access permissions
2024/06/28 JVN#01073312:
"Piccoma" App uses a hard-coded API key for an external service
2024/06/26 JVN#34977158:
WordPress plugins "WP Tweet Walls" and "Sola Testimonials" vulnerable to cross-site request forgery
2024/06/19 JVN#37818611:
"ZOZOTOWN" App for Android fails to restrict custom URL schemes properly
2024/06/19 JVN#60331535:
WordPress plugin "SiteGuard WP Plugin" may leak the customized path to the login page
2024/06/18 JVN#00442488:
Multiple vulnerabilities in Ricoh Streamline NX PC Client
2024/06/18 JVN#65171386:
Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR
2024/06/12 JVN#25594256:
Denial-of-service (DoS) vulnerability in IPCOM WAF function
2024/06/07 JVN#79213252:
WordPress Plugin "Music Store - WordPress eCommerce" vulnerable to SQL injection
2024/06/07 JVN#55045256:
Multiple vulnerabilities in "FreeFrom - the nostr client" App
2024/06/03 JVN#43215077:
Multiple vulnerabilities in UNIVERSAL PASSPORT RX
2024/05/30 JVN#80506242:
awkblog vulnerable to OS command injection
2024/05/29 JVN#22182715:
Redmine DMSF Plugin vulnerable to path traversal
2024/05/29 JVN#15637138:
EC-Orange vulnerable to authorization bypass
2024/05/28 JVN#17680667:
Multiple vulnerabilities in Unifier and Unifier Cast
2024/05/28 JVN#71404925:
Multiple vulnerabilities in UTAU
2024/05/24 JVN#56781258:
Splunk Config Explorer vulnerable to cross-site scripting
2024/05/24 JVN#35838128:
WordPress Plugin "WP Booking" vulnerable to cross-site scripting
2024/05/21 JVN#29471697:
Android App "TP-Link Tether" and "TP-Link Tapo" vulnerable to improper server certificate verification
2024/05/17 JVN#85380030:
WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal
2024/05/13 JVN#28869536:
Multiple vulnerabilities in Cybozu Garoon
2024/05/10 JVN#83405304:
"OfferBox" App uses a hard-coded secret key
2024/05/10 JVN#61054671:
Phormer vulnerable to cross-site scripting
2024/05/09 JVN#97751842:
Multiple vulnerabilities in MosP kintai kanri
2024/05/08 JVN#87694318:
WordPress Plugin "Heateor Social Login WordPress" vulnerable to cross-site scripting
2024/04/24 JVN#62737544:
Multiple vulnerabilities in RoamWiFi R10
2024/04/23 JVN#40079147:[Unreachable]
TvRock vulnerable to denial-of-service (DoS)
2024/04/23 JVN#24683352:[Unreachable]
TvRock vulnerable to cross-site request forgery
2024/04/18 JVN#50132400:
Multiple vulnerabilities in WordPress Plugin "Forminator"
2024/04/16 JVN#23835228:
Proscend Communications M330-W and M330-W5 vulnerable to OS command injection
2024/04/15 JVN#58236836:
Multiple vulnerabilities in BUFFALO wireless LAN routers
2024/04/10 JVN#70977403:
Multiple vulnerabilities in a-blog cms
2024/04/08 JVN#50361500:
Multiple vulnerabilities in WordPress Plugin "Ninja Forms"
2024/04/05 JVN#82074338:
Multiple vulnerabilities in NEC Aterm series
2024/03/29 JVN#23528780:
"Yahoo! JAPAN" App vulnerable to cross-site scripting
2024/03/27 JVN#40367518:
SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries
2024/03/27 JVN#51098626:
Multiple vulnerabilities in WordPress Plugin "Survey Maker"
2024/03/25 JVN#46874970:[Unreachable]
0ch BBS Script (0ch) vulnerable to cross-site scripting
2024/03/25 JVN#17176449:[Unreachable]
ffBull vulnerable to OS command injection
2024/03/25 JVN#40523785:[Unreachable]
Mini Thread vulnerable to cross-site scripting
2024/03/25 JVN#22376992:[Unreachable]
WebProxy vulnerable to OS command injection
2024/03/25 JVN#69107517:[Unreachable]
TvRock vulnerable to cross-site scripting
2024/03/25 JVN#13113728:[Unreachable]
"EasyRange" may insecurely load executable files
2024/03/25 JVN#86206017:
WordPress Plugin "easy-popup-show" vulnerable to cross-site request forgery
2024/03/18 JVN#94521208:
Multiple vulnerabilities in FitNesse
2024/03/15 JVN#70640802:
"ABEMA" App for Android fails to restrict access permissions
2024/03/08 JVN#48443978:
a-blog cms vulnerable to directory traversal
2024/03/07 JVN#54451757:
Multiple vulnerabilities in SKYSEA Client View
2024/03/06 JVN#34328023:
FUJIFILM Business Innovation Corp. printers vulnerable to cross-site request forgery
2024/03/06 JVN#82749078:
Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management
2024/03/06 JVN#52919306:
Toyoko Inn official App vulnerable to improper server certificate verification
2024/02/29 JVN#35928117:
Protection mechanism failure in RevoWorks
2024/02/29 JVN#77203800:
OET-213H-BTS1 missing authorization check in the initial configuration
2024/02/29 JVN#78084105:
OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting
2024/02/27 JVN#73283159:
Multiple vulnerabilities in baserCMS
2024/02/20 JVN#44166658:
Multiple vulnerabilities in ELECOM wireless LAN routers and wireless LAN repeater
2024/02/15 JVN#48966481:
a-blog cms vulnerable to URL spoofing
2024/02/07 JVN#44033918:
Zeroshell vulnerable to OS command injection
2024/02/06 JVN#18743512:
Cybozu KUNAI for Android vulnerable to denial-of-service (DoS)
2024/02/01 JVN#63567545:
Group Office vulnerable to cross-site scripting
2024/02/01 JVN#41129639:
Payment EX vulnerable to information disclosure
2024/01/24 JVN#70818619:
"Mercari" App for Android fails to restrict custom URL schemes properly
2024/01/24 JVN#93541851:
Oracle WebLogic Server vulnerable to HTTP header injection
2024/01/23 JVN#96154238:
Android App "Spoon" uses a hard-coded API key for an external service
2024/01/23 JVN#77736613:
Improper restriction of XML external entity references (XXE) in MLIT "Electronic Delivery Check System" and "Electronic delivery item Inspection Support System"
2024/01/23 JVN#01434915:
Improper restriction of XML external entity references (XXE) in "Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)"
2024/01/23 JVN#40049211:
Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense
2024/01/22 JVN#73587943:
Access analysis CGI An-Analyzer vulnerable to open redirect
2024/01/22 JVN#34565930:
Multiple vulnerabilities in a-blog cms
2024/01/19 JVN#67215338:
FusionPBX vulnerable to cross-site scripting
2024/01/18 JVN#83655695:
Multiple Dahua Technology products vulnerable to authentication bypass
2024/01/16 JVN#63383723:
Drupal vulnerable to improper handling of structural elements
2024/01/15 JVN#51135247:
Pleasanter vulnerable to cross-site scripting
2024/01/15 JVN#96240417:
Thermal camera TMC series vulnerable to insufficient technical documentation
2024/01/12 JVN#37326856:
Improper input validation vulnerability in WordPress Plugin "WordPress Quiz Maker Plugin"

2023

2023/12/26 JVN#32646742:
Multiple vulnerabilities in PowerCMS
2023/12/26 JVN#23771490:
Multiple vulnerabilities in BUFFALO VR-S1000
2023/12/13 JVN#18715935:
Multiple vulnerabilities in GROWI
2023/12/11 JVN#34145838:
Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series
2023/12/04 JVN#46895889:
RakRak Document Plus vulnerable to path traversal
2023/12/01 JVN#45891816:
Ruckus Access Point vulnerable to cross-site scripting
2023/11/20 JVN#15005948:
Multiple vulnerabilities in LuxCal Web Calendar
2023/11/17 JVN#22220399:
Multiple vulnerabilities in CubeCart
2023/11/17 JVN#13618065:
Redmine vulnerable to cross-site scripting
2023/11/14 JVN#67822421:
OSS Calendar vulnerable to SQL injection
2023/11/13 JVN#96209256:
Multiple vulnerabilities in Pleasanter
2023/11/13 JVN#17806703:
Multiple vulnerabilities in Cisco Firepower Management Center Software
2023/11/10 JVN#99177549:
HOTELDRUID vulnerable to cross-site scripting
2023/11/10 JVN#86156389:
Remarshal unlimitedly expanding YAML alias nodes
2023/11/07 JVN#29195731:
EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution
2023/11/02 JVN#14762986:
Improper restriction of XML external entity references (XXE) in e-Tax software
2023/10/31 JVN#94132951:
Cybozu Remote Service vulnerable to uncontrolled resource consumption
2023/10/30 JVN#48057522:
Inkdrop vulnerable to code injection
2023/10/27 JVN#45547161:
Multiple vulnerabilities in baserCMS
2023/10/25 JVN#39139884:
Movable Type vulnerable to cross-site scripting
2023/10/23 JVN#02058996:
HP ThinUpdate vulnerable to improper server certificate verification
2023/10/19 JVN#28846531:
Multiple vulnerabilities in JustSystems products
2023/10/18 JVN#95981460:[Critical]
Improper restriction of XML external entity references (XXE) in Proself
2023/10/16 JVN#80476432:
web2py vulnerable to OS command injection
2023/10/16 JVN#58574030:
Scanning evasion issue in Cisco Secure Email Gateway
2023/10/06 JVN#15808274:
e-Gov Client Application fails to restrict custom URL schemes properly
2023/10/04 JVN#08237727:
Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility
2023/10/02 JVN#39596244:
Improper restriction of XML external entity references (XXE) in FD Application
2023/09/27 JVN#17434995:
Shihonkanri Plus vulnerable to relative path traversal
2023/09/22 JVN#97197972:
Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
2023/09/11 JVN#41113329:
Pyramid vulnerable to directory traversal
2023/09/06 JVN#42691027:
"direct" Desktop App for macOS fails to restrict access permissions
2023/09/05 JVN#78113802:
Multiple vulnerabilities in F-RevoCRM
2023/09/05 JVN#92720882:
Multiple vulnerabilities in CGIs of PMailServer and PMailServer2
2023/09/04 JVN#82758000:
Multiple vulnerabilities in SHIRASAGI
2023/08/31 JVN#60140221:
Multiple vulnerabilities in i-PRO VI Web Client
2023/08/24 JVN#86484824:
SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)
2023/08/24 JVN#03447226:
"Skylark" App fails to restrict custom URL schemes properly
2023/08/23 JVN#55217369:
Rakuten WiFi Pocket vulnerable to improper authentication
2023/08/21 JVN#98946408:
WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting
2023/08/21 JVN#04876736:
Multiple vulnerabilities in LuxCal Web Calendar
2023/08/18 JVN#19661362:[Critical]
Multiple vulnerabilities in Proself
2023/08/17 JVN#46993816:
EC-CUBE 2 series vulnerable to cross-site scripting
2023/08/09 JVN#84820712:
"Rikunabi NEXT" App for Android fails to restrict custom URL schemes properly
2023/08/07 JVN#42527152:
"FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly
2023/08/07 JVN#83334799:
Multiple vulnerabilities in Special Interest Group Network for Analysis and Liaison's API
2023/08/04 JVN#38847224:
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information in cleartext
2023/08/02 JVN#61337171:
SEIKO EPSON printer Web Config vulnerable to denial-of-service (DoS)
2023/07/26 JVN#95727578:
Fujitsu Real-time Video Transmission Gear "IP series" uses a hard-coded credentials
2023/07/24 JVN#37857022:
Improper restriction of XML external entity references (XXE) in Applicant Programme
2023/07/21 JVN#35897618:[Critical]
GBrowse vulnerable to unrestricted upload of files with dangerous types
2023/07/20 JVN#90560760:
Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"
2023/07/18 JVN#44726469:
Improper restriction of XML external entity references (XXE) in XBRL data create application
2023/07/11 JVN#05223215:
Multiple vulnerabilities in multiple ELECOM wireless LAN routers and wireless LAN repeaters
2023/07/03 JVN#64316789:
Multiple vulnerabilities in SoftEther VPN and PacketiX VPN
2023/06/30 JVN#32739265:
"NewsPicks" App uses a hard-coded API key for an external service
2023/06/27 JVN#97127032:
WordPress Plugin "Snow Monkey Forms" vulnerable to directory traversal
2023/06/27 JVN#78634340:
Multiple vulnerabilities in WAVLINK WL-WN531AX2
2023/06/27 JVN#38343415:
Multiple vulnerabilities in Aterm series
2023/06/22 JVN#97818024:
Multiple vulnerabilities in Pleasanter
2023/06/20 JVN#70502982:
SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)
2023/06/16 JVN#19748237:
Multiple vulnerabilities in Panasonic AiSEG2
2023/06/13 JVN#96828492:
Chatwork Desktop Application (Mac) vulnerable to code injection
2023/06/12 JVN#36060509:
"WPS Office" vulnerable to OS command injection
2023/06/09 JVN#34232595:
ASUS Router RT-AX3000 vulnerable to using sensitive cookies without 'Secure' attribute
2023/06/09 JVN#28412757:
Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT
2023/06/01 JVN#33836375:
"Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification
2023/05/31 JVN#62111727:
Pleasanter vulnerable to cross-site scripting
2023/05/31 JVN#38222042:
DataSpider Servista uses a hard-coded cryptographic key
2023/05/30 JVN#95981715:
Starlette vulnerable to directory traversal
2023/05/26 JVN#19243534:
ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal
2023/05/25 JVN#90278893:
Wacom Tablet Driver installer for macOS vulnerable to improper link resolution before file access
2023/05/22 JVN#45127776:
Tornado vulnerable to open redirect
2023/05/19 JVN#14778242:
Multiple vulnerabilities in T&D and ESPEC MIC data logger products
2023/05/18 JVN#48687031:
Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay
2023/05/15 JVN#41694426:
Multiple vulnerabilities in Cybozu Garoon
2023/05/15 JVN#01093915:
Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms"
2023/05/12 JVN#11705010:
Beekeeper Studio vulnerable to code injection
2023/05/10 JVN#31701509:
Multiple vulnerabilities in MicroEngine Mailform
2023/05/09 JVN#59341308:
WordPress Plugin "Newsletter" vulnerable to cross-site scripting
2023/05/09 JVN#95792402:
WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" vulnerable to cross-site scripting
2023/05/09 JVN#80476232:
SR-7100VN vulnerable to privilege escalation
2023/05/08 JVN#13306058:
JINS MEME CORE uses a hard-coded cryptographic key
2023/05/08 JVN#01937209:
LINE WORKS Drive Explorer vulnerable to code injection
2023/04/24 JVN#00971105:
WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting
2023/04/19 JVN#73178249:
Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft
2023/04/19 JVN#99657911:
WordPress plugin "LIQUID SPEECH BALLOON” vulnerable to cross-site request forgery
2023/04/19 JVN#50862842:
EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass
2023/04/17 JVN#14492006:
API server of TONE Family vulnerable to authentication bypass using an alternate path
2023/04/17 JVN#87559956:
Joruri Gw vulnerable to cross-site scripting
2023/04/14 JVN#36340790:
JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor
2023/04/14 JVN#76257155:
Trend Micro Security may insecurely load Dynamic Link Libraries
2023/04/04 JVN#79149117:
Multiple vulnerabilities in JustSystems products
2023/04/04 JVN#75742861:
Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool
2023/03/31 JVN#38170084:
HAProxy vulnerable to HTTP request/response smuggling
2023/03/31 JVN#40604023:[Critical]
Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210
2023/03/27 JVN#61105618:
baserCMS vulnerable to arbitrary file uploads
2023/03/24 JVN#35246979:
ELECOM WAB-MAT registers its windows service executable with an unquoted file path
2023/03/17 JVN#62420378:
TP-Link T2600G-28SQ uses vulnerable SSH host keys
2023/03/13 JVN#64453490:
Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service
2023/03/08 JVN#82424996:
Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config
2023/03/06 JVN#19872280:
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
2023/03/01 JVN#57224029:
Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
2023/02/28 JVN#04785663:
Multiple cross-site scripting vulnerabilities in EC-CUBE
2023/02/28 JVN#78253670:
web2py development tool vulnerable to open redirect
2023/02/22 JVN#18765463:
Multiple cross-site scripting vulnerabilities in SHIRASAGI
2023/02/14 JVN#00712821:
Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools
2023/02/14 JVN#60263237:
The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries
2023/02/13 JVN#98612206:
Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G
2023/02/10 JVN#60320736:
NEC PC Settings Tool vulnerable to missing authentication for critical function
2023/02/06 JVN#11257333:
Ichiran App vulnerable to improper server certificate verification
2023/01/31 JVN#22830348:
Vulnerability in Driver Distributor where passwords are stored in a recoverable format
2023/01/31 JVN#84642320:
SUSHIRO App for Android outputs sensitive information to the log file
2023/01/24 JVN#01398015:
pgAdmin 4 vulnerable to directory traversal
2023/01/24 JVN#05288621:
EasyMail vulnerable to cross-site scripting
2023/01/23 JVN#72418815:
Pgpool-II vulnerable to information disclosure
2023/01/17 JVN#31073333:
WordPress plugin "Welcart e-Commerce" vulnerable to directory traversal
2023/01/12 JVN#57296685:
Multiple vulnerabilities in PIXELA PIX-RT100
2023/01/11 JVN#99957889:
Multiple vulnerabilities in MAHO-PBX NetDevancer series
2023/01/11 JVN#03832974:
pgAdmin 4 vulnerable to open redirect
2023/01/11 JVN#78481846:
TP-Link SG105PE vulnerable to authentication bypass
2023/01/06 JVN#55675303:
Digital Arts m-FILTER vulnerable to improper authentication
2023/01/05 JVN#16765254:
Multiple code injection vulnerabilities in ruby-git

2022

2022/12/21 JVN#29902403:
Installers generated by Squirrel.Windows may insecurely load Dynamic Link Libraries
2022/12/21 JVN#43561812:
+Message App improper handling of Unicode control characters
2022/12/19 JVN#06093462:
Zenphoto vulnerable to cross-site scripting
2022/12/19 JVN#13075438:
Corel Roxio Creator LJB starts a program with an unquoted file path
2022/12/15 JVN#96321933:
Multiple vulnerabilities in DENSHI NYUSATSU CORE SYSTEM
2022/12/13 JVN#60211811:
Redmine vulnerable to cross-site scripting
2022/11/25 JVN#87895771:
Cybozu Remote Service vulnerable to Uncontrolled Resource Consumption
2022/11/25 JVN#53682526:
Multiple cross-site scripting vulnerabilities in baserCMS
2022/11/24 JVN#29657972:
TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input
2022/11/21 JVN#26044739:
Typora fails to properly neutralize JavaScript code
2022/11/18 JVN#13927745:
WordPress Plugin "WordPress Popular Posts" accepts untrusted external inputs to update certain internal variables
2022/11/16 JVN#24659622:
RICOH Aficio SP 4210N vulnerable to cross-site scripting
2022/11/16 JVN#37014768:
Multiple vulnerabilities in Movable Type
2022/11/14 JVN#54728399:
TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation
2022/11/10 JVN#75437943:
Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure
2022/11/08 JVN#59663854:
WordPress Plugin "Salon booking system" vulnerable to cross-site scripting
2022/11/08 JVN#09409909:
Multiple vulnerabilities in WordPress
2022/11/01 JVN#46345126:
Multiple vulnerabilities in the web interfaces of Kyocera Document Solutions MFPs and printers
2022/10/28 JVN#74285622:
Multiple vulnerabilities in FUJI SOFT network devices
2022/10/25 JVN#86350682:
Multiple vulnerabilities in SHIRASAGI
2022/10/20 JVN#56968681:
Multiple vulnerabilities in nadesiko3
2022/10/19 JVN#10921428:
Lemon8 App fails to restrict access permissions
2022/10/14 JVN#74534998:
Android App "IIJ SmartKey" vulnerable to information disclosure
2022/10/11 JVN#74592196:[Critical]
bingo!CMS vulnerable to authentication bypass
2022/10/11 JVN#40620121:
The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries
2022/10/07 JVN#00845253:
Growi vulnerable to improper access control
2022/10/06 JVN#15411362:
IPFire WebUI vulnerable to cross-site scripting
2022/09/30 JVN#78862034:
BookStack vulnerable to cross-site scripting
2022/09/15 JVN#21213852:
Multiple vulnerabilities in EC-CUBE
2022/09/15 JVN#30900552:
EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files
2022/09/14 JVN#36454862:[Critical]
Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service
2022/09/09 JVN#48120704:
Movable Type plugin A-Form vulnerable to cross-site scripting
2022/09/05 JVN#34205166:
SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure
2022/09/02 JVN#76024879:
PowerCMS XMLRPC API vulnerable to command injection
2022/08/29 JVN#44721267:
Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries
2022/08/29 JVN#45473612:
Multiple vulnerabilities in CentreCOM AR260S V2
2022/08/24 JVN#57728859:
Movable Type XMLRPC API vulnerable to command injection
2022/08/24 JVN#46239102:
Multiple vulnerabilities in Exment
2022/08/23 JVN#43979089:
PukiWiki vulnerable to cross-site scripting
2022/08/04 JVN#42883072:
Kaitai Struct: compiler vulnerable to denial-of-service (DoS)
2022/07/29 JVN#17625382:
Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001
2022/07/28 JVN#57073973:
"JustSystems JUST Online Update for J-License" starts a program with an unquoted file path
2022/07/27 JVN#81563390:
"Hulu / フールー" App for iOS vulnerable to improper server certificate verification
2022/07/27 JVN#40907489:
"Hulu / フールー" App for Android uses a hard-coded API key for an external service
2022/07/25 JVN#77850327:
WordPress Plugin "Newsletter" vulnerable to cross-site scripting
2022/07/25 JVN#30454777:
Multiple vulnerabilities in untangle
2022/07/22 JVN#75063798:
Booked vulnerable to open redirect
2022/07/20 JVN#20573662:
Multiple vulnerabilities in Cybozu Office
2022/07/12 JVN#12610194:
Django Extract and Trunc functions vulnerable to SQL injection
2022/07/08 JVN#23766146:
Passage Drive vulnerable to insufficient data verification
2022/07/04 JVN#14077132:
Multiple vulnerabilities in Cybozu Garoon
2022/07/04 JVN#32625020:
LiteCart vulnerable to cross-site scripting
2022/06/29 JVN#41017328:
HOME SPOT CUBE2 vulnerable to OS command injection
2022/06/24 JVN#51464799:
L2Blocker Sensor setup screen vulnerable to authentication bypass
2022/06/23 JVN#02158640:
web2py vulnerable to open redirect
2022/06/17 JVN#93667442:
Gitlab vulnerable to server-side request forgery
2022/06/15 JVN#20930118:
FreeBSD vulnerable to denial-of-service (DoS)
2022/06/14 JVN#94363766:
Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting
2022/06/09 JVN#32962443:
SHIRASAGI vulnerable to cross-site scripting
2022/06/01 JVN#28659051:
T&D Data Server and THERMO RECORDER DATA SERVER vulnerable to directory traversal
2022/06/01 JVN#04155116:
WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting
2022/05/27 JVN#27256219:
RevoWorks incomplete filtering of MS Office v4 macros
2022/05/27 JVN#13878856:
Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification
2022/05/24 JVN#15241647:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2022/05/20 JVN#15317878:
Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)
2022/05/19 JVN#46892984:
Multiple vulnerabilities in Rakuten Casa
2022/05/16 JVN#73897863:
Multiple vulnerabilities in Cybozu Garoon
2022/05/13 JVN#44550983:
Strapi vulnerable to cross-site scripting
2022/05/13 JVN#46241173:
EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery
2022/05/11 JVN#60037444:
Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries
2022/05/10 JVN#60801132:
GENEREX RCCMD vulnerable to directory traversal
2022/05/09 JVN#96561229:[Critical]
Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM
2022/05/09 JVN#50337155:
KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass
2022/05/09 JVN#58266015:
Multiple vulnerabilities in multiple MEIKYO ELECTRIC products
2022/04/22 JVN#54857505:
Hammock AssetView missing authentication for critical functions
2022/04/15 JVN#31606885:
WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" vulnerable to cross-site request forgery
2022/03/30 JVN#59576930:
Zero-channel BBS Plus vulnerable to cross-site scripting
2022/03/30 JVN#42543427:
WordPress Plugin "Advanced Custom Fields" vulnerable to missing authorization
2022/03/30 JVN#10140834:
AttacheCase may insecurely load Dynamic Link Libraries
2022/03/16 JVN#21234459:
Multiple vulnerabilities in KINGSOFT "WPS Office" and "KINGSOFT Internet Security"
2022/03/15 JVN#87751554:
Multiple vulnerabilities in pfSense
2022/03/10 JVN#72801744:
UNIVERGE WA Series vulnerable to OS command injection
2022/03/04 JVN#33214411:
i-FILTER vulnerable to improper check for certificate revocation
2022/03/03 JVN#85572374:
pfSense-pkg-WireGuard vulnerable to directory traversal
2022/03/03 JVN#89524240:
MarkText vulnerable to cross-site scripting
2022/03/03 JVN#87683137:
Norton Security for Mac improperly processes ICMP packets
2022/02/22 JVN#67108459:
EC-CUBE plugin "Mail Magazine Management Plugin" vulnerable to cross-site request forgery
2022/02/22 JVN#53871926:
EC-CUBE improperly handles HTTP Host header values
2022/02/18 JVN#14706307:
Multiple vulnerabilities in a-blog cms
2022/02/17 JVN#00095004:
Multiple vulnerabilities in phpUploader
2022/02/09 JVN#12969207:
HPE Agentless Management registers unquoted service paths
2022/02/08 JVN#17482543:
Multiple vulnerabilities in multiple ELECOM LAN routers
2022/02/07 JVN#95898697:
Multiple ESET products for macOS vulnerable to improper server certificate verification
2022/02/04 JVN#67396225:
CSV+ vulnerable to cross-site scripting
2022/01/25 JVN#70100915:
Multiple vulnerabilities in TransmitMail
2022/01/20 JVN#16690037:
Multiple cross-site scripting vulnerabilities in php_mailform
2022/01/19 JVN#64806328:
Canon laser printers and small office multifunctional printers vulnerable to cross-site scripting
2022/01/13 JVN#19826500:
PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption
2022/01/13 JVN#81479705:
Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials
2022/01/12 JVN#49047921:
Jimoty App for Android uses a hard-coded API key for an external service
2022/01/12 JVN#72788165:
Multiple vulnerabilities in WordPress Plugin "Quiz And Survey Master"

2021

2021/12/22 JVN#66422035:
Android Apps developed using Yappli fails to restrict custom URL schemes properly
2021/12/20 JVN#79798166:
Multiple vulnerabilities in GroupSession
2021/12/17 JVN#13464252:
UNIVERGE DT Series vulnerable to missing encryption of sensitive data
2021/12/02 JVN#09136401:
Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields"
2021/11/30 JVN#88993473:
Multiple vulnerabilities in multiple ELECOM LAN routers
2021/11/30 JVN#19482703:
Wi-Fi STATION SH-52A vulnerable to cross-site scripting
2021/11/26 JVN#81376414:
Multiple vulnerabilities in baserCMS
2021/11/25 JVN#93562098:
WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery
2021/11/24 JVN#17645965:
PowerCMS XMLRPC API vulnerable to OS command injection
2021/11/16 JVN#85492429:
WordPress Plugin "Push Notifications for WordPress (Lite)" vulnerable to cross-site request forgery
2021/11/16 JVN#22515597:
rwtxt vulnerable to cross-site scripting
2021/11/12 JVN#58407606:
Unlimited Sitemap Generator vulnerable to cross-site request forgery
2021/11/11 JVN#75444925:
Multiple vulnerabilities in EC-CUBE 2 series
2021/11/10 JVN#68066589:
WordPress Plugin "Booking Package - Appointment Booking Calendar System" vulnerable to cross-site scripting
2021/10/29 JVN#69304877:
Multiple vulnerabilities in CLUSTERPRO X and EXPRESSCLUSTER X
2021/10/29 JVN#49465877:
Android App "Mercari (Merpay) - Marketplace and Mobile Payments App" (Japan version) vulnerable to improper handling of Intent
2021/10/29 JVN#60553023:
ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)
2021/10/28 JVN#33453839:
Multiple improper restriction of XML external entity reference (XXE) vulnerabilities in Office Server Document Converter
2021/10/20 JVN#41119755:[Critical]
Movable Type XMLRPC API vulnerable to OS command injection
2021/10/18 JVN#85073657:
128 Technology Session Smart Router vulnerable to authentication bypass
2021/10/08 JVN#51106450:
Apache HTTP Server vulnerable to directory traversal
2021/10/08 JVN#89126639:
Nike App fails to restrict custom URL schemes properly
2021/09/30 JVN#52694228:
Multiple vulnerabilities in Cybozu Remote Service
2021/09/28 JVN#29428319:
WordPress Plugin "OG Tags" vulnerable to cross-site request forgery
2021/09/28 JVN#63023305:
InBody App vulnerable to information disclosure
2021/09/28 JVN#10168753:
SNKRDUNK Market Place App for iOS vulnerable to improper server certificate verification
2021/09/17 JVN#42866574:
Multiple vulnerabilities in Sharp NEC Display Solutions' public displays
2021/09/16 JVN#23406150:
EC-CUBE plugin "Order Status Batch Change Plug-in" vulnerable to cross-site scripting
2021/09/13 JVN#46313661:
EC-CUBE plugin "List (order management) item change plug-in" vulnerable to cross-site scripting
2021/09/10 JVN#81658818:
Multiple vulnerabilities in RevoWorks Browser
2021/08/27 JVN#14134801:
baserCMS vulnerable to cross-site scripting
2021/08/25 JVN#97545738:
Multiple cross-site scripting vulnerabilities in Movable Type
2021/08/24 JVN#80288258:
The installers of multiple Sony products may insecurely load Dynamic Link Libraries
2021/08/17 JVN#41646618:
Huawei EchoLife HG8045Q vulnerable to OS command injection
2021/08/12 JVN#50804280:
Plone vulnerable to open redirect
2021/08/10 JVN#65388002:
WordPress Plugin "Quiz And Survey Master" vulnerable to cross-site scripting
2021/08/02 JVN#54794245:
Multiple vulnerabilities in Cybozu Garoon
2021/07/21 JVN#53278122:
Minecraft Java Edition vulnerable to directory traversal
2021/07/19 JVN#86026700:
Multiple vulnerabilities in GroupSession
2021/07/14 JVN#34364599:
Optical BB unit E-WMTA2.3 vulnerable to cross-site request forgery
2021/07/13 JVN#26891339:
Multiple vulnerabilities in Retty App
2021/07/09 JVN#68971465:
voidtools "Everything" vulnerable to HTTP header injection
2021/07/08 JVN#89054582:
WordPress Plugin "Software License Manager" vulnerable to cross-site request forgery
2021/07/08 JVN#48413554:
WordPress Plugin "WordPress Meta Data Filter & Taxonomies Filter" vulnerable to cross-site request forgery
2021/07/07 JVN#25850723:
GU App for Android fails to restrict access permissions
2021/07/06 JVN#42880365:
WordPress Plugin "WordPress Email Template Designer - WP HTML Mail" vulnerable to cross-site request forgery
2021/07/06 JVN#91372527:
WordPress Plugin "WPCS - WordPress Currency Switcher" vulnerable to cross-site request forgery
2021/07/05 JVN#21636825:
A-Stage SCT-40CM01SR and AT-40CM01SR vulnerable to authentication bypass
2021/07/01 JVN#57942445:
EC-CUBE fails to restrict access permissions
2021/06/30 JVN#15185184:
IkaIka RSS Reader vulnerable to cross-site scripting
2021/06/30 JVN#65660590:
boastMachine vulnerable to cross-site scripting
2021/06/23 JVN#95292458:
Multiple cross-site scripting vulnerabilities in EC-CUBE
2021/06/23 JVN#63066062:
WordPress Plugin "WordPress Popular Posts" vulnerable to cross-site scripting
2021/06/22 JVN#93799513:
WordPress plugin "Fudousan plugin" series vulnerable to cross-site scripting
2021/06/22 JVN#29949691:
Inkdrop vulnerable to OS command injection
2021/06/18 JVN#21298724:
Hitachi Virtual File Platform vulnerable to OS command injection
2021/06/17 JVN#03776901:
Hitachi Application Server Help vulnerable cross-site scripting
2021/06/15 JVN#57524494:
Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE
2021/06/15 JVN#79254445:[Critical]
Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting
2021/06/14 JVN#95457785:
Multiple vulnerabilities in GROWI
2021/06/14 JVN#38034268:
あすけん App for Android fails to restrict custom URL schemes properly
2021/06/11 JVN#70566757:
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
2021/06/03 JVN#64064138:
ATOM - Smart life App vulnerable to improper server certificate verification
2021/06/02 JVN#91691168:
goo blog App fails to restrict custom URL schemes properly
2021/05/26 JVN#98239374:
Zettlr vulnerable to cross-site scripting
2021/05/21 JVN#53910556:
Multiple cross-site scripting vulnerabilities in multiple PHP Factory products
2021/05/21 JVN#78254777:
Installer of Overwolf may insecurely load Dynamic Link Libraries
2021/05/21 JVN#74686032:
QND vulnerable to privilege escalation
2021/05/21 JVN#65733194:
The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries
2021/05/14 JVN#49704918:
mod_auth_openidc vulnerable to denial-of-service (DoS)
2021/05/14 JVN#71263107:
Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points
2021/05/13 JVN#34232719:
Multiple vulnerabilities in KonaWiki2
2021/05/13 JVN#13076220:
RFNTPS vulnerable to OS command injection
2021/05/10 JVN#97554111:[Critical]
EC-CUBE vulnerable to cross-site scripting
2021/04/27 JVN#35240327:
WordPress plugin "WP Fastest Cache" vulnerable to directory traversal
2021/04/27 JVN#97434260:
Hot Pepper Gourmet App fails to restrict access permissions
2021/04/22 JVN#55833077:[Unreachable]
yappa-ng vulnerable to cross-site scripting
2021/04/14 JVN#54025691:
Gurunavi Apps fail to restrict access permissions
2021/04/09 JVN#29739718:
Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP
2021/04/09 JVN#67456944:
Multiple vulnerabilities in multiple Aterm products
2021/04/01 JVN#73236007:
Archive collectively operation utility vulnerable to directory traversal
2021/03/26 JVN#64869876:
Multiple vulnerabilities in baserCMS
2021/03/25 JVN#68244135:[Unreachable]
rNote vulnerable to cross-site scripting
2021/03/25 JVN#94705238:[Unreachable]
Yomi-Search vulnerable to cross-site scripting
2021/03/25 JVN#83042295:[Unreachable]
Yomi-Search vulnerable to cross-site scripting
2021/03/25 JVN#37179202:[Unreachable]
Yomi-Search vulnerable to cross-site scripting
2021/03/25 JVN#93207949:[Unreachable]
Click Ranker vulnerable to cross-site scripting
2021/03/25 JVN#11438679:[Unreachable]
Kagemai vulnerable to cross-site request forgery
2021/03/25 JVN#42220311:[Unreachable]
Kagemai vulnerable to cross-site scripting
2021/03/25 JVN#12559271:[Unreachable]
Kagemai vulnerable to cross-site scripting
2021/03/25 JVN#97370614:[Unreachable]
MagazinegerZ vulnerable to cross-site scripting
2021/03/22 JVN#12737530:
UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS)
2021/03/19 JVN#37607293:
Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS)
2021/03/17 JVN#08191557:
WordPress plugin "Paid Memberships Pro" vulnerable to SQL injection
2021/03/15 JVN#45797538:
Multiple vulnerabilities in Cybozu Office
2021/03/12 JVN#47497535:
M-System DL8 contains multiple vulnerabilities
2021/03/11 JVN#18056666:
Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries
2021/03/10 JVN#86438134:
Multiple cross-site scripting vulnerabilities in GROWI
2021/03/05 JVN#68418039:
The installers of E START products may insecurely load Dynamic Link Libraries
2021/02/24 JVN#66542874:
Multiple cross-site scripting vulnerabilities in Movable Type
2021/02/19 JVN#37417423:
Multiple vulnerabilities in SolarView Compact
2021/02/16 JVN#58774946:[Critical]
FileZen vulnerable to OS command injection
2021/02/15 JVN#87164507:
Calsos CSDJ fails to restrict access permissions
2021/02/10 JVN#80785288:
Wekan vulnerable to cross-site scripting
2021/02/05 JVN#50470170:
WordPress Plugin "Name Directory" vulnerable to cross-site request forgery
2021/02/04 JVN#42252698:
Panasonic Video Insight VMS vulnerable to arbitrary code execution
2021/01/27 JVN#41853173:
OS command injection vulnerability in multiple Infoscience Corporation log management tools
2021/01/26 JVN#96783542:
Multiple vulnerabilities in multiple LOGITEC products
2021/01/26 JVN#98115035:
Android App "ELECOM File Manager" vulnerable to directory traversal
2021/01/26 JVN#47580234:
Multiple vulnerabilities in multiple ELECOM products
2021/01/22 JVN#38248512:
Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
2021/01/19 JVN#57544707:
GROWI vulnerable to cross-site scripting
2021/01/14 JVN#35906450:
Multiple vulnerabilities in acmailer
2021/01/12 JVN#69635538:
The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries
2021/01/04 JVN#38752718:
Multiple NEC Products vulnerable to authentication bypass
2021/01/04 JVN#38784555:
Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series

2020

2020/12/18 JVN#10100024:
Management software for NEC Storage disk array system vulnerable to improper server certificate verification
2020/12/18 JVN#94244575:
Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
2020/12/15 JVN#94169589:
Multiple vulnerabilities in GROWI
2020/12/11 JVN#55917325:
Multiple vulnerabilities in Aterm SA3500G
2020/12/11 JVN#43969166:
Apache Struts 2 vulnerable to remote code execution (S2-061)
2020/12/10 JVN#12884935:
FileZen vulnerable to directory traversal
2020/12/07 JVN#59779918:
Apache Cordova Plugin camera vulnerable to information exposure
2020/12/03 JVN#24457594:
Multiple vulnerabilities in EC-CUBE
2020/12/03 JVN#42199826:
desknet's NEO vulnerable to cross-site scripting
2020/11/25 JVN#56450373:
Multiple vulnerabilities in GROWI
2020/11/24 JVN#27806339:
NETGEAR GS108Ev3 vulnerable to cross-site request forgery
2020/11/20 JVN#26835001:
The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
2020/11/19 JVN#90729322:
Hibernate ORM vulnerable to SQL injection
2020/11/18 JVN#94245475:
Movable Type Premium vulnerable to cross-site scripting
2020/11/12 JVN#44764844:
MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption
2020/11/05 JVN#00414047:
Studyplus App uses a hard-coded API key for an external service
2020/11/04 JVN#57942454:
Cybozu Garoon vulnerable to improper input validation
2020/10/21 JVN#31425618:
Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"
2020/10/14 JVN#92404841:
WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery
2020/10/05 JVN#82892096:
OS command injection vulnerability in multiple ELECOM LAN routers
2020/09/30 JVN#07426151:
InfoCage SiteShell installs their files with improper access permissions
2020/09/23 JVN#60093979:
Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
2020/09/17 JVN#31864411:
Multiple access restriction bypass vulnerabilities in UNIQLO App
2020/09/11 JVN#09166495:
Multiple vulnerabilities in Buffalo AirStation WHR-G54S
2020/09/07 JVN#32396594:
Yodobashi App for Android fails to restrict access permissions
2020/08/31 JVN#06446084:
CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)
2020/08/31 JVN#42665874:
"Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
2020/08/28 JVN#29903998:
Multiple NETGEAR switching hubs vulnerable to cross-site request forgery
2020/08/27 JVN#40725650:
Multiple vulnerabilities in XOOPS module "XooNIps"
2020/08/26 JVN#77402327:
NITORI App fails to restrict access permissions
2020/08/25 JVN#50890770:
Apache Struts 2 vulnerable to denial-of-service (DoS)
2020/08/21 JVN#88315581:
Multiple cross-site scripting vulnerabilities in Exment
2020/08/11 JVN#46258789:
Multiple vulnerabilities in CyberMail
2020/08/03 JVN#25422698:[Critical]
SKYSEA Client View vulnerable to privilege escalation
2020/07/31 JVN#73169744:
Multiple vulnerabilities in multiple PHP Factory products
2020/07/31 JVN#84959128:
FANUC i Series CNC vulnerable to denial-of-service (DoS)
2020/07/29 JVN#40400577:
TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow
2020/07/28 JVN#48194211:
Multiple vulnerabilities in KonaWiki2 and KonaWiki3
2020/07/28 JVN#62161191:
JavaFX WebEngine does not properly restrict Java method execution
2020/07/22 JVN#05502028:
WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery
2020/07/09 JVN#55657988:
SHIRASAGI vulnerable to open redirect
2020/07/08 JVN#93167107:
Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object
2020/06/29 JVN#55497111:
Multiple vulnerabilities in Cybozu Garoon
2020/06/24 JVN#40039627:
Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution
2020/06/18 JVN#77458946:
EC-CUBE vulnerable to directory traversal
2020/06/11 JVN#32252648:
Multiple vulnerabilities in Zenphoto
2020/06/09 JVN#67447798:
Multiple SONY Wireless Headphones allow improper Bluetooth pairing
2020/06/05 JVN#40208370:
XACK DNS vulnerable to denial-of-service (DoS)
2020/05/29 JVN#78745667:
Multiples security updates for multiple Cybozu products
2020/05/25 JVN#59552136:
Cybozu Desktop for Windows vulenerable to arbitrary code execution
2020/05/19 JVN#20248858:
WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection
2020/05/19 JVN#96646182:
Panasonic Video Insight VMS vulnerable to arbitrary code execution
2020/05/13 JVN#41035278:
BookStack vulnerable to cross-site scripting
2020/05/13 JVN#28806943:
Multiple vulnerabilities in Movable Type
2020/05/11 JVN#61849442:
PALLET CONTROL vulnerable to arbitrary code execution
2020/04/28 JVN#47668991:
Sales Force Assistant vulnerable to cross-site scripting
2020/04/27 JVN#35649781:
Multiple vulnerabilities in Cybozu Garoon
2020/04/23 JVN#93064451:
Multiple SHARP Android devices vulnerable to information disclosure
2020/04/20 JVN#13467854:
Toshiba Electronic Devices & Storage software registers unquoted service paths
2020/04/08 JVN#89224521:
Multiple vulnerabilities in EasyBlocks IPv6
2020/04/07 JVN#56890693:
Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads
2020/03/31 JVN#38732359:
Multiple Yamaha network devices vulnerable to denial-of-service (DoS)
2020/03/24 JVN#88277644:[Unreachable]
Keijiban Tsumiki vulenrable to OS command injection
2020/03/24 JVN#27951364:[Unreachable]
WL-Enq (WEB Enquete) vulnerable to OS command injection
2020/03/24 JVN#88033799:[Unreachable]
WL-Enq (WEB Enquete) vulnerable to cross-site scripting
2020/03/24 JVN#58176087:[Unreachable]
Cute News vulnerable to PHP code execution
2020/03/24 JVN#29095127:[Unreachable]
CuteNews vulnerable to cross-site scripting
2020/03/24 JVN#63834780:[Unreachable]
Shihonkanri Plus GOOUT vulnerable to OS command injection
2020/03/24 JVN#32415420:[Unreachable]
Multiple vulnerabiliteis in Shihonkanri Plus GOOUT
2020/03/24 JVN#77634892:[Unreachable]
mailform vulnerable to PHP code execution
2020/03/24 JVN#85942151:[Unreachable]
mailform vulnerable to cross-site scripting
2020/03/03 JVN#19666251:
Multiple vulnerabilities in OpenBlocks IoT VX2
2020/03/02 JVN#73472345:
GRANDIT vulnerable to session management
2020/02/25 JVN#15697526:
Privilege escalation vulnerability in multiple RICOH printer drivers
2020/02/25 JVN#52962201:
Multiple vulnerabilities in RICOH printers
2020/02/19 JVN#25766797:
Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS
2020/02/19 JVN#49410695:
Multiple vulnerabilities in Aterm WG2600HS
2020/02/18 JVN#89259622:
WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery
2020/02/14 JVN#35496038:
ilbo App vulnerable to authentication bypass
2020/02/14 JVN#02921757:
Multiple Trend Micro products vulnerable to denial-of-service (DoS)
2020/02/10 JVN#34535327:
HtmlUnit vulenerable to arbitrary code execution
2020/02/06 JVN#94435544:
Movable Type vulnerable to cross-site scripting
2020/02/05 JVN#52486659:
Ghostscript access restriction bypass vulnerability
2020/01/31 JVN#00014057:
AWMS Mobile App vulnerable to improper server certificate verification
2020/01/28 JVN#28845872:
Android App "MyPallete" vulnerable to improper server certificate verification
2020/01/21 JVN#66435380:
Multiple Fuji Xerox mobile applications fails to verify SSL server certificates
2020/01/17 JVN#37183636:
Trend Micro Password Manager vulnerable to information disclosure
2020/01/17 JVN#49593434:
Trend Micro Password Manager vulnerable to information disclosure
2020/01/10 JVN#07375820:
Junos OS vulnerable to directory traversal
2020/01/10 JVN#21753370:
Junos OS vulnerable to cross-site scripting
2020/01/08 JVN#97325754:
F-RevoCRM vulnerable to cross-site scripting

2019

2019/12/20 JVN#10377257:
Multiple vulnerabilities in a-blog cms
2019/12/19 JVN#01236065:
Android App "NTV News24" fails to verify SSL server certificates
2019/12/17 JVN#79854355:
Multiple vulnerabilities in Cybozu Office
2019/12/12 JVN#26847507:
Multiple vulnerabilities in "Custom Body Class"
2019/12/12 JVN#57070811:
Athenz vulnerable to open redirect
2019/12/10 JVN#63047298:
Kinza vulnerable to cross-site scripting
2019/12/02 JVN#49068796:
Multiple MOTEX products vulnerable to privilege escalation
2019/11/26 JVN#19386781:
STAMP Workbench installer may insecurely load Dynamic Link Libraries
2019/11/26 JVN#26838191:
WordPress Plugin "WP Spell Check" vulnerable to cross-site request forgery
2019/11/13 JVN#65280626:
Movable Type vulnerable to open redirect
2019/11/07 JVN#41566067:
Rakuma App vulnerable to authentication information disclosure
2019/10/28 JVN#45633549:
Library Information Management System LIMEDIO vulnerable to open redirect
2019/10/23 JVN#34634458:
PowerCMS vulnerable to open redirect
2019/10/15 JVN#74530672:
NetCommons3 vulnerable to cross-site scripting
2019/10/11 JVN#14776551:
Multiple vulnerabilities in WordPress Plugin "wpDataTables Lite"
2019/10/07 JVN#59436681:
Multiple vulnerabilities in EC-CUBE module "REMISE Payment module (2.11, 2.12 and 2.13)"
2019/10/07 JVN#95875796:
Multiple OS command injection vulnerabilities in DBA-1510P
2019/09/19 JVN#97845465:
Multiple integer overflow vulnerabilities in LINE(Android)
2019/09/13 JVN#11708203:
Multiple buffer overflow vulnerabilities in multiple Ricoh printers and Multifunction Printers (MFPs)
2019/09/12 JVN#39383894:
apng-drawable vulnerable to integer overflow
2019/09/10 JVN#74699196:
SHIRASAGI vulnerable to open redirect
2019/09/02 JVN#93833849:
Panasonic Video Insight VMS vulnerable to SQL injection
2019/08/26 JVN#71877187:
Cybozu Garoon vulnerable to SQL injection
2019/08/23 JVN#17127920:
Smart TV Box fails to restrict access permissions
2019/08/15 JVN#07679150:
ApeosWare Management Suite and ApeosWare Management Suite 2 contain open redirect vulnerability
2019/08/07 JVN#29343839:
EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting
2019/07/31 JVN#94889214:
Central Dogma vulnerable to cross-site scripting
2019/07/18 JVN#92510087:
WordPress Plugin "Category Specific RSS feed Subscription" vulnerable to cross-site request forgery
2019/07/16 JVN#48981892:
WordPress Plugin "WordPress Ultra Simple Paypal Shopping Cart" vulnerable to cross-site request forgery
2019/07/16 JVN#62618482:
Multiple vulnerabilities in Cybozu Garoon
2019/07/10 JVN#75617741:
Intel Dual Band Wireless-AC 8260 vulnerable to denial-of-service (DoS)
2019/07/05 JVN#37230341:
Multiple vulnerabilities in Access analysis CGI An-Analyzer
2019/07/01 JVN#28218613:
The management console of iDoors Reader vulnerable to authentication bypass
2019/06/27 JVN#43172719:
Multiple vulnerabilities in Hikari Denwa router/Home GateWay
2019/06/24 JVN#29933378:
WordPress Plugin "Custom CSS Pro" vulnerable to cross-site request forgery
2019/06/24 JVN#49575131:
WordPress Plugin ”HTML5 Maps” vulnerable to cross-site request forgery
2019/06/21 JVN#13555032:
Multiple vulnerabilities in VAIO Update
2019/06/19 JVN#88804335:
WordPress Plugin "Personalized WooCommerce Cart Page” vulnerable to cross-site request forgery
2019/06/17 JVN#31406910:
WordPress Plugin "Related YouTube Videos" vulnerable to cross-site request forgery
2019/06/13 JVN#89046645:
A map plugin for Minecraft server "Dynmap" fails to restrict access permissions
2019/06/12 JVN#80925867:
WordPress Plugin "Contest Gallery” vulnerable to cross-site request forgery
2019/06/10 JVN#96988995:
Multiple vulnerabilities in WordPress Plugin "Online Lesson Booking"
2019/06/10 JVN#95685939:
Multiple vulnerabilities in WordPress Plugin "Attendance Manager"
2019/06/07 JVN#84876282:
Multiple vulnerabilities in GROWI
2019/06/07 JVN#29188908:
Joruri CMS 2017 vulnerable to cross-site scripting
2019/06/07 JVN#58052567:
Multiple vulnerabilities in Joruri Mail
2019/05/31 JVN#88962935:
Multiple vulnerabilities in WordPress Plugin "Zoho SalesIQ"
2019/05/24 JVN#57806517:
Android App "Tootdon for Mastodon" fails to verify SSL server certificates
2019/05/23 JVN#33652328:
WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery
2019/05/22 JVN#71498764:
Apache Camel vulnerable to XML external entity injection (XXE)
2019/05/10 JVN#69903953:
Electronic reception and examination of application for radio licenses Offline may insecurely load Dynamic Link Libraries
2019/05/10 JVN#91361851:
Installer of Electronic reception and examination of application for radio licenses Online may insecurely load Dynamic Link Libraries
2019/05/10 JVN#87655507:
CREATE SD official App for Android fails to restrict access permissions
2019/04/25 JVN#58849431:
Multiple vulnerabilities in Cybozu Garoon
2019/04/03 JVN#25261088:
GNU Wget vulnerable to buffer overflow
2019/04/01 JVN#01119243:
API server used by JR East Japan train operation information push notification App for Android fails to restrict access permissions
2019/03/27 JVN#63981842:
PowerAct Pro Master Agent for Windows fails to restrict acess permissions
2019/03/19 JVN#60497148:
"an" App for iOS vulnerable to directory traversal
2019/03/15 JVN#06527859:
KinagaCMS vulnerable to cross-site scripting
2019/03/12 JVN#11622218:
iChain Insurance Wallet App for iOS vulnerable to directory traversal
2019/03/05 JVN#40288903:
Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting
2019/02/28 JVN#79543573:
The installer of Microsoft Teams may insecurely load Dynamic Link Libraries
2019/02/28 JVN#97656108:
WordPress plugin "Smart Forms" vulnerable to cross-site request forgery
2019/02/28 JVN#69181574:
Windows 7 may insecurely load Dynamic Link Libraries
2019/02/27 JVN#56542712:
Multiple vulnerabilities in Nablarch
2019/02/26 JVN#83501605:
WordPress plugin "FormCraft" vulnerable to cross-site request forgery
2019/02/20 JVN#05875753:
azure-umqtt-c vulnerable to denial-of-service (DoS)
2019/02/18 JVN#50810870:
Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries
2019/02/12 JVN#40439414:
A vulnerability in V20 PRO L-01J that may cause a crash
2019/02/06 JVN#43193964:
OpenAM (Open Source Edition) vulnerable to open redirect
2019/02/05 JVN#63860183:
POWER EGG vulnerability where EL expression may be executed
2019/01/31 JVN#83826673:
The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries
2019/01/31 JVN#52168232:
UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries
2019/01/24 JVN#98505783:
HOUSE GATE App for iOS vulnerable to directory traversal
2019/01/10 JVN#58010349:
WordPress plugin "spam-byebye" vulnerable to cross-site scripting

2018

2018/12/26 JVN#96493183:
GROWI vulnerable to cross-site scripting
2018/12/25 JVN#33677949:
Installer of Mapping Tool may insecurely load Dynamic Link Libraries
2018/12/25 JVN#27052429:
WordPress plugin "Google XML Sitemaps" vulnerable to cross-site scripting
2018/12/21 JVN#13199224:
PgpoolAdmin fails to restrict access permissions
2018/12/21 JVN#69812763:
cordova-plugin-ionic-webview vulnerable to path traversal
2018/12/19 JVN#99810718:
Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway
2018/12/14 JVN#87535892:
Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR
2018/12/10 JVN#25385698:
Cybozu Garoon access restriction bypass vulnerability
2018/12/10 JVN#23161885:
Multiple vulnerabilities in Cybozu Remote Service
2018/12/07 JVN#32155106:
Multiple vulnerabilities in i-FILTER
2018/12/06 JVN#89767228:
Multiple vulnerabilities in multiple SEIKO EPSON printers and scanners
2018/11/29 JVN#36895151:
Panasonic applications register unquoted service paths
2018/11/28 JVN#25359688:
EC-CUBE vulnerable to open redirect
2018/11/28 JVN#78422300:
The installer of MARKET SPEED may insecurely load Dynamic Link Libraries
2018/11/27 JVN#55263945:
Multiple vulnerabilities in RICOH Interactive Whiteboard
2018/11/20 JVN#65082538:
Multiple vulnerabilities in Panasonic BN-SDWBP3
2018/11/14 JVN#16697622:
Cybozu Dezie vulnerable to directory traversal
2018/11/14 JVN#15232217:
Multiple directory traversal vulnerabilities in Cybozu Office
2018/11/14 JVN#83739174:
Cybozu Mailwise vulnerable to directory traversal
2018/11/09 JVN#85760090:
Multiple vulnerabilities in WordPress plugin "LearnPress"
2018/11/09 JVN#15709478:
The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries
2018/11/02 JVN#75738023:
WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting
2018/11/02 JVN#96551318:
Mail app for iOS vulnerable to denial-of-service (DoS)
2018/10/29 JVN#37943805:
Confluence Server vulnerable to script injection
2018/10/26 JVN#59394343:
Multiple vulnerabilities in OpenDolphin
2018/10/24 JVN#21528670:
SecureCore Standard Edition vulnerable to authentication bypass
2018/10/24 JVN#60702986:
BlueStacks App Player fails to restrict access permissions
2018/10/19 JVN#58005743:
Web Isolation vulnerable to cross-site scripting
2018/10/19 JVN#36343375:
Multiple vulnerabilities in YukiWiki
2018/10/15 JVN#95355683:[Critical]
Multiple vulnerabilities in FileZen
2018/10/12 JVN#49995005:
OpenAM (Open Source Edition) vulnerable to session management
2018/10/11 JVN#14323043:
Metabase vulnerable to cross-site scripting
2018/10/09 JVN#73794686:
User-friendly SVN vulnerable to cross-site scripting
2018/10/09 JVN#36623716:
Music Center for PC improperly verifies software update files
2018/10/04 JVN#00344155:
Multiple vulnerabilities in Denbun
2018/10/03 JVN#77885134:
The installer of Baidu Browser may insecurely load Dynamic Link Libraries
2018/09/27 JVN#37288228:
+Message App fails to verify SSL server certificates
2018/09/13 JVN#68528150:
Multiple FXC network devices vulnerable to cross-site scripting
2018/09/10 JVN#12583112:
Cybozu Garoon vulnerable to directory traversal
2018/09/07 JVN#59624986:
Multiple vulnerabilities in INplc
2018/08/31 JVN#02037158:
AttacheCase vulnerable to arbitrary script execution
2018/08/31 JVN#63556416:
QNAP Photo Station vulnerable to cross-site scripting
2018/08/30 JVN#89550319:
Movable Type vulnerable to cross-site scripting
2018/08/29 JVN#69967692:
Multiple script injection vulnerabilities in multiple Yamaha network devices
2018/08/21 JVN#75700242:
The installer of Digital Paper App may insecurely load Dynamic Link Libraries
2018/08/17 JVN#14451678:
NoMachine App for Android vulnerable to environment variables alteration
2018/08/09 JVN#06372244:
Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE
2018/08/07 JVN#83701666:
Multiple vulnerabilities in multiple I-O DATA network camera products
2018/08/06 JVN#62121133:
Multiple directory traversal vulnerabilities in AttacheCase
2018/08/03 JVN#18716340:
Multiple cross-site scripting vulnerabilities in GROWI
2018/07/26 JVN#16933564:
LINE MUSIC for Android fails to verify SSL server certificates
2018/07/24 JVN#41452671:
The installers of multiple Canon IT Solutions Inc. software programs may insecurely load Dynamic Link Libraries
2018/07/23 JVN#39171169:
Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries
2018/07/20 JVN#06813756:
DLL planting vulnerability in multiple Yayoi 17 Series products
2018/07/20 JVN#71329812:
WL-330NUL vulnerable to cross-site request forgery
2018/07/18 JVN#37376131:
Multiple vulnerabilities in ORCA(Online Receipt Computer Advantage)
2018/07/18 JVN#62423700:
Movable Type plugin MTAppjQuery vulnerable to PHP code execution
2018/07/17 JVN#70246549:
WordPress plugin "FV Flowplayer Video Player" vulnerable to cross-site scripting
2018/07/13 JVN#55813866:
Explzh vulnerable to directory traversal
2018/07/12 JVN#84825660:
Multiple vulnerabilities in Aterm HC100RC
2018/07/12 JVN#26629618:
Multiple vulnerabilities in Aterm W300P
2018/07/12 JVN#00401783:
Multiple OS command injection vulnerabilities in Aterm WG1200HP
2018/07/06 JVN#52574492:
The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries
2018/07/06 JVN#77409513:
DHC Online Shop App for Android fails to verify SSL server certificates
2018/07/03 JVN#84967039:
Installer of Glary Utilities may insecurely load Dynamic Link Libraries
2018/07/02 JVN#13415512:
Cybozu Garoon vulnerable to SQL injection
2018/07/02 JVN#63895206:
Multiple vulnerabilities in Calsos CSDX and CSDJ series products
2018/06/28 JVN#00846677:
Mailman vulnerable to cross-site scripting
2018/06/27 JVN#58362455:
MemoCGI vulnerable to directory traversal
2018/06/15 JVN#71535108:
ANA App for iOS fails to verify SSL server certificates
2018/06/15 JVN#98975951:
Chrome Extension "5000 trillion yen converter" vulnerable to cross-site scripting
2018/06/13 JVN#33124193:
Local File Inclusion vulnerability in Zenphoto
2018/06/12 JVN#92265618:
LINE for Windows may insecurely load Dynamic Link Libraries
2018/06/04 JVN#93226941:
H2O vulnerable to buffer overflow
2018/05/31 JVN#27978559:
Multiple vulnerabilities in Pixelpost
2018/05/29 JVN#20040004:
The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely invoke an executable file
2018/05/28 JVN#60978548:
WordPress plugin "Site Reviews" vulnerable to cross-site scripting
2018/05/28 JVN#16471686:
WordPress plugin "Email Subscribers & Newsletters" vulnerable to cross-site scripting
2018/05/24 JVN#13940333:
The installer of PlayMemories Home for Windows may insecurely load Dynamic Link Libraries
2018/05/24 JVN#79301396:
Susie plug-in "axpdfium" may insecurely load Dynamic Link Libraries
2018/05/22 JVN#67881316:
Multiple vulnerabilities in baserCMS
2018/05/22 JVN#52319657:
Multiple cross-site scripting vulnerabilities in Cybozu Mailwise
2018/05/22 JVN#51737843:
Multiple vulnerabilities in Cybozu Office
2018/05/21 JVN#96954395:
Nessus vulnerable to cross-site scripting
2018/05/17 JVN#81196185:
The installer of Visual C++ Redistributable may insecurely load Dynamic Link Libraries
2018/05/17 JVN#72748502:
Self-Extracting Archive files created by IExpress may insecurely load Dynamic Link Libraries
2018/05/17 JVN#91151862:
Multiple Microsoft Windows applications and installers may insecurely load Dynamic Link Libraries
2018/05/11 JVN#83671755:
KINEPASS App fails to verify SSL server certificates
2018/05/11 JVN#27137002:
IIJ SmartKey App for Android vulnerable to authentication bypass
2018/05/10 JVN#28804532:
Multiple vulnerabilities in WordPress plugin "Ultimate Member"
2018/05/09 JVN#34562916:
RT-AC1200HP vulnerable to cross-site scripting
2018/05/09 JVN#73742314:
RT-AC68U vulnerable to cross-site scripting
2018/05/09 JVN#33901663:
RT-AC87U vulnerable to cross-site scripting
2018/04/27 JVN#08386386:
WordPress plugin "Open Graph for Facebook, Google+ and Twitter Card Tags" vulnerable to cross-site scripting
2018/04/27 JVN#61081552:
WordPress plugin "PixelYourSite" vulnerable to cross-site scripting
2018/04/27 JVN#01040170:
WordPress plugin "WP Google Map Plugin" vulnerable to cross-site scripting
2018/04/27 JVN#85531148:
WordPress plugin "Events Manager" vulnerable to cross-site scripting
2018/04/27 JVN#68345747:
The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries
2018/04/26 JVN#95589314:
Joruri Gw vulnerable to arbitrary file upload
2018/04/17 JVN#52695336:
EC-CUBE vulnerable to session fixation
2018/04/13 JVN#85056623:
Installer of SoundEngine Free may insecurely load Dynamic Link Libraries
2018/04/12 JVN#92220486:
The installer of PhishWall Client Internet Explorer edition may insecurely load Dynamic Link Libraries
2018/04/12 JVN#71255137:
Tenable Appliance vulnerable to cross-site scripting
2018/04/10 JVN#77753476:
Hatena Bookmark App for iOS contains an address bar spoofing vulnerability
2018/04/09 JVN#65268217:
Multiple vulnerabilities in Cybozu Garoon
2018/03/30 JVN#01161596:
Safari vulnerable to script injection
2018/03/29 JVN#72589538:
LXR vulnerable to OS command injection
2018/03/29 JVN#93397125:
Multiple vulnerabilities in WZR-1750DHP2
2018/03/27 JVN#43382653:
iRemoconWiFi App for Android fails to verify SSL server certificates
2018/03/15 JVN#39896275:
The installer of PhishWall Client Firefox and Chrome edition for Windows may insecurely load Dynamic Link Libraries
2018/03/13 JVN#87226910:[Unreachable]
WebProxy vulnerable to directory traversal
2018/03/13 JVN#22536871:[Unreachable]
QQQ SYSTEMS vulnerable to arbitrary command injection
2018/03/13 JVN#92259864:[Unreachable]
TinyFTP Daemon vulnerable to buffer overflow
2018/03/13 JVN#56764650:[Unreachable]
ViX may insecurely load Dynamic Link Libraries
2018/03/13 JVN#48774168:[Unreachable]
PHP 2chBBS vulnerable to cross-site scripting
2018/03/13 JVN#46471407:[Unreachable]
QQQ SYSTEMS vulnerable to cross-site scripting
2018/03/13 JVN#96655441:[Unreachable]
QQQ SYSTEMS vulnerable to cross-site scripting
2018/03/13 JVN#64990648:[Unreachable]
QQQ SYSTEMS vulnerable to cross-site scripting
2018/03/13 JVN#30864198:[Unreachable]
ArsenoL vulnerable to cross-site scripting
2018/03/09 JVN#15201064:
Multiple vulnerabilities in CG-WGR1200
2018/03/08 JVN#60032768:
WordPress plugin "WP All Import" vulnerable to cross-site scripting
2018/03/08 JVN#33527174:
WordPress plugin "WP All Import" vulnerable to cross-site scripting
2018/03/05 JVN#01837169:
Installer of WinShot may insecurely load Dynamic Link Libraries
2018/03/05 JVN#71816327:
Installer of JTrim may insecurely load Dynamic Link Libraries
2018/03/02 JVN#56132776:
Multiple vulnerabilities in Jubatus
2018/02/26 JVN#97144273:
Multiple vulnerabilities in WXR-1900DHP2
2018/02/20 JVN#75453852:
LINE for iOS fails to verify SSL server certificates
2018/02/20 JVN#83834277:
Multiple vulnerabilities in FS010W
2018/02/15 JVN#28865183:
Insecure DLL Loading issue in multiple Trend Micro products
2018/02/13 JVN#87403477:
Application and self-extracting archive containing the application of "FLET'S v4 / v6 address selection tool" may insecurely load Dynamic Link Libraries
2018/02/13 JVN#04564808:
Installer of ”FLET'S Azukeru Backup Tool” may insecurely load Dynamic Link Libraries
2018/02/08 JVN#15462187:
MP Form Mail CGI eCommerce Edition vulnerable to OS command injection
2018/02/06 JVN#70615027:
The installer of Anshin net security for Windows may insecurely load Dynamic Link Libraries
2018/02/06 JVN#36048131:
Multiple I-O DATA network devices incorporating "MagicalFinder" vulnerable to OS command injection
2018/02/02 JVN#99312352:
WordPress plugin "MTS Simple Booking C" vulnerable to cross-site scripting
2018/02/02 JVN#15643848:
Spring Security and Spring Framework vulnerable to authentication bypass
2018/02/01 JVN#91393903:
Multiple vulnerabilities in epg search result viewer(kkcald)
2018/01/30 JVN#30636823:
WordPress plugin "WP Retina 2x" vulnerable to cross-site scripting
2018/01/22 JVN#26255241:
The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely load Dynamic Link Libraries
2018/01/19 JVN#10103841:
Nootka App for Android vulnerable to OS command injection
2018/01/19 JVN#26200083:
GroupSession vulnerable to open redirect
2018/01/11 JVN#57842148:
Lhaplus vulnerable to improper verification when expanding ZIP64 archives

2017

2017/12/25 JVN#45494523:
MQTT.js issue in handling PUBLISH packets
2017/12/22 JVN#60695371:
The installer of Music Center for PC may insecurely load Dynamic Link Libraries
2017/12/22 JVN#95423049:
The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries
2017/12/19 JVN#93333702:
OneThird CMS vulnerable to directory traversal
2017/12/18 JVN#84182676:
Multiple vulnerabilities in H2O
2017/12/11 JVN#27342829:
Qt for Android environment variables alteration
2017/12/11 JVN#67389262:
Qt for Android vulnerable to OS command injection
2017/12/06 JVN#30352845:
The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries
2017/12/01 JVN#65994435:
Multiple vulnerabilities in multiple Buffalo broadband routers
2017/11/30 JVN#78501037:
Movable Type plugin A-Member and A-Reserve vulnerable to SQL injection
2017/11/30 JVN#98295787:
Multiple vulnerabilities in Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1
2017/11/29 JVN#71291160:
StreamRelay.net.exe and sDNSProxy.exe vulnerable to denial-of-service (DoS)
2017/11/22 JVN#73141967:
PWR-Q200 vulnerable to DNS cache poisoning attacks
2017/11/21 JVN#08517069:
The installer of Media Go and Music Center for PC may insecurely load Dynamic Link Libraries
2017/11/16 JVN#76382932:
Robotic appliance COCOROBO vulnerable to session management
2017/11/14 JVN#05398317:
WordPress plugin "TablePress" vulnerable to improper restriction of XML external entity (XXE) references
2017/11/14 JVN#18420340:
Multiple vulnerabilities in BOOK WALKER for Windows/Mac
2017/11/13 JVN#29602086:
CS-Cart Japanese Edition vulnerable to cross-site scripting
2017/11/09 JVN#71284826:
Installer of HYPER SBI may insecurely load Dynamic Link Libraries
2017/11/06 JVN#23367475:
Wi-Fi STATION L-02F vulnerable to buffer overflow
2017/11/06 JVN#87886530:
I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)
2017/11/02 JVN#97243511:
Installer of ”Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries
2017/11/01 JVN#79546124:
OpenAM (Open Source Edition) vulnerable to authentication bypass
2017/10/17 JVN#54795166:
Home unit KX-HJB1000 contains multiple vulnerabilities
2017/10/11 JVN#94056834:
Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files
2017/10/11 JVN#55516206:
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
2017/10/11 JVN#58909026:
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
2017/10/11 JVN#14658424:
Cybozu Office fails to restrict access permissions
2017/09/14 JVN#75929834:
Install program and Installer of i-フィルター 6.0 may insecurely load Dynamic Link Libraries and invoke executable files
2017/09/12 JVN#03044183:
Wi-Fi STATION L-02F fails to restrict access permissions
2017/09/12 JVN#68922465:
Backdoor access issue in Wi-Fi STATION L-02F
2017/09/11 JVN#76692689:
SEIL Series routers vulnerable to denial-of-service (DoS)
2017/09/11 JVN#57205588:
Installer of FENCE-Explorer may insecurely load Dynamic Link Libraries and invoke executable files
2017/09/08 JVN#00719891:
Multiple vulnerabilities in CG-WLR300NM
2017/08/31 JVN#09769017:
Multiple Fuji Xerox products may insecurely load Dynamic Link Libraries
2017/08/30 JVN#26115441:
Installer of ”Remote Support Tool (Enkaku Support Tool)” may insecurely load Dynamic Link Libraries
2017/08/25 JVN#22272314:
Installer of "Flets Setsuzoku Tool" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#36303528:
Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#14926025:
Installer of ”Flets Install Tool” may insecurely load Dynamic Link Libraries
2017/08/25 JVN#14658714:
Installer of "Flets Azukeru for Windows Auto Backup Tool" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#11601216:
Installer of "Security Kinou Mihariban" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#87540575:
Installer of Optimal Guard may insecurely load Dynamic Link Libraries
2017/08/25 JVN#78151490:
Multiple vulnerabilities in baserCMS
2017/08/24 JVN#58559719:
WordPress plugin "BackupGuard" vulnerable to cross-site scripting
2017/08/24 JVN#39628662:
Multiple vulnerabilities in SEO Panel
2017/08/24 JVN#23340457:
Multiple vulnerabilities in WebCalendar
2017/08/23 JVN#30866130:
The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries
2017/08/23 JVN#87410770:
Multiple vulnerabilities in "Dokodemo eye Smart HD" SCR02HD
2017/08/22 JVN#67954465:
Installer of Photo Collection PC Software provided by NTT DOCOMO, INC. may insecurely load Dynamic Link Libraries and invoke executable files
2017/08/21 JVN#63564682:
Multiple vulnerabilities in Cybozu Garoon
2017/08/18 JVN#18641169:
Installer and self-extracting archive containing the installer of TDB CA TypeA use software may insecurely load Dynamic Link Libraries
2017/08/17 JVN#23546631:
Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
2017/08/17 JVN#71104430:
Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
2017/08/17 JVN#73559859:
Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program may insecurely load Dynamic Link Libraries
2017/08/17 JVN#53292345:
Teikihoukokusho Sakuseishien Tool may insecurely load Dynamic Link Libraries
2017/08/08 JVN#81659403:
Installer of Qua station connection tool for Windows may insecurely load Dynamic Link Libraries
2017/08/08 JVN#74871939:
WSR-300HP vulnerable to arbitrary code execution
2017/08/08 JVN#05340005:
WCR-1166DS vulnerable to OS command injection
2017/08/03 JVN#86724730:
Installer of IP Messenger may insecurely load Dynamic Link Libraries
2017/08/03 JVN#17788774:
Installer of Baidu IME may insecurely load Dynamic Link Libraries
2017/07/27 JVN#74554973:
Installer of LhaForge may insecurely load Dynamic Link Libraries
2017/07/27 JVN#33797604:
NFC Port Software remover may insecurely load Dynamic Link Libraries
2017/07/27 JVN#16136413:
Installers of Sony PaSoRi related software may insecurely load Dynamic Link Libraries
2017/07/27 JVN#51410509:
I-O DATA WN-G300R31 uses hard-coded credentials
2017/07/27 JVN#01312667:
Multiple vulnerabilities in I-O DATA WN-AX1167GR
2017/07/24 JVN#17523256:
Installer of Tween may insecurely load Dynamic Link Libraries
2017/07/24 JVN#24238648:
RBB SPEED TEST App fails to verify SSL server certificates
2017/07/24 JVN#31459091:
WordPress plugin "Simple Custom CSS and JS" vulnerable to cross-site scripting
2017/07/24 JVN#92921024:
WordPress plugin "Popup Maker" vulnerable to cross-site scripting
2017/07/24 JVN#74247807:
Multiple cross-site scripting vulnerabilities in ScreenOS
2017/07/20 JVN#48413726:
Multiple vulnerabilities in multiple Buffalo wireless LAN routers
2017/07/20 JVN#48823557:
Multiple Buffalo wireless LAN access point devices do not properly perform authentication
2017/07/19 JVN#77412145:
SONY Portable Wireless Server WG-C10 fails to restrict access permissions
2017/07/19 JVN#14151222:
Multiple vulnerabilities SONY Portable Wireless Server WG-C10
2017/07/14 JVN#61502349:
Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries
2017/07/13 JVN#42031953:
FileCapsule Deluxe Portable and Encrypted Files in Self-Decryption Format created by FileCapsule Deluxe Portable may insecurely load Dynamic Link Libraries
2017/07/12 JVN#02852421:
Installer of Yahoo! Toolbar (for Internet explorer) may insecurely load Dynamic Link Libraries
2017/07/11 JVN#81676004:
Installers of Mozilla Firefox and Thunderbird for Windows may insecurely load Dynamic Link Libraries
2017/07/10 JVN#29939155:
Self-Extracting Archives created by File Compact may insecurely load Dynamic Link Libraries
2017/07/07 JVN#21627267:
Microsoft IME may insecurely load Dynamic Link Libraries
2017/07/07 JVN#21369452:
Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries
2017/07/06 JVN#63249051:
WordPress plugin "Shortcodes Ultimate" vulnerable to directory traversal
2017/07/04 JVN#39819446:
WordPress plugin "Responsive Lightbox" vulnerable to cross-site scripting
2017/07/04 JVN#20409270:
Installer of Douroshisetu Kihon Data Sakusei System may insecurely load Dynamic Link Libraries
2017/07/04 JVN#82120115:
Installer of Douro Kouji Kanseizutou Check Program may insecurely load Dynamic Link Libraries
2017/07/04 JVN#95996423:
MFC-J960DWN vulnerable to cross-site request forgery
2017/07/03 JVN#06337557:
Installer and self-extracting archive containing the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system may insecurely load Dynamic Link Libraries
2017/07/03 JVN#43534286:
Multiple vulnerabilities in Cybozu Garoon
2017/06/30 JVN#45134765:
Installer of PDF Digital Signature Plugin provided by the Ministry of Justice may insecurely load Dynamic Link Libraries
2017/06/30 JVN#23389212:
Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice may insecurely load Dynamic Link Libraries
2017/06/28 JVN#79451345:
Installer of Setup file of advance preparation for e-Tax software (WEB version) may insecurely load Dynamic Link Libraries
2017/06/28 JVN#21174546:
Marp vulnerable to improper access control in JavaScript execution
2017/06/27 JVN#85901441:
Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway
2017/06/26 JVN#01775119:
Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries
2017/06/23 JVN#09293613:
Installer of Charamin OMP may insecurely load Dynamic Link Libraries
2017/06/20 JVN#24348065:
Multiple vulnerabilities in HOME SPOT CUBE2
2017/06/20 JVN#73550134:
WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting
2017/06/20 JVN#65411235:
Multiple I-O DATA network camera products vulnerable to cross-site request forgery
2017/06/15 JVN#56787058:
WordPress plugin "WP Job Manager" fails to restrict access permissions
2017/06/13 JVN#94771799:
Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries
2017/06/13 JVN#79738260:
Multiple vulnerabilities in WordPress plugin "WordPress Download Manager"
2017/06/13 JVN#25078144:
Source code security studying tool iCodeChecker vulnerable to cross-site scripting
2017/06/13 JVN#51355647:
WordPress plugin "WP-Members" vulnerable to cross-site scripting
2017/06/12 JVN#27198823:
Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely invoke an executable file
2017/06/12 JVN#56588965:
Cybozu KUNAI for Android vulnerable to cross-site scripting
2017/06/09 JVN#65154137:
Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) may insecurely load Dynamic Link Libraries
2017/06/09 JVN#34508179:
Installer of "Setup file of advance preparation" may insecurely load Dinamic Link Libraries
2017/06/09 JVN#67305782:
Installer of CASL II simulator(self-extract format) may insecurely load Dynamic Link Libraries
2017/06/08 JVN#31236539:
[Simeji for Windows(β)] installer may insecurely load Dynamic Link Libraries
2017/06/08 JVN#52691241:
Multiple installers of the software provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries
2017/06/07 JVN#99737748:
AppCheck may insecurely invoke an executable file
2017/06/06 JVN#01404851:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/06/06 JVN#20870477:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/06/06 JVN#32120290:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to information disclosure
2017/06/06 JVN#80238098:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/06/06 JVN#98617234:
WordPress plugin "Multi Feed Reader" vulnerable to SQL injection
2017/06/05 JVN#24087303:
Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries
2017/06/02 JVN#08020381:
Installer of SaAT Personal may insecurely load Dynamic Link Libraries
2017/06/02 JVN#91170929:
Installer of SaAT Netizen may insecurely load Dynamic Link Libraries
2017/06/01 JVN#06770361:
Installer of Tera Term may insecurely load Dynamic Link Libraries
2017/06/01 JVN#51274854:
Multiple software for Sharp IC Card Reader/Writer Devices may insecurely load Dynamic Link Libraries
2017/06/01 JVN#70951878:
WordPress plugin "WP Live Chat Support" vulnerable to cross-site scripting
2017/05/26 JVN#92422409:
The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries
2017/05/25 JVN#41185163:
Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries
2017/05/25 JVN#75514460:
Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely load Dynamic Link Libraries
2017/05/25 JVN#42164352:
GroupSession fails to restrict access permissions
2017/05/24 JVN#91438377:
SSL Visibility Appliance may generate illegal RST packets
2017/05/19 JVN#12493656:
The installer of Empirical Project Monitor - eXtended may insecurely load Dynamic Link Libraries
2017/05/19 JVN#11326581:
Empirical Project Monitor - eXtended vulnerable to cross-site scripting
2017/05/19 JVN#85512750:
Empirical Project Monitor - eXtended vulnerable to cross-site scripting
2017/05/16 JVN#81820501:
FlashAir do not set credential information in PhotoShare
2017/05/16 JVN#46372675:
FlashAir fails to restrict access permissions in PhotoShare
2017/05/16 JVN#96165722:
WordPress plugin "WP Booking System" vulnerable to cross-site scripting
2017/05/16 JVN#24834813:
Multiple BestWebSoft WordPress plugins vulnerable to cross-site scripting
2017/05/16 JVN#70411623:
WordPress plugin "MaxButtons" vulnerable to cross-site scripting
2017/05/12 JVN#16248227:
PrimeDrive Desktop Application Installer may insecurely load executable files
2017/05/11 JVN#51978169:
The installer of SOY CMS vulnerable to cross-site scripting
2017/05/11 JVN#51819749:
SOY CMS vulnerable to directory traversal
2017/05/09 JVN#39605485:
The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries
2017/05/09 JVN#87760109:
Nessus vulnerable to cross-site scripting
2017/04/25 JVN#71572107:
Installer of Vivaldi for Windows may insecurely load executable files
2017/04/21 JVN#48790793:
WNC01WH vulnerable to OS command injection
2017/04/20 JVN#54268888:
Multiple JustSystems products including Hanako may insecurely load Dynamic Link Libraries
2017/04/20 JVN#93931029:
Hoozin Viewer vulnerable to buffer overflow
2017/04/20 JVN#54762089:
WordPress plugin "Booking Calendar" vulnerable to cross-site scripting
2017/04/20 JVN#18739672:
WordPress plugin "Booking Calendar" vulnerable to directory traversal
2017/04/19 JVN#86171513:
SEIL Series routers vulnerable to denial-of-service (DoS)
2017/04/18 JVN#08740778:
NETGEAR ProSAFE Plus Configuration Utility vulnerable to improper access control
2017/04/14 JVN#05340816:
Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries
2017/04/14 JVN#01537659:
WN-AC1167GR vulnerable to cross-site scripting
2017/04/13 JVN#77253951:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2017/04/13 JVN#62392065:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2017/04/11 JVN#17535578:
Multiple vulnerabilities in Cybozu Office
2017/04/11 JVN#82019695:
ASSETBASE vulnerable to cross-site scripting
2017/04/10 JVN#87770873:
CS-Cart Japanese Edition vulnerable to cross-site request forgery
2017/04/10 JVN#14396697:
CS-Cart Japanese Edition fails to restrict access permissions
2017/04/10 JVN#25598952:
​CS-Cart Japanese Edition fails to restrict access permissions
2017/04/10 JVN#81024552:
Multiple vulnerabilities in WN-G300R3
2017/04/10 JVN#17633442:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2017/04/07 JVN#64451600:
Tablacus Explorer vulnerable to script injection
2017/03/30 JVN#55121369:
CentreCOM AR260S V2 vulnerable to privilege escalation
2017/03/23 JVN#55294532:
WordPress plugin "YOP Poll" vulnerable to cross-site scripting
2017/03/22 JVN#93699304:
Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries
2017/03/16 JVN#11448789:
Security guide for website operators vulnerable to OS command injection
2017/03/13 JVN#88745657:
Cybozu KUNAI for Android information management vulnerability
2017/03/07 JVN#13003724:
OneThird CMS vulnerable to cross-site scripting
2017/03/07 JVN#49408248:
OneThird CMS vulnerable to cross-site scripting
2017/03/02 JVN#46830433:
Multiple I-O DATA network camera products multiple vulnerabilities
2017/03/01 JVN#88713190:
PrimeDrive Desktop Application Installer may insecurely load Dynamic Link Libraries
2017/03/01 JVN#82619692:
Access CX App fails to verify SSL server certificates
2017/02/28 JVN#73083905:
Multiple vulnerabilities in WBCE CMS
2017/02/28 JVN#63474730:
CubeCart vulnerable to directory traversal
2017/02/20 JVN#73182875:
Multiple vulnerabilities in Cybozu Garoon
2017/02/17 JVN#86200862:
Self-Extracting Archives created by 7-ZIP32.DLL may insecurely load Dynamic Link Libraries
2017/02/15 JVN#55489964:
Multiple vulnerabilities in Apache Brooklyn
2017/02/10 JVN#53880182:
TVer App for Android fails to verify SSL server certificates
2017/02/10 JVN#40667528:
Norton Download Manager may insecurely load Dynamic Link Libraries
2017/02/09 JVN#39008927:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to cross-site request forgery
2017/02/09 JVN#88176589:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to authentication bypass
2017/02/09 JVN#87662835:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to DNS rebinding
2017/02/09 JVN#71666779:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/02/09 JVN#34207650:
Multiple cross-site scripting vulnerabilities in Webmin
2017/02/03 JVN#21114208:
Business LaLa Call App for Android fails to verify SSL server certificates
2017/02/03 JVN#01014759:
LaLa Call App for Android fails to verify SSL server certificates
2017/01/27 JVN#81618356:
CubeCart vulnerable to directory traversal
2017/01/24 JVN#09460804:
Knowledge vulnerable to cross-site request forgery
2017/01/24 JVN#12796388:
Nessus vulnerable to cross-site scripting
2017/01/24 JVN#50197114:
smalruby-editor vulnerable to OS command injection
2017/01/20 JVN#92395431:
Java (OGNL) code execution in Apache Struts 2 when devMode is enabled
2017/01/16 JVN#28331227:
MaruUo Factory's multiple AttacheCase products vulnerable to directory traversal
2017/01/16 JVN#83917769:
AttacheCase vulnerable to directory traversal
2017/01/11 JVN#19241292:
Cybozu Remote Service Manager fails to verify client certificates
2017/01/06 JVN#71538099:
Olive Diary DX vulnerable to cross-site scripting
2017/01/06 JVN#12124922:
WEB SCHEDULE vulnerable to cross-site scripting
2017/01/06 JVN#60879379:
Olive Blog vulnerable to cross-site scripting

2016

2016/12/26 JVN#96681653:
WinSparkle issue where registry value is not validated
2016/12/26 JVN#90813656:
Wireshark for Windows issue where an arbitrary file may be deleted
2016/12/22 JVN#44566208:
H2O use-after-free vulnerability
2016/12/22 JVN#38755305:
BlueZ userland utilities vulnerable to buffer overflow
2016/12/22 JVN#84995847:[Critical]
SKYSEA Client View vulnerable to arbitrary code execution
2016/12/19 JVN#17980240:
Cybozu Garoon vulnerable to SQL injection
2016/12/19 JVN#16200242:
Cybozu Garoon vulnerable to directory traversal
2016/12/19 JVN#15222211:
Cybozu Garoon vulnerable to cross-site request forgery
2016/12/19 JVN#14631222:
Cybozu Garoon fails to restrict access permissions
2016/12/19 JVN#13218253:
Cybozu Garoon vulnerable to information disclosure
2016/12/19 JVN#12281353:
Cybozu Garoon vulnerable to cross-site scripting
2016/12/16 JVN#42070907:
Mutiple SONY Videoconference Systems do not properly perform authentication
2016/12/13 JVN#78980598:
Apache ActiveMQ vulnerable to cross-site scripting
2016/12/12 JVN#16781735:
Multiple access restriction bypass vulnerabilities in Cybozu Dezie
2016/12/07 JVN#28151745:
Sleipnir for Mac vulnerable to URL spoofing
2016/12/02 JVN#40613060:
Multiple vulnerabilities in WNC01WH
2016/12/01 JVN#08868688:
The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries
2016/11/30 JVN#25059363:
Multiple I-O DATA network camera products multiple vulnerabilities
2016/11/28 JVN#20252219:
kintone mobile for Android fails to verify SSL server certificates
2016/11/25 JVN#05493467:
Simple keitai chat vulnerable to cross-site scripting
2016/11/15 JVN#75396659:
DERAEMON-CMS vulnerable to cross-site scripting
2016/11/11 JVN#23549283:
CG-WLR300NX fails to restrict access permissions
2016/11/11 JVN#92237169:
CG-WLR300NX vulnerable to cross-site scripting
2016/11/11 JVN#23823838:
CG-WLR300NX vulnerable to cross-site request forgery
2016/11/11 JVN#25060672:
Multiple Corega wireless LAN routers vulnerable to cross-site scripting
2016/11/11 JVN#34103586:
Multiple I-O DATA network camera products vulnerable to information disclosure
2016/11/02 JVN#18228200:
Multiple vulnerabilities in WFS-SR01
2016/11/01 JVN#91002412:
The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries
2016/11/01 JVN#27260483:
mobiGate App fails to verify SSL server certificates
2016/10/26 JVN#76780067:
Installer of 7-Zip for Windows may insecurely load Dynamic Link Libraries
2016/10/20 JVN#14567604:
Multiple vulnerabilities in WordPress plugin WP-OliveCart
2016/10/19 JVN#03251132:
Installer of Evernote for Windows may insecurely load Dynamic Link Libraries
2016/10/18 JVN#63012325:
The installer of e-Tax Software may insecurely load Dynamic Link Libraries
2016/10/13 JVN#70380788:
BASP21 vulnerable to mail header injection
2016/10/07 JVN#39619137:
Toshiba FlashAir does not require authentication in "Internet pass-thru Mode"
2016/10/07 JVN#32504719:
Usermin cross-site scripting vulnerabilties
2016/10/07 JVN#80157683:
SetucoCMS multiple vulnerabilities
2016/10/07 JVN#20786316:
Cryptography API: Next Generation (CNG) vulnerable to denial-of-service (DoS)
2016/10/03 JVN#11288252:
Cybozu Office vulnerable to Reflected File Download (RFD)
2016/10/03 JVN#10092452:
Cybozu Office vulnerable to denial-of-service (DoS)
2016/10/03 JVN#09736331:
Cybozu Office vulnerable to information disclosure
2016/10/03 JVN#08736331:
Cybozu Office vulnerable to mail header injection
2016/10/03 JVN#07148816:
Multiple access restriction bypass vulnerabilities in Cybozu Office
2016/10/03 JVN#06726266:
Cybozu Office multiple cross-site scripting vulnerabilities
2016/10/03 JVN#46351856:
Docomo L-04D mobile WiFi router vulnerable to cross-site request forgery
2016/09/29 JVN#92765814:
Multiple vulnerabilities in baserCMS
2016/09/29 JVN#72559412:
ManageEngine ServiceDesk Plus uses an insecure method for cookie generation
2016/09/29 JVN#89726415:
ManageEngine ServiceDesk Plus fails to restrict access permissions
2016/09/29 JVN#50347324:
ManageEngine ServiceDesk Plus vulnerable to cross-site scripting
2016/09/23 JVN#46087986:
Multiple plugins for Geeklog IVYWE edition vulnerable to cross-site scripting
2016/09/20 JVN#49343562:
Money Forward Apps for Android vulnerability that allows unintended operations
2016/09/20 JVN#61297210:
Money Forward Apps for Android vulnerable in the WebView class
2016/09/16 JVN#98126322:
Trend Micro Internet Security vulnerability where files may be excluded as scan targets
2016/09/16 JVN#74244518:
Splunk Enterprise and Splunk Light vulnerable to cross-site scripting
2016/09/16 JVN#64800312:
Splunk Enterprise and Splunk Light vulnerable to open redirect
2016/09/16 JVN#39926655:
Splunk Enterprise and Splunk Light vulnerable to open redirect
2016/09/16 JVN#71462075:
Splunk Enterprise and Splunk Lite vulnerable to cross-site scripting
2016/09/15 JVN#94779084:
H2O use of externally-controlled format string
2016/09/15 JVN#18926672:
Zend Framework vulnerable to SQL injection
2016/09/14 JVN#55389065:
CS-Cart add-on "Twigmo" vulnerable to PHP object injection
2016/09/06 JVN#48237713:
ADOdb vulnerable to cross-site scripting
2016/08/31 JVN#85213412:
Multiple AKABEi SOFT2 LTD. games vulnerable to OS command injection
2016/08/25 JVN#05924524:
LINE for Windows fails to properly verify downloaded files
2016/08/24 JVN#94816361:
YoruFukurou (NightOwl) vulnerable to denial-of-service (DoS)
2016/08/23 JVN#42262137:
simple chat vulnerable to cross-site scripting
2016/08/22 JVN#93411577:
Cybozu Garoon fails to restrict access permissions
2016/08/22 JVN#89211736:
Cybozu Garoon vulnerable to authentication bypass
2016/08/22 JVN#83568336:
Cybozu Garoon vulnerable to SQL injection
2016/08/22 JVN#67595539:
Cybozu Garoon multiple cross-site scripting vulnerabilities
2016/08/22 JVN#67266823:
Cybozu Garoon vulnerable to open redirect
2016/08/19 JVN#09836883:
Geeklog IVYWE edition contains a cross-site scripting vulnerability
2016/08/18 JVN#58455472:
OSSEC Web UI vulnerable to cross-site scripting
2016/08/18 JVN#28386124:
ClipBucket vulnerable to cross-site scripting
2016/08/17 JVN#45583702:
Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries
2016/08/16 JVN#04125292:
Cybozu Mailwise contains issue in preventing clickjacking attacks
2016/08/16 JVN#03052683:
Cybozu Mailwise vulnerable to information disclosure
2016/08/16 JVN#02576342:
Cybozu Mailwise vulnerable to information disclosure
2016/08/16 JVN#01353821:
Cybozu Mailwise vulnerable to mail header injection
2016/08/08 JVN#35062083:
Multiple I-O DATA Recording Hard disk products vulnerable to cross-site request forgery
2016/08/05 JVN#09470233:
Android stock browser vulnerable to denial-of-service (DoS)
2016/08/04 JVN#06920277:
Coordinate Plus App fails to verify SSL server certificates
2016/07/22 JVN#40696431:
EC-CUBE plugin "Coupon Plugin" vulnerable to SQL injection
2016/07/22 JVN#65273415:
Android OS issue where it is affected by the CRIME attack
2016/07/22 JVN#06212291:
Android OS Contacts app fails to restrict access permissions
2016/07/20 JVN#01956993:
Vtiger CRM does not properly restrict access to application data
2016/07/20 JVN#13582657:
WordPress plugin "Nofollow Links" vulnerable to cross-site scripting
2016/07/15 JVN#68364327:
WAONサービスアプリ App for Android fails to verify SSL server certificates
2016/07/08 JVN#51565015:
LINE for Windows may insecurely load Dynamic Link Libraries
2016/06/30 JVN#89379547:
Apache Commons FileUpload vulnerable to denial-of-service (DoS)
2016/06/29 JVN#30260727:
Sushiro App fails to verify SSL server certificates
2016/06/27 JVN#39594409:
DMM Movie Player App fails to verify SSL server certificates
2016/06/27 JVN#45034304:
Multiple Hikari Denwa routers vulnerable to cross-site request forgery
2016/06/27 JVN#77403442:
Multiple Hikari Denwa routers vulnerable to OS command injection
2016/06/27 JVN#42930233:
QNAP QTS vulnerable to cross-site scripting
2016/06/24 JVN#61578437:
WordPress plugin "Welcart e-Commerce" vulnerable to session management
2016/06/24 JVN#55826471:
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
2016/06/24 JVN#95082904:
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
2016/06/24 JVN#47363774:
WordPress plugin "Welcart e-Commerce" vulnerable to PHP object injection
2016/06/22 JVN#75028871:
CG-WLR300GNV Series does not limit authentication attempts
2016/06/22 JVN#24409899:
CG-WLBARAGM vulnerable to denial-of-service (DoS)
2016/06/22 JVN#76653039:
CG-WLBARGL vulnerable to command injection
2016/06/20 JVN#07710476:
Apache Struts 2 vulnerable to remote code execution
2016/06/20 JVN#12352818:
Apache Struts 2 vulnerable to denial-of-service (DoS)
2016/06/20 JVN#45093481:
Multiple vulnerabilities in Apache Struts 2
2016/06/16 JVN#55428526:
Deep Discovery Inspector vulnerable to remote code execution
2016/06/14 JVN#96052093:
ETX-R vulnerable to denial-of-service (DoS)
2016/06/14 JVN#61317238:
ETX-R vulnerable to cross-site request forgery
2016/06/08 JVN#15205734:
DX Library vulnerable to remote code execution
2016/06/07 JVN#74659077:
TERASOLUNA Server Framework for Java(WEB) access restriction bypass vulnerability in the file extention filter
2016/06/07 JVN#65044642:
Apache Struts 1 vulnerable to input validation bypass
2016/06/07 JVN#03188560:
Apache Struts 1 vulnerability that allows unintended remote operations against components on memory
2016/06/02 JVN#48847535:
Trend Micro enterprise products multiple vulnerabilities
2016/06/02 JVN#48789425:
Trend Micro Internet Security multiple vulnerabilities
2016/05/30 JVN#53542912:
Cybozu Garoon fails to restrict access permissions
2016/05/30 JVN#49285177:
Cybozu Garoon vulnerable to cross-site scripting
2016/05/30 JVN#37121456:
Cybozu Garoon vulnerable to cross-site scripting
2016/05/30 JVN#33879831:
Cybozu Garoon fails to restrict access permissions
2016/05/30 JVN#32218514:
Cybozu Garoon vulnerable to open redirect
2016/05/30 JVN#26298347:
Cybozu Garoon vulnerable to denial-of-service (DoS)
2016/05/30 JVN#25765762:
Cybozu Garoon vulnerable to information disclosure
2016/05/30 JVN#14749391:
Multiple directory traversal vulnerabilities in Cybozu Garoon
2016/05/30 JVN#18975349:
Multiple access restriction bypass vulnerabilities in Cybozu Garoon
2016/05/30 JVN#13794955:
Source code of Old_GSI_Maps prior to January, 2015 vulnerable to directory traversal
2016/05/30 JVN#40898764:
DMM.com Securities FX Apps for Android fail to verify SSL server certificates
2016/05/27 JVN#87859762:
H2O use-after-free vulnerability
2016/05/27 JVN#46888319:
Japan Connected-free Wi-Fi vulnerable to API execution
2016/05/27 JVN#75813272:
Multiple Buffalo wireless LAN routers vulnerable to information disclosure
2016/05/27 JVN#81698369:
Multiple Buffalo wireless LAN routers vulnerable to directory traversal
2016/05/27 JVN#24143619:
WebARENA formmail vulnerable to cross-site scripting
2016/05/26 JVN#00460236:
NetCommons vulnerable to privilege escalation
2016/05/25 JVN#26026353:
WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting
2016/05/24 JVN#43529183:
Jetstar App for iOS fails to verify SSL server certificates
2016/05/24 JVN#85112513:
php-contact-form vulnerable to cross-site scripting
2016/05/24 JVN#56167268:
HumHub vulnerable to cross-site scripting
2016/05/20 JVN#42545812:
MP Form Mail CGI Professional Edition vulnerable to directory traversal
2016/05/19 JVN#43076390:
Web Mailing List vulnerable to cross-site scripting
2016/05/18 JVN#11877654:
百五銀行 (105 BANK) App fails to verify SSL server certificates
2016/05/16 JVN#11994518:
Cybozu KUNAI App fails to verify SSL server certificates
2016/05/16 JVN#03975805:
a-blog cms vulnerable to session management
2016/05/16 JVN#73166466:
a-blog cms vulnerable to cross-site scripting
2016/05/13 JVN#44657371:
WordPress plugin "Ninja Forms" vulnerable to PHP object injection
2016/05/13 JVN#91638315:
FileMaker server issue where PHP source code may be viewable
2016/05/12 JVN#22978346:
WN-G300R Series vulnerable to cross-site scripting
2016/05/12 JVN#25674893:
WN-GDN/R3 Series does not limit authentication attempts
2016/05/11 JVN#41772178:
Apache Cordova vulnerable to arbitrary plugin execution
2016/05/11 JVN#35341085:
Apache Cordova fails to restrict access permissions
2016/04/26 JVN#73776243:
EC-CUBE vulnerable to cross-site request forgery
2016/04/26 JVN#63384827:
Multiple shiro8 Co., Ltd. freearea_ addition_plugins for EC-CUBE vulnerable to cross-site scripting
2016/04/26 JVN#11458774:
EC-CUBE fails to restrict access permissions
2016/04/26 JVN#47473944:
EC-CUBE fails to restrict access permissions
2016/04/25 JVN#91816422:
kintone mobile for Android fails to verify SSL server certificates
2016/04/25 JVN#89026267:
kintone mobile for Android information management vulnerability
2016/04/22 JVN#00324715:
Electron may insecurely load Node modules
2016/04/19 JVN#11815655:
Photopt App fails to verify SSL server certificates
2016/04/13 JVN#00272277:
Tokyo Star bank App fails to verify SSL server certificates
2016/04/08 JVN#78482127:
EC-CUBE plugin "Social-button Plugin Premium" and "Social-button Plugin" vulnerable to cross-site scripting
2016/04/06 JVN#55801246:
baserCMS plugin "Casebook Plugin" multiple vulnerabilities
2016/04/06 JVN#26627848:
baserCMS plugin "Menubook Plugin" multiple vulnerabilities
2016/04/06 JVN#13288761:
baserCMS plugin "Recruit Plugin" multiple vulnerabilities
2016/04/04 JVN#28480773:
WisePoint contains issue in preventing clickjacking attacks
2016/04/04 JVN#47164236:
AQUOS Photo Player HN-PP150 vulnerable to cross-site request forgery
2016/04/04 JVN#41875357:
ActiveX control for EVA Animator vulnerable to buffer overflow
2016/03/30 JVN#82020528:
Aterm WG300HP vulnerable to cross-site request forgery
2016/03/30 JVN#07818796:
Aterm WF800HP vulnerable to cross-site request forgery
2016/03/24 JVN#86517621:
WordPress plugin "WP Favorite Posts" vulnerable to cross-site scripting
2016/03/02 JVN#59349382:
Multiple Corega wireless LAN routers vulnerable to cross-site request forgery
2016/02/22 JVN#93535632:
Log-Chat vulnerable to cross-site scripting
2016/02/19 JVN#46044093:
LINE for Windows and LINE for Mac OS vulnerable to denial-of-service (DoS)
2016/02/19 JVN#31524757:
EC-CUBE plugin "Help plug-in" vulnerable to SQL injection
2016/02/19 JVN#78383854:
Internet Explorer cross-domain policy bypass
2016/02/19 JVN#69854312:
baserCMS vulnerable to OS command injection
2016/02/15 JVN#69278491:
Cybozu Office vulnerable to cross-site scripting
2016/02/15 JVN#71428831:
Cybozu Office vulnerable to open redirect
2016/02/15 JVN#64209269:
Cybozu Office vulnerable to cross-site request forgery
2016/02/15 JVN#48720230:
Cybozu Office access restriction bypass vulnerability
2016/02/15 JVN#47296923:
Cybozu Office vulnerable to information disclosure
2016/02/15 JVN#28042424:
Cybozu Office vulnerable to information disclosure
2016/02/15 JVN#20246313:
Cybozu Office vulnerable to denial-of-service (DoS)
2016/02/12 JVN#77012922:
Microsoft Producer for Microsoft Office PowerPoint vulnerable to cross-site scripting
2016/02/12 JVN#22578691:
Akerun - Smart Lock Robot App for iOS fails to verify SSL server certificates
2016/01/29 JVN#26921563:
JOB-CUBE vulnerable to cross-site scripting
2016/01/29 JVN#12165579:
Vine MV vulnerable to cross-site scripting
2016/01/29 JVN#03050861:
EXPRESSCLUSTER X vulnerable to directory traversal
2016/01/27 JVN#54686544:
HOME SPOT CUBE multiple vulnerabilities
2016/01/22 JVN#49225722:
Multiple Buffalo network devices vulnerable to cross-site scripting
2016/01/22 JVN#09268287:
Multiple Buffalo network devices vulnerable to cross-site request forgery
2016/01/18 JVN#47951769:
Shoplat App for iOS issue in the verification of SSL certificates
2016/01/15 JVN#45928828:
H2O vulnerable to HTTP header injection
2016/01/15 JVN#50899877:
acmailer vulnerable to OS command injection
2016/01/05 JVN#49476817:
DX Library vulnerable to buffer overflow

2015

2015/12/25 JVN#51250073:
CG-WLNCM4G may behave as an open resolver
2015/12/25 JVN#50775659:
CG-WLBARAGM may behave as an open proxy
2015/12/25 JVN#51349622:
CG-WLBARGS does not properly perform authentication
2015/12/17 JVN#43344629:
Welcart vulnerable to SQL injection
2015/12/17 JVN#64636058:
WinRAR may insecurely load executable files
2015/12/17 JVN#22533124:
Adobe Flash Player issue where iframe contents may be overwritten
2015/12/11 JVN#71730320:
Zend Framework vulnerable to SQL injection
2015/12/09 JVN#89965717:
WL-330NUL vulnerable to cross-site scripting
2015/12/09 JVN#85359294:
WL-330NUL vulnerable to denial-of-service (DoS)
2015/12/09 JVN#34489380:
WL-330NUL vulnerable to remote command execution
2015/12/09 JVN#69462495:
WL-330NUL information management vulnerability
2015/12/07 JVN#70083512:
Web Analytics Service vulnerable to cross-site scripting
2015/12/07 JVN#44541100:
GANMA! App for iOS fails to verify SSL server certificates
2015/12/03 JVN#55545372:
EC-CUBE plugin BbAdminViewsControl vulnerable to SQL injection
2015/11/30 JVN#72891124:
p++BBS vulnerable to cross-site scripting
2015/11/30 JVN#35845584:
Frame high-speed chat vulnerable to cross-site scripting
2015/11/27 JVN#18889193:
Apache Cordova vulnerable to improper application of whitelist restrictions
2015/11/27 JVN#12991684:
ManageEngine Firewall Analyzer fails to restrict access permissions
2015/11/27 JVN#21968837:
ManageEngine Firewall Analyzer vulnerable to directory traversal
2015/11/20 JVN#51046809:
ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting
2015/11/20 JVN#20649799:
Void vulnerable to cross-site scripting
2015/11/17 JVN#34780384:
Kirby vulnerable to arbitrary file creation
2015/11/17 JVN#29141986:
Gurunavi App for iOS fails to verify SSL server certificates
2015/11/17 JVN#64625488:
applican vulnerable to script injection
2015/11/17 JVN#71088919:
applican vulnerable to script injection
2015/11/13 JVN#25323093:
pWebManager vulnerable to OS command injection
2015/11/13 JVN#56210048:
Apple OS X authentication issue when recovering from sleep mode
2015/11/06 JVN#90135579:
SonicWall TotalSecure TZ 100 Series vulnerable to denial-of-service (DoS)
2015/11/05 JVN#80144272:
Multiple TYPE-MOON games vulnerable to OS command injection
2015/11/02 JVN#04281281:
ISUCON5 qualifier portal web application (eventapp) vulnerable to OS command injection
2015/10/30 JVN#53973084:
HTML::Scrubber vulnerable to cross-site scripting
2015/10/30 JVN#48135658:
Multiple routers contain issue in preventing clickjacking attacks
2015/10/29 JVN#68289108:
Enisys Gw fails to restrict access permissions
2015/10/29 JVN#13874649:
Enisys Gw vulnerable to cross-site scripting
2015/10/29 JVN#33179297:
Enisys Gw vulnerable to arbitrary file creation
2015/10/29 JVN#58615092:
Enisys Gw vulnerable to SQL injection
2015/10/28 JVN#25086409:
ANA App fails to verify SSL server certificates
2015/10/26 JVN#97278546:
EC-CUBE vulnerable to cross-site request forgery
2015/10/16 JVN#25576608:
Avast vulnerable to directory traversal
2015/10/16 JVN#37825153:
AirDroid for Android vulnerable in handling of implicit intents
2015/10/15 JVN#92520335:
eXtplorer vulnerable to cross-site request forgery
2015/10/14 JVN#48211537:
Party Track SDK for iOS fails to verify server certificates
2015/10/09 JVN#84982142:
Pref Shimane CMS vulnerable to SQL injection
2015/10/09 JVN#02671769:
phpRechnung vulnerable to SQL injection
2015/10/09 JVN#13456571:
Dojo Toolkit vulnerable to cross-site scripting
2015/10/07 JVN#38369032:
Cybozu Garoon vulnerable to LDAP injection
2015/10/07 JVN#21025396:
Multiple PHP code execution vulnerabilitles in Cybozu Garoon
2015/10/02 JVN#27548431:
gollum vulnerable to file exposure
2015/10/02 JVN#65668004:
Dotclear vulnerable to cross-site scripting
2015/10/01 JVN#49503705:
Python for Windows may insecurely load dynamic libraries
2015/10/01 JVN#07676450:
Canary Labs Trend Web Server vulnerable to buffer overflow
2015/10/01 JVN#27462572:
AjaXplorer vulnerable to directory traversal
2015/09/30 JVN#79633796:
baserCMS vulnerable to SQL injection
2015/09/30 JVN#04855224:
baserCMS fails to restrict access permissions
2015/09/30 JVN#85118545:
MATCHA SNS access restriction bypass vulnerability
2015/09/30 JVN#08535069:
MATCHA SNS vulnerable to code injection
2015/09/30 JVN#66984217:
MATCHA INVOICE vulnerable to code injection
2015/09/30 JVN#18232032:
MATCHA INVOICE vulnerable to SQL injection
2015/09/29 JVN#20355129:
niconico App for iOS fails to verify SSL server certificates
2015/09/29 JVN#21612597:
Apache Cordova plugin cordova-plugin-file-transfer vulnerable to HTTP header injection
2015/09/17 JVN#65602714:
H2O vulnerable to directory traversal
2015/09/16 JVN#19948778:
Photon vulnerable to URL whitelist bypass
2015/09/16 JVN#67586379:
Reversi vulnerable to URL whitelist bypass
2015/09/16 JVN#24517322:
Koritore vulnerable to URL whitelist bypass
2015/09/16 JVN#83862346:
MEGAPHONE MUSIC vulnerable to URL whitelist bypass
2015/09/16 JVN#71815309:
Auction Camera vulnerable to URL whitelist bypass
2015/09/16 JVN#73346595:
applican vulnerable to URL whitelist bypass
2015/09/11 JVN#07427376:
PIXMA MG7500 Series vulnerable to cross-site request forgery
2015/09/11 JVN#41048401:
Japan Connected-free Wi-Fi vulnerable to script injection
2015/09/11 JVN#04644117:
Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass
2015/09/07 JVN#62078684:
ELPhoneBtnV6 ActiveX control vulnerable to buffer overflow
2015/09/04 JVN#00015036:
OpenDocMan vulnerable to cross-site scripting
2015/09/04 JVN#95989300:
Apache Struts vulnerable to cross-site scripting
2015/09/04 JVN#88408929:
Apache Struts vulnerable to cross-site scripting
2015/09/03 JVN#13684924:[Unreachable]
BBS X102 vulnerable to cross-site scripting
2015/09/03 JVN#24692261:[Unreachable]
hitSuji (rktSNS2) vulnetable to cross-site scripting
2015/09/02 JVN#08494613:
NScripter vulnerable to buffer overflow
2015/09/01 JVN#81207766:
Rakuten card App for iOS fails to verify SSL server certificates
2015/09/01 JVN#09283606:
desknet's NEO vulnerable to directory traversal
2015/09/01 JVN#77193915:
Twit BBS vulnerable to cross-site scripting
2015/08/27 JVN#91474878:
File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted
2015/08/20 JVN#17611367:
Apache Tapestry deserializes untrusted data
2015/08/18 JVN#17964918:
Multiple I-O DATA LAN routers vulnerable in UPnP functionality
2015/08/12 JVN#78240242:
Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site request forgery
2015/08/12 JVN#69175956:
Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site scripting
2015/08/12 JVN#20459920:
Microsoft Office discloses a file path of a local file
2015/08/07 JVN#29053368:
Yodobashi App for Android fails to verify SSL server certificates
2015/08/07 JVN#70465405:
Yodobashi App for Android vulnerable to arbitrary Java method execution
2015/07/29 JVN#17522792:
yoyaku_v41 vulnerable to OS command injection
2015/07/29 JVN#52248864:
yoyaku_v41 vulnerable to authentication bypass
2015/07/29 JVN#46674982:
yoyaku_v41 vulnerable to arbitrary file creation
2015/07/28 JVN#86680970:
Gazou BBS plus vulnerability in file upload processing
2015/07/24 JVN#97971874:
Welcart vulnerable to cross-site scripting
2015/07/24 JVN#92828286:
Welcart vulnerable to SQL injection
2015/07/24 JVN#10559378:
Research Artisan Lite does not properly perform authentication
2015/07/24 JVN#58020495:
Research Artisan Lite vulnerable to cross-site scripting
2015/07/17 JVN#73568461:
PHP for Windows vulnerable to OS command injection
2015/07/15 JVN#19011483:
Thetis vulnerable to SQL injection
2015/07/15 JVN#64051989:
acmailer vulnerable to directory traversal
2015/07/10 JVN#22546110:
LINE@ vulnerable to script injection
2015/07/10 JVN#61935381:
Simple Oekaki BBS vulnerability where arbitary files may be deleted
2015/07/10 JVN#67540183:
Simple Oekaki BBS vulnerable to cross-site scripting
2015/07/09 JVN#55076671:
Cacti vulnerable to cross-site request forgery
2015/07/09 JVN#09758120:
Cacti vulnerable to cross-site scripting
2015/07/09 JVN#78187936:
Cacti vulnerable to cross-site scripting
2015/06/30 JVN#22677713:
OpenEMR vulnerable to authentication bypass
2015/06/30 JVN#77386811:
Explorer+ File Manager vulnerable to directory traversal
2015/06/25 JVN#25336719:
namshi/jose fails to verify token signatures
2015/06/25 JVN#96312698:
osCommerce Japanese version vulnerable to directory traversal
2015/06/23 JVN#19578958:
Symfony vulnerable to code injection
2015/06/18 JVN#83881261:
Ruby on Rails library Paperclip vulnerable to cross-site scripting
2015/06/12 JVN#18146081:
LoadLibrary function in Microsoft Windows fails to validate input properly
2015/06/12 JVN#19732015:
MilkyStep fails to restrict access permissions
2015/06/12 JVN#24336273:
BloBee vulnerable to arbitrary file creation
2015/06/09 JVN#74280258:
MilkyStep fails to restrict access permissions
2015/06/09 JVN#20879350:
MilkyStep vulnerable to cross-site scripting
2015/06/09 JVN#52478686:
MilkyStep vulnerable to SQL injection
2015/06/09 JVN#05559185:
MilkyStep vulnerable to OS command injection
2015/06/09 JVN#12241436:
MilkyStep vulnerable to cross-site request forgery
2015/06/09 JVN#16409640:
MilkyStep fails to restrict access permissions
2015/06/05 JVN#50447904:
Multiple Buffalo wireless LAN routers vulnerable to OS command injection
2015/06/05 JVN#79284156:
NetFlow Analyzer vulnerable to cross-site request forgery
2015/06/05 JVN#25598413:
NetFlow Analyzer fails to restrict access permissions
2015/06/05 JVN#98447310:
NetFlow Analyzer vulnerable to cross-site scripting
2015/06/03 JVN#06120222:
F21 JWT fails to verify token signatures
2015/06/03 JVN#95246510:
"Open Explorer Beta" App for Android vulnerable to directory traversal
2015/05/28 JVN#51176150:
ZenPhoto20 vulnerable to cross-site scripting
2015/05/28 JVN#68452022:
Zenphoto vulnerable to cross-site scripting
2015/05/27 JVN#61328139:
Apache Sling API and Servlets Post components vulnerable to cross-site scripting
2015/05/22 JVN#93976566:
SXF Common Library vulnerable to buffer overflow
2015/05/20 JVN#64459670:
mt-phpincgi vulnerable to PHP object injection
2015/05/19 JVN#78689801:
BGA32.DLL and QBga32.DLL contain multiple vulnerabilities
2015/05/15 JVN#75851252:
"Honda Moto LINC" App for Android fails to verify SSL server certificates
2015/05/14 JVN#18957556:
Cacti vulnerable to SQL injection
2015/05/12 JVN#20133698:
MailDealer vulnerable to cross-site scripting
2015/05/01 JVN#96439865:
EasyCTF vulnerable to session management
2015/05/01 JVN#07538357:
EasyCTF vulnerable to cross-site scripting
2015/05/01 JVN#67520407:
EasyCTF vulnerable to arbitrary file creation
2015/04/23 JVN#41653647:
TransmitMail vulnerable to directory traversal
2015/04/23 JVN#26860747:
TransmitMail vulnerable to cross-site scripting
2015/04/14 JVN#56297719:
JBoss RichFaces vulnerable to remote Java code execution
2015/04/10 JVN#91383083:
Seasar S2Struts vulnerable to input validation bypass
2015/04/09 JVN#12329472:
Lhaplus vulnerable to remote code execution
2015/04/09 JVN#02527990:
Lhaplus vulnerable to directory traversal
2015/04/07 JVN#71903938:
bBlog vulnerable to cross-site request forgery
2015/04/03 JVN#68819526:
"Restaurant Karaoke SHIDAX" App for Android fails to verify SSL server certificates
2015/04/02 JVN#58784309:
Maruo Editor vulnerable to buffer overflow
2015/03/31 JVN#75615300:
All in One SEO Pack information management vulnerability
2015/03/27 JVN#81094176:
Android OS may behave as an open resolver
2015/03/26 JVN#97281747:
WordPress theme flashy vulnerable to cross-site scripting
2015/03/26 JVN#74547976:
Fumy Teacher's Schedule Board vulnerable to cross-site scripting
2015/03/24 JVN#86448949:
The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass
2015/03/20 JVN#41281927:
LINE vulnerable to script injection
2015/03/20 JVN#39175666:
MP Form Mail CGI eCommerce edition vulnerable to code injection
2015/03/17 JVN#97099798:
eXtplorer vulnerable to cross-site scripting
2015/03/06 JVN#87204433:
All In One WP Security & Firewall vulnerable to cross-site request forgery
2015/03/06 JVN#30832515:
All In One WP Security & Firewall vulnerable to SQL injection
2015/03/04 JVN#91016415:
Maroyaka Relay Novel vulnerable to cross-site scripting
2015/03/04 JVN#09871547:
Maroyaka Image Album vulnerable to cross-site scripting
2015/03/04 JVN#63687798:
Maroyaka Simple Board vulnerable to cross-site scripting
2015/03/03 JVN#55063777:
Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass
2015/03/03 JVN#93727681:
BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass
2015/02/27 JVN#63949115:
SEIL Series routers vulnerable to denial-of-service (DoS)
2015/02/27 JVN#77718330:
Vulnerability in the jBCrypt key stretching process
2015/02/27 JVN#88862608:
Joyful Note vulnerability in handling files
2015/02/27 JVN#62298871:
KENT-WEB Clip Board vulnerability where arbitary files may be deleted
2015/02/27 JVN#34790526:
checkpw vulnerable to denial-of-service (DoS)
2015/02/25 JVN#30135729:
SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution
2015/02/25 JVN#44544694:
Zen Cart Japanese version vulnerable to cross-site scripting
2015/02/24 JVN#42768331:
Speed Software Root Explorer and Explorer vulnerable to directory traversal
2015/02/20 JVN#93318392:
AL-Mail32 vulnerable to buffer overflow
2015/02/20 JVN#55365709:
AL-Mail32 vulnerable to denial-of-service (DoS)
2015/02/20 JVN#77294617:
AL-Mail32 vulnerable to directory traversal
2015/02/20 JVN#64455813:
Squid input validation vulnerability
2015/02/17 JVN#73261710:
C-BOARD Moyuku vulnerable to arbitrary file creation
2015/02/17 JVN#18387086:
Saurus CMS Community Edition vulnerable to cross-site scripting
2015/02/13 JVN#48659722:
Smartphone Passbook for Android information management vulnerability
2015/02/13 JVN#14522790:
Smartphone Passbook fails to verify SSL server certificates
2015/02/10 JVN#96155055:
PerlTreeBBS vulnerable to cross-site scripting
2015/02/05 JVN#17480391:
shiromuku(u1)GUESTBOOK vulnerable to cross-site scripting
2015/01/30 JVN#13566542:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2015/01/30 JVN#33735535:
Fumy News Clipper vulnerable to cross-site scripting
2015/01/29 JVN#88252465:
Arbitrary files may be overwritten in multiple VMware products
2015/01/27 JVN#32631078:
Multiple ASUS wireless LAN routers vulnerable to cross-site request forgery
2015/01/27 JVN#77792759:
Multiple ASUS wireless LAN routers vulnerable to OS command injection
2015/01/26 JVN#27142693:
NP-BBRM vulnerable in UPnP functionality
2015/01/23 JVN#94502417:
shiromuku(bu2)BBS vulnerable to arbitrary file creation
2015/01/19 JVN#88559134:
SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal

2014

2014/12/18 JVN#76515134:
WBS Gantt-Chart for JIRA vulnerable to cross-site scripting
2014/12/18 JVN#09289074:
WBS Gantt-Chart for JIRA vulnerable to cross-site scripting
2014/12/18 JVN#97384696:
TSUTAYA App for Android vulnerable to arbitrary Java method execution
2014/12/18 JVN#22440986:
Multiple Allied Telesis products vulnerable to buffer overflow
2014/12/12 JVN#61181790:
LinPHA vulnerable to cross-site scripting
2014/12/10 JVN#13160869:
Chyrp vulnerable to cross-site scripting
2014/12/09 JVN#87910097:
i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#98097877:
"Omake BBS" of i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#89613370:
i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#16406395:
"File Upload BBS" of i-HTTPD vulnerable to remote command execution
2014/12/04 JVN#24909891:
Kaku-San-Sei Million Arthur for Android information management vulnerability
2014/12/04 JVN#12798709:
KENT-WEB Clip Board vulnerable to cross-site scripting
2014/12/03 JVN#70490316:
DBD::PgPP vulnerable to SQL injection
2014/12/02 JVN#71762315:
LG Electronics mobile access routers lack access restrictions
2014/12/02 JVN#61593104:
ARROWS Me F-11D vulnerability where arbitrary areas may be accessed
2014/12/02 JVN#06302787:
OS command injection vulnerability in multiple FUJITSU Android devices
2014/12/02 JVN#67792023:
Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors
2014/12/01 JVN#04895240:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/12/01 JVN#21907573:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/11/28 JVN#54775800:
FAST/TOOLS vulnerable to improper restriction of XML external entity references
2014/11/21 JVN#07930208:
BSD Operating Systems vulnerable to denial-of-service (DoS)
2014/11/14 JVN#89852154:
iLogScanner vulnerable to cross-site scripting
2014/11/14 JVN#52422792:
Direct Web Remoting (DWR) vulnerable to cross-site scripting
2014/11/14 JVN#91502163:
Direct Web Remoting (DWR) vulnerable to XML external entity injection
2014/11/13 JVN#16318793:[Critical]
Ichitaro series vulnerable to arbitrary code execution
2014/11/11 JVN#14691234:
Multiple Cybozu products vulnerable to buffer overflow
2014/11/10 JVN#65559247:
OpenAM vulnerable to denial-of-service (DoS)
2014/10/28 JVN#55667175:
QNAP QTS vulnerable to OS command injection
2014/10/23 JVN#27388160:
SumaHo for Android fails to verify SSL/TLS server certificates
2014/10/16 JVN#23809730:
GIGAPOD vulnerable to denial-of-service (DoS)
2014/10/16 JVN#66285408:
Aflax vulnerable to cross-site scripting
2014/10/16 JVN#87373393:
BirdBlog vulnerable to cross-site scripting
2014/10/10 JVN#58417930:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/10/10 JVN#63587560:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/09/25 JVN#48270605:
Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates
2014/09/25 JVN#80531230:
jigbrowser+ for iOS same origin policy bypass
2014/09/25 JVN#16485017:
SLFileManager for Android vulnerable to directory traversal
2014/09/25 JVN#87863382:
N-Media file uploader vulnerability in handling uploaded files
2014/09/25 JVN#45442753:
Safari issue in handling application cache
2014/09/22 JVN#04560253:
Yuko Yuko App for Android fails to verify SSL server certificates
2014/09/19 JVN#61637002:
Dotclear vulnerable to cross-site scripting
2014/09/19 JVN#08994136:
Bump for Android vulnerable in handling of implicit intents
2014/09/17 JVN#36205251:
365 Links series vulnerable to cross-site scripting
2014/09/12 JVN#84376800:
Help Page in multiple Adobe products vulnerable to cross-site scripting
2014/09/09 JVN#73357573:
Movable Type vulnerable to cross-site scripting
2014/09/04 JVN#49672671:
WisePoint vulnerable to session fixation
2014/09/04 JVN#50367052:
EmFTP may insecurely load executable files
2014/08/29 JVN#17637243:
Kindle App for Android fails to verify SSL server certificates
2014/08/26 JVN#94409737:
MailPoet Newsletters vulnerable to cross-site request forgery
2014/08/19 JVN#20812625:
Advance-Flow vulnerable to SQL injection
2014/08/18 JVN#27531188:
Cakifo vulnerable to cross-site scripting
2014/08/15 JVN#04455183:
Shutter vulnerable to cross-site scripting
2014/08/15 JVN#48039501:
Shutter vulnerable to SQL injection
2014/08/14 JVN#27702217:
Ameba for Android contains an issue where it fails to verify SSL server certificates
2014/08/12 JVN#07957080:
Dominion KX2-101 vulnerable to denial-of-service (DoS)
2014/08/08 JVN#87962145:
Piwigo vulnerable to SQL injection
2014/08/08 JVN#09717399:
Piwigo vulnerable to cross-site scripting
2014/08/08 JVN#80310172:
Piwigo vulnerable to cross-site scripting
2014/08/06 JVN#32726697:
GOM Player vulnerable to denial-of-service (DoS)
2014/08/01 JVN#22534185:
ServerView Operations Manager vulnerable to cross-site scripting
2014/07/30 JVN#72950786:
Outlook.com for Android contains an issue where it fails to verify SSL server certificates
2014/07/29 JVN#94592501:
Multiple I-O DATA IP Cameras vulnerable to authentication bypass
2014/07/29 JVN#42511610:
acmailer contains a cross-site request forgery vulnerability
2014/07/29 JVN#85748534:
PerlMailer vulnerable to cross-site scripting
2014/07/25 JVN#30281958:
Arbitrary program execution vulnerability in TrendLink ActiveX control
2014/07/18 JVN#94791545:
FuelPHP vulnerable to remote code execution
2014/07/18 JVN#84335912:
File Explorer vulnerable to directory traversal
2014/07/18 JVN#36028879:
Meridian vulnerable to cross-site scripting
2014/07/16 JVN#41028866:
Multifunctional MailForm Free vulnerable to cross-site scripting
2014/07/15 JVN#19118282:
Seasar S2Struts vulnerable to ClassLoader manipulation
2014/07/15 JVN#94838679:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#75990997:
Cybozu Garoon vulnerable to access restriction bypass
2014/07/15 JVN#80583739:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#97558950:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#31082531:
Cybozu Garoon 3 API access restriction bypass vulnerability
2014/07/15 JVN#42024228:
Cybozu Garoon CGI vulnerable to remote command execution
2014/07/08 JVN#35376006:
Becky! Internet Mail vulnerable to buffer overflow
2014/07/02 JVN#35998716:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/07/02 JVN#85571806:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/06/25 JVN#36259412:
Web Kyukincho vulnerable to cross-site request forgery
2014/06/25 JVN#80006084:
Web Kyukincho vulnerable to cross-site scripting
2014/06/24 JVN#63940326:
Sophos Disk Encryption vulnerable to authentication bypass
2014/06/24 JVN#05329568:
Login rebuilder vulnerable to cross-site request forgery
2014/06/20 JVN#02213197:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#49974594:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#92737498:
Usermin vulnerable to cross-site scripting
2014/06/20 JVN#48805624:
Usermin vulnerable to OS command injection
2014/06/18 JVN#10603428:
JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates
2014/06/17 JVN#30962312:
TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
2014/06/17 JVN#07677464:
050 plus for Android information management vulnerability
2014/06/13 JVN#10724763:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/06/13 JVN#49154900:
Spring Framework vulnerable to directory traversal
2014/06/11 JVN#58029817:
C-BOARD Moyuku vulnerable to cross-site scripting
2014/06/11 JVN#50129191:
JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution
2014/06/06 JVN#61247051:
OpenSSL improper handling of Change Cipher Spec message
2014/06/04 JVN#54650130:
SOY CMS vulnerable to cross-site scripting
2014/06/04 JVN#78136804:
CN8000 vulnerable to denial-of-service (DoS)
2014/05/08 JVN#68340046:
intra-mart vulnerable to open redirect
2014/04/30 JVN#31230946:
Cybozu Garoon API access restriction bypass vulnerability
2014/04/30 JVN#90519014:
Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS)
2014/04/25 JVN#19294237:
Apache Struts vulnerable to ClassLoader manipulation
2014/04/18 JVN#13313061:
TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery
2014/04/18 JVN#00058727:
Cybozu Remote Service Manager vulnerable to session fixation
2014/04/18 JVN#10319260:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2014/04/18 JVN#22670349:
AndExplorer vulnerable to directory traversal
2014/04/16 JVN#93004610:
Redmine vulnerable to open redirect
2014/04/14 JVN#55438786:
Content Provider in CamiApp for Android fails to restrict access permissions
2014/04/11 JVN#47386847:
SD Card Manager vulnerable to directory traversal
2014/03/20 JVN#70029459:
ES File Explorer vulnerable to directory traversal
2014/03/20 JVN#14282890:
Silex vulnerable to cross-site scripting
2014/03/18 JVN#89260331:
sp mode mail vulnerability where Java methods may be executed
2014/03/18 JVN#05951929:
sp mode mail issue where emails in the process of creation may be accessed
2014/03/18 JVN#81739241:
sp mode mail issue when accessing attachments in incoming mail
2014/03/17 JVN#16263849:
Demaecan for Android. contains an issue where it fails to verify SSL server certificates
2014/03/17 JVN#38227002:
Unzipper vulnerable to directory traversal
2014/02/26 JVN#71045461:
Cybozu Garoon vulnerable to SQL injection
2014/02/26 JVN#26393529:
Cybozu Garoon vulnerable to directory traversal
2014/02/26 JVN#24035499:
Cybozu Garoon vulnerable to session management
2014/02/26 JVN#48810179:
Denny's App for Android. contains an issue where it fails to verify SSL server certificates
2014/02/26 JVN#02017463:
Norman Security Suite vulnerable to privilege escalation
2014/02/26 JVN#87797318:
XooNIps vulnerable to cross-site scripting
2014/02/21 JVN#24730765:
Blackboard Vista/CE vulnerable to cross-site scripting
2014/02/21 JVN#43254599:
AutoCAD may insecurely load dynamic libraries
2014/02/21 JVN#33382534:
AutoCAD vulnerable to arbitrary VBScript execution
2014/02/10 JVN#14876762:[Critical]
Apache Commons FileUpload vulnerable to denial-of-service (DoS)
2014/02/07 JVN#50943964:
phpMyFAQ vulnerable to cross-site request forgery
2014/02/07 JVN#30050348:
phpMyFAQ vulnerable to cross-site scripting
2014/02/06 JVN#23256725:
Opera browser for Android issue in handling intent scheme URL's
2014/01/31 JVN#30718178:
Joyful Note vulnerable to cross-site scripting
2014/01/28 JVN#28011378:
Sanshiro Series vulnerable to arbitrary code execution
2014/01/28 JVN#91153528:
Multiple SQL injection vulnerabilities in Cybozu Garoon
2014/01/24 JVN#69986880:
OpenPNE vulnerable to PHP Object Injection
2014/01/24 JVN#49384502:
SimZip (Simple Zip Viewer) vulnerable to directory traversal
2014/01/22 JVN#51770585:
EC-CUBE vulnerable to authorization bypass
2014/01/22 JVN#17849447:
EC-CUBE vulnerable to information alteration
2014/01/22 JVN#81637882:
Information disclosure vulnerability in Sleipnir Mobile for Android
2014/01/10 JVN#85716574:
NeoFiler vulnerable to directory traversal
2014/01/10 JVN#44392991:
Security File Manager vulnerable to directory traversal
2014/01/10 JVN#51285738:
tetra filer vulnerable to directory traversal
2014/01/10 JVN#88313872:
ZIP with Pass vulnerable to directory traversal

2013

2013/12/26 JVN#69700259:
HP Autonomy Ultraseek vulnerable to cross-site scripting
2013/12/25 JVN#81706478:
Cybozu Garoon Keitai vulnerable to authentication bypass
2013/12/25 JVN#60997973:
Cybozu Garoon vulnerable to SQL injection
2013/12/24 JVN#63194482:
IrfanView vulnerable to buffer overflow
2013/12/24 JVN#13154935:
VMware ESX and ESXi may allow access to arbitrary files
2013/12/17 JVN#53768697:
Android OS vulnerable to arbitrary Java method execution
2013/12/13 JVN#28436508:
Juniper ScreenOS vulnerable to denial-of-service (DoS)
2013/12/10 JVN#21336955:
Cybozu Dezie vulnerable to cross-site scripting
2013/12/03 JVN#87729477:
Cybozu Garoon vulnerable to session fixation
2013/12/03 JVN#84221103:
Cybozu Garoon vulnerable to mail header injection
2013/12/03 JVN#94245330:
Cybozu Garoon vulnerable to denial-of-service (DoS)
2013/12/03 JVN#82375148:
Cybozu Garoon vulnerable to SQL injection
2013/12/03 JVN#23981867:
Multiple cross-site scripting vulnerabilities in Cybozu Garoon
2013/11/29 JVN#41703192:
TOWN (modified version) vulnerable to directory traversal
2013/11/22 JVN#97810280:
KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates
2013/11/22 JVN#28812735:
D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
2013/11/22 JVN#65312543:
D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
2013/11/20 JVN#06377589:
EC-CUBE vulnerable to cross-site scripting
2013/11/20 JVN#55630933:
EC-CUBE information disclosure vulnerability
2013/11/20 JVN#06870202:
EC-CUBE information disclosure vulnerability
2013/11/20 JVN#11221613:
EC-CUBE vulnerable to cross-site request forgery
2013/11/20 JVN#38790987:
EC-CUBE vulnerable to cross-site scripting
2013/11/20 JVN#61077110:
EC-CUBE vulnerable to information disclosure
2013/11/15 JVN#71256611:
ASP.NET vulnerable to open redirect
2013/11/12 JVN#44999463:
Ichitaro series vulnerable to arbitrary code execution
2013/11/07 JVN#28467717:
Page Scroller vulnerable to cross-site scripting
2013/11/07 JVN#12513975:
TOWN (modified version) vulnerable to cross-site scripting
2013/11/05 JVN#75720314:
Tiki Wiki CMS Groupware vulnerable to SQL injection
2013/11/05 JVN#81813850:
Tiki Wiki CMS Groupware vulnerable to cross-site scripting
2013/10/30 JVN#85336306:
Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU)
2013/10/30 JVN#70739377:
Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS)
2013/10/29 JVN#74608669:
RockDisk vulnerable to cross-site scripting
2013/10/18 JVN#52509236:
HDL-A and HDL2-A Series vulnerable in session management
2013/10/04 JVN#33788325:
Accela BizSearch vulnerable to cross-site scripting
2013/09/20 JVN#43152129:
SEIL Series routers vulnerable to buffer overflow
2013/09/20 JVN#40079308:
SEIL Series routers vulnerable in RADIUS authentication
2013/09/20 JVN#70245052:
D-Link DES-3810 Series vulnerable to denial-of-service (DoS)
2013/09/20 JVN#03082733:
D-Link DWL-2100AP vulnerable to denial-of-service (DoS)
2013/09/19 JVN#27443259:[Critical]
Internet Explorer vulnerable to arbitrary code execution
2013/09/19 JVN#62507275:
Multiple broadband routers may behave as open resolvers
2013/09/13 JVN#77455005:
ChamaCargo vulnerable to cross-site scripting
2013/09/12 JVN#01094166:
Opera vulnerable to cross-site scripting
2013/09/10 JVN#53014207:
Cybozu Office vulnerable to cross-site scripting
2013/09/06 JVN#19847770:
VMware ESX and ESXi vulnerable to buffer overflow
2013/09/06 JVN#72911629:
VMware ESX and ESXi vulnerable to directory traversal
2013/09/06 JVN#33504150:
Apache Struts vulnerable to remote command execution
2013/08/30 JVN#15973066:
EC-CUBE vulnerable to directory traversal when used in Windows
2013/08/21 JVN#24713981:
PHP OpenID Library vulnerable to XML external entity injection
2013/08/19 JVN#75084836:
Yahoo! Japan Shopping for Android contains an issue where it fails to verify SSL server certificates
2013/08/19 JVN#68156832:
Yafuoku! contains an issue where it fails to verify SSL server certificates
2013/08/13 JVN#21103639:
Cybozu Mailwise vulnerable to information disclosure
2013/08/07 JVN#44035194:
docomo overseas usage application vulnerability in the connection process
2013/07/29 JVN#00065218:
JP1/IT Desktop Management - Manager and Hitachi IT Operations Director vulnerable to privilege escalation
2013/07/26 JVN#25280162:
WordPress vulnerable to cross-site scripting
2013/07/22 JVN#26103805:
Oracle Enterprise Manager vulnerable to cross-site scripting
2013/07/19 JVN#38787103:
JBoss RichFaces vulnerable to remote code execution
2013/07/17 JVN#68663052:
Oracle Outside In vulnerable to denial-of-service (DoS)
2013/07/17 JVN#07497769:
Oracle Outside In vulnerable to buffer overflow
2013/07/16 JVN#19491840:
Cybozu Office session management vulnerability
2013/07/11 JVN#68773685:
AQUOS PhotoPlayer HN-PP150 vulnerable to denial-of-service (DoS)
2013/06/27 JVN#04161229:
EC-CUBE vulnerable to directory traversal
2013/06/27 JVN#98665228:
EC-CUBE vulnerable to cross-site scripting
2013/06/27 JVN#07192063:
EC-CUBE vulnerable to cross-site scripting
2013/06/27 JVN#34900750:
EC-CUBE vulnerable to code injection
2013/06/27 JVN#43886811:
EC-CUBE vulnerable to directory traversal
2013/06/27 JVN#85804149:
CLIP-MAIL vulnerable to cross-site scripting
2013/06/27 JVN#26394323:
POST-MAIL vulnerable to cross-site scripting
2013/06/18 JVN#19740283:
Cybozu Live for Android vulnerable in the WebView class
2013/06/18 JVN#63428218:
Cybozu Live for Android vulnerable to arbitrary Java method execution
2013/06/18 JVN#98712361:
Ichitaro series vulnerable to arbitrary code execution
2013/06/13 JVN#53622030:
Orchard vulnerable to cross-site scripting
2013/06/11 JVN#99813183:
Galapagos Browser vulnerable in the WebView class
2013/06/11 JVN#79301570:
Angel Browser vulnerable in the WebView class
2013/06/07 JVN#39218538:
Pizza Hut Japan Official Order App for Android. contains an issue where it fails to verify SSL server certificates
2013/06/07 JVN#63901692:
Internet Explorer vulnerable to information disclosure
2013/06/03 JVN#48108258:
HP ProCurve 1700 series switches vulnerable to cross-site request forgery
2013/05/31 JVN#24560784:
Adobe Reader X vulnerable to sandbox bypass
2013/05/31 JVN#07354844:
Safari information disclosure vulnerability
2013/05/31 JVN#53579095:
FileMaker Pro vulnerable to cross-site scripting
2013/05/31 JVN#85812843:
FileMaker Pro fails to verify SSL server certificates
2013/05/29 JVN#90289505:
Content Provider in MovatwiTouch fails to restrict access permissions
2013/05/29 JVN#22756333:
Sleipnir Mobile for Android vulnerable to address bar spoofing
2013/05/27 JVN#31817913:
Yahoo! Browser vulnerable to address bar spoofing
2013/05/23 JVN#39699406:
EC-CUBE vulnerable to information disclosure as a result of improper input checking
2013/05/23 JVN#45306814:
EC-CUBE fails to restrict access permissions
2013/05/23 JVN#00985872:
EC-CUBE vulnerable to session fixation
2013/05/23 JVN#52552792:
EC-CUBE vulnerable to cross-site scripting
2013/05/20 JVN#10461119:
Cross-site scripting vulnerability in the web2py social bookmarking widget
2013/05/15 JVN#85371480:
Wi-Fi Spot Configuration Software vulnerability in the connection process
2013/05/13 JVN#18501376:
OpenPNE vulnerable to cross-site scripting
2013/05/08 JVN#61972596:
Online Service Gate vulnerable in Office 365 password management
2013/04/26 JVN#55074201:
Yahoo! Browser vulnerable to address bar spoofing
2013/04/26 JVN#01313594:
jigbrowser+ for Android vulnerable to address bar spoofing
2013/04/15 JVN#06251813:
Multiple Cybozu products vulnerable to cross-site request forgery
2013/04/12 JVN#02895867:
Sleipnir Mobile for Android loads arbitrary Extension API
2013/04/11 JVN#65034198:
Sleipnir for Windows vulnerable to address bar spoofing
2013/04/04 JVN#04288738:
Active! mail vulnerable to information disclosure
2013/03/29 JVN#01167429:
OpenWnn for Android vulnerable to information disclosure
2013/03/28 JVN#51305555:
Lotus Domino vulnerable to denial-of-service (DoS)
2013/03/26 JVN#11434157:
OpenWnn/Flick support vulnerable to information disclosure
2013/03/26 JVN#11249169:
COBIME vulnerable to information disclosure
2013/03/26 JVN#80922020:
ArtIME Japanese Input vulnerable to information disclosure
2013/03/26 JVN#77360971:
Simeji vulnerable to information disclosure
2013/03/19 JVN#59503133:
Multiple NEC mobile routers vulnerable to cross-site request forgery
2013/03/18 JVN#41022517:
VxWorks Web Server vulnerable to denial-of-service (DoS)
2013/03/18 JVN#65923092:
VxWorks WebCLI vulnerable to denial-of-service (DoS)
2013/03/18 JVN#20671901:
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
2013/03/18 JVN#52492830:
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
2013/03/18 JVN#01611135:
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
2013/03/18 JVN#45545972:
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
2013/03/07 JVN#05132866:
Multiple Cisco products vulnerable to denial-of-service (DoS)
2013/03/01 JVN#55924624:
Kingsoft Writer vulnerable to buffer overflow
2013/02/28 JVN#36339873:
dopvSTAR* vulnerable to cross-site scripting
2013/02/28 JVN#64756004:
dopvCOMET* vulnerable to cross-site scripting
2013/02/26 JVN#16817324:
Multiple JustSystems products vulnerable to arbitrary code execution
2013/02/21 JVN#75585394:
NEC Universal RAID Utility fails to restrict access permissions
2013/02/15 JVN#02596643:
3DM (3ware Disk Manager) vulnerable to directory traversal
2013/02/14 JVN#78601526:
GREE for Android vulnerable to directory traversal
2013/02/14 JVN#09223079:
imgboard vulnerable to cross-site scripting
2013/02/08 JVN#95863326:
Cybozu Garoon vulnerable to cross-site scripting
2013/02/08 JVN#07629635:
Cybozu Garoon vulnerable to SQL injection
2013/02/07 JVN#91387819:
mora Downloader may insecurely load executable files
2013/01/31 JVN#86040029:
Weathernews Touch for Android stores location information in the system log file
2013/01/25 JVN#24343509:
WebSphere Application Server (WAS) vulnerable to cross-site scripting
2013/01/22 JVN#99681273:
myu-s / PHP WeblogSystem by netmania vulnerable to cross-site scripting
2013/01/18 JVN#52197991:
Documents Pro (formerly Files HD) vulnerable to directory traversal
2013/01/18 JVN#91881278:
Documents Pro (formerly Files HD) vulnerable to cross-site scripting

2012

2012/12/21 JVN#33159152:
Loctouch for Android information management vulnerability
2012/12/21 JVN#42625179:
Loctouch for Android vulnerable in handling of implicit intents
2012/12/21 JVN#65458431:
concrete5 vulnerable to cross-site scripting
2012/12/20 JVN#27691264:
Opera Mini / Opera Mobile for Android vulnerable in the WebView class
2012/12/20 JVN#69589791:
Boat Browser / Boat Browser Mini vulnerable in the WebView class
2012/12/17 JVN#66596216:
WikkaWiki vulnerable to cross-site scripting
2012/12/14 JVN#53269985:
Welcart vulnerable to cross-site request forgery
2012/12/14 JVN#18731696:
Welcart vulnerable to cross-site scripting
2012/12/06 JVN#23563149:
KENT-WEB ACCESS REPORT vulnerable to cross-site scripting
2012/12/06 JVN#68830017:
KENT-WEB ACCESS REPORT vulnerable to cross-site scripting
2012/11/30 JVN#83907168:
Multiple KYOCERA mobile devices may reboot during email reception
2012/11/21 JVN#60931933:
BIGACE vulnerable to session fixation
2012/11/16 JVN#56923652:
Monaca Debugger for Android information management vulnerability
2012/11/14 JVN#74829345:
Multiple Android devices vulnerable to denial-of-service (DoS)
2012/11/07 JVN#18223913:
BeZIP vulnerable to directory traversal
2012/11/02 JVN#55398821:
Pebble vulnerable to open redirect
2012/11/02 JVN#39563771:
Pebble vulnerable to HTTP header injection
2012/11/02 JVN#75492883:
Pebble vulnerability where entries may become unviewable
2012/11/02 JVN#52264310:
MosP kintai kanri vulnerable to authentication bypass
2012/11/02 JVN#23465354:
MosP kintai kanri fails to restrict access permissions
2012/10/31 JVN#75345069:
Mac OS X OpenSSH vulnerable to denial-of-service (DoS)
2012/10/26 JVN#00322303:
Tokyo BBS vulnerable to cross-site scripting
2012/10/23 JVN#42676559:
Safari vulnerable to local file content disclosure
2012/10/10 JVN#63650108:
Smarty vulnerable to cross-site scripting
2012/10/05 JVN#58160713:
MyWebSearch vulnerable to cross-site scripting
2012/09/28 JVN#86318665:
jigbrowser+ for Android vulnerable in the WebView class
2012/09/27 JVN#42014489:
Trend Micro Control Manager vulnerable to SQL injection
2012/09/25 JVN#93344001:
ATOK for Android issue in the access permissions for the learning information file
2012/09/20 JVN#56373673:
myLittleAdmin for SQL Server 2000 vulnerable to arbitrary script execution
2012/09/20 JVN#50701493:
Email Anti-virus (formerly WebShield SMTP) vulnerable to denial-of-service
2012/09/13 JVN#03015214:
KUNAI Browser for Remote Service beta vulnerable in the WebView class
2012/09/07 JVN#59652356:
Cybozu KUNAI for Android vulnerable in the WebView class
2012/09/07 JVN#23568423:
Cybozu KUNAI for Android vulnerable to arbitrary Java method execution
2012/08/31 JVN#77393797:
Cybozu Live for Android vulnerable in the WebView class
2012/08/31 JVN#23009798:
Cybozu Live for Android vulnerable to arbitrary Java method execution
2012/08/30 JVN#69880570:
Opera address bar spoofing vulnerability
2012/08/30 JVN#51615542:
Adobe Reader fails to properly handle signatures
2012/08/17 JVN#92038939:
mixi for Android information management vulnerability
2012/08/16 JVN#99192898:
Multiple GREE Android applications vulnerable in the WebView class
2012/08/08 JVN#39519659:
Sleipnir Mobile for Android vulnerable to arbitrary script execution
2012/08/08 JVN#99730704:
Sleipnir Mobile for Android vulnerable to arbitrary Java method execution
2012/08/07 JVN#67435981:
LINE for Android vulnerable in handling of implicit intents
2012/08/02 JVN#01598734:
GoodReader vulnerable to cross-site scripting
2012/07/30 JVN#51769987:
Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration
2012/07/30 JVN#90389651:
Multiple web browsers vulnerable in processing Tranfer-Encoding header
2012/07/24 JVN#88643450:
Sleipnir Mobile for Android vulnerable in the WebView class
2012/07/13 JVN#46088915:
Yahoo! Browser vulnerable in the WebView class
2012/07/06 JVN#79111101:
Movable Type plugin MT4i vulnerable to cross-site scripting
2012/07/06 JVN#03582364:
YY-BOARD vulnerable to cross-site scripting
2012/07/06 JVN#80835745:
Movable Type plugin MT4i vulnerable to cross-site scripting
2012/07/06 JVN#90615481:
Ruby hash table implementation vulnerable to denial-of-service
2012/07/03 JVN#59842447:
Zenphoto vulnerable to cross-site scripting
2012/07/03 JVN#05102851:
Yome Collection for Android issue in management of IMEI
2012/06/19 JVN#36993373:
SmallPICT vulnerable to cross-site scripting
2012/06/19 JVN#51176027:
Python SimpleHTTPServer vulnerable to cross-site scripting
2012/06/19 JVN#58102473:
WEB PATIO vulnerable to cross-site scripting
2012/06/19 JVN#33171616:
WEB PATIO vulnerable to cross-site scripting
2012/06/14 JVN#90751882:
Dolphin Browser vulnerable in the WebView class
2012/06/11 JVN#38163638:
Flash Player issue in implementations of the Same Origin Policy
2012/06/07 JVN#18397171:
FeedDemon vulnerable to arbitrary script execution
2012/06/06 JVN#24646833:
SEIL series fail to restrict access permissions
2012/06/06 JVN#15646988:
WordPress plugin WassUp vulnerable to cross-site scripting
2012/06/05 JVN#78305073:
@WEB ShoppingCart vulnerable to cross-site scripting
2012/06/01 JVN#23328321:
Puella Magi Madoka Magica iP for Android vulnerable to information disclosure
2012/06/01 JVN#97995841:
Segue vulnerable to SQL injection
2012/06/01 JVN#29083866:
Segue vulnerable to cross-site scripting
2012/05/25 JVN#85934986:
Logitec LAN-W300N/R series fails to restrict access permissions
2012/05/25 JVN#21422837:
Roundcube Webmail vulnerable to cross-site scripting
2012/05/25 JVN#39707339:
Opera fails to verify SSL server certificates
2012/05/25 JVN#47662377:
Sybase EAServer vulnerable to cross-site scripting
2012/05/25 JVN#77947437:
RSSOwl vulnerable to arbitrary script execution
2012/05/21 JVN#86044443:
iLunascape for Android vulnerable in the WebView class
2012/05/17 JVN#45898075:
Drupal Form API fails to validate the redirect URL
2012/05/15 JVN#53465692:
baserCMS vulnerable to session management
2012/05/15 JVN#63941302:
WEB MART from KENT-WEB vulnerable to cross-site scripting
2012/05/15 JVN#47536971:
WEB MART from KENT-WEB vulnerable to cross-site scripting
2012/04/26 JVN#15503729:
OSQA vulnerable to cross-site scripting
2012/04/26 JVN#82029095:
sp mode mail issue in the verification of SSL certificates
2012/04/24 JVN#09619876:
Multiple JustSystems products vulnerable to buffer overflow
2012/04/24 JVN#95378720:
Multiple JustSystems products may insecurely load dynamic libraries
2012/04/20 JVN#00000601:
TwitRocker2 (Android version) vulnerable in the WebView class
2012/04/13 JVN#90055996:
Dokodemo Rikunabi 2013 vulnerable to cross-site scripting
2012/04/13 JVN#33283707:
ActiveScriptRuby vulnerable to arbitrary Ruby script execution
2012/04/05 JVN#97200417:
SENCHA SNS vulnerable to session fixation
2012/04/05 JVN#44913777:
SENCHA SNS vulnerable to cross-site request forgery
2012/04/05 JVN#92830293:
TOSHIBA TEC e-Studio series vulnerable to authentication bypass
2012/03/19 JVN#83459967:
Janetter vulnerable to cross-site request forgery
2012/03/19 JVN#10745573:
Janetter vulnerable to information disclosure
2012/03/13 JVN#93406632:
Redmine vulnerable to cross-site scripting
2012/03/13 JVN#31860555:
twicca fails to restrict access permissions
2012/03/09 JVN#79950061:
Jenkins vulnerable to cross-site scripting
2012/03/09 JVN#14791558:
Jenkins vulnerable to cross-site scripting
2012/03/09 JVN#56653852:
SquirrelMail plugin Autocomplete vulnerable to cross-site scripting
2012/03/05 JVN#08871006:
ES File Explorer fails to restrict access permissions
2012/03/01 JVN#31517714:
Kingsoft Internet Security 2011 vulnerable to denial-of-service
2012/02/23 JVN#20083397:
Movable Type vulnerable to session hijacking
2012/02/23 JVN#92683325:
Movable Type vulnerable to OS command injection
2012/02/23 JVN#49836527:
Movable Type vulnerable to cross-site scripting
2012/02/23 JVN#70683217:
Movable Type vulnerable to cross-site request forgery
2012/02/22 JVN#25731073:
Multiple COOKPAD applications for Android vulnerable in WebView class
2012/02/15 JVN#35256978:
cforms II vulnerable to cross-site scripting
2012/02/13 JVN#85695061:
ALFTP may insecurely load executable files
2012/02/10 JVN#79099262:
Apache Struts 2 vulnerable to an arbitrary Java method execution
2012/02/01 JVN#33021167:
Pocket WiFi (GP02) vulnerable to cross-site request forgery
2012/01/23 JVN#65869891:
glucose 2 vulnerable to arbitrary script execution
2012/01/20 JVN#38216398:
osCommerce vulnerable to directory traversal
2012/01/20 JVN#64386898:
osCommerce vulnerable to cross-site scripting
2012/01/20 JVN#36559450:
osCommerce Japanese version vulnerable to cross-site scripting
2012/01/20 JVN#54779201:
Oracle WebLogic Server vulnerable to cross-site scripting
2012/01/11 JVN#78901873:
Wibu-Systems CodeMeter Runtime vulnerable to denial-of-service
2012/01/11 JVN#63249231:
Cogent DataHub vulnerable to HTTP header injection
2012/01/11 JVN#12983784:
Cogent DataHub vulnerable to cross-site scripting

2011

2011/12/26 JVN#44439553:
WordPress Japanese vulnerable to cross-site scripting
2011/12/26 JVN#40498018:
WordPress vulnerable to arbitrary PHP code execution
2011/12/26 JVN#60887968:
Movable Type Plugin MailForm vulnerable to cross-site scripting
2011/12/22 JVN#76515037:
PukiWiki Plus! vulnerable to cross-site scripting
2011/12/22 JVN#25435092:
Apache Struts vulnerable to cross-site scripting
2011/12/15 JVN#15549168:
Safari for iOS vulnerable to denial-of-service
2011/12/15 JVN#05255562:
Multiple vulnerabilities in products that use the Preboot Execution Environment (PXE) SDK
2011/12/09 JVN#94002296:
FFFTP may insecurely load executable files
2011/12/08 JVN#70502960:
phpWebSite vulnerable to cross-site scripting
2011/12/06 JVN#04329324:
Etomite vulnerable to cross-site scripting
2011/12/02 JVN#61695284:
PowerChute Business Edition vulnerable to cross-site scripting
2011/11/21 JVN#48839888:
Nikki vulnerable to OS command injection
2011/11/21 JVN#80081509:
Nikki vulnerable to directory traversal
2011/11/08 JVN#16901583:
ChaSen vulnerable to buffer overflow
2011/11/08 JVN#33861625:
Iwate Portal Bar vulnerable to arbitrary script execution
2011/11/04 JVN#37223351:
WebObjects vulnerable to cross-site scripting
2011/11/04 JVN#71349007:
Opengear console servers vulnerable to authentication bypass
2011/11/01 JVN#98649286:
CSWorks LiveData Service vulnerable to denial-of-service (DoS)
2011/10/31 JVN#56667137:
Multiple SKYARC System Co., Ltd. products vulnerable to cross-site request forgery
2011/10/31 JVN#41032068:
Multiple SKYARC System Co., Ltd. products fail to restrict access permissions
2011/10/28 JVN#50227837:
Touhou Hisouten vulnerable to denial-of-service
2011/10/28 JVN#72640744:
Multiple D-Link products vulnerable to buffer overflow
2011/10/28 JVN#62336482:
FFFTP may insecurely load executable files
2011/10/17 JVN#41657660:
Safari for iOS vulnerable to cross-site scripting
2011/10/14 JVN#44496332:
EC-CUBE vulnerable to SQL injection
2011/10/14 JVN#51216285:
DBD::mysqlPP vulnerable to SQL injection
2011/10/13 JVN#07414354:
DAEMON Tools vulnerable to denial-of-service
2011/10/13 JVN#04013920:
Pligg vulnerable to cross-site scripting
2011/10/13 JVN#08307791:
Plume vulnerable to cross-site scripting
2011/10/11 JVN#80971236:
WEB FORUM vulnerable to cross-site scripting
2011/10/11 JVN#89764731:
WEB FORUM vulnerable to cross-site scripting
2011/10/11 JVN#36684331:
WEB FORUM vulnerable to cross-site scripting
2011/10/07 JVN#84838479:
Cybozu Office vulnerable in restricting access
2011/10/07 JVN#34980730:
A-Form vulnerable in restricting access
2011/10/07 JVN#03869266:
Enkai-kun vulnerable to cross-site scripting
2011/09/30 JVN#16617002:
BaserCMS vulnerable to access restriction
2011/09/30 JVN#09789751:
BaserCMS vulnerable to cross-site scripting
2011/09/16 JVN#28973089:
SemanticScuttle vulnerable to cross-site scripting
2011/09/09 JVN#45458289:
Megalith vulnerable to authentication bypass
2011/09/02 JVN#58019849:
GTK+ may insecurely load dynamic libraries
2011/09/02 JVN#44642341:
Juniper Networks IDP ACM vulnerable to cross-site scripting
2011/09/02 JVN#99203127:
Sage vulnerable to arbitrary script execution
2011/09/02 JVN#30221194:
Sage vulnerable to arbitrary script execution
2011/09/02 JVN#71435255:
Multiple vulnerabilities in Phorum
2011/08/26 JVN#29529126:
Samba Web Administration Tool vulnerable to cross-site request forgery
2011/08/26 JVN#63041502:
Samba Web Administration Tool vulnerable to cross-site scripting
2011/08/26 JVN#02134508:
WebsiteBaker vulnerable to cross-site scripting
2011/08/19 JVN#06924191:
Microsoft Windows XP vulnerable to denial-of-service (DoS)
2011/08/16 JVN#31506102:
Aipo vulnerable to SQL injection
2011/08/16 JVN#72854072:
Aipo vulnerable to cross-site request forgery
2011/08/12 JVN#96E584EB:
Internet Explorer window display vulnerability
2011/08/10 JVN#80404511:
Windows URL Protocol Handler may insecurely load executable files
2011/07/29 JVN#43105011:
Android vulnerability where an incorrect SSL certificate is displayed
2011/07/28 JVN#74649877:
Mozilla Firefox vulnerable to cross-site scripting
2011/07/28 JVN#96950482:
Mozilla Firefox vulnerable to cross-site scripting
2011/07/28 JVN#70984231:
Mozilla Firefox vulnerable to denial-of-service (DoS)
2011/07/28 JVN#36721438:
Mozilla Firefox vulnerability in processing content-length header
2011/07/27 JVN#41222793:
Plone vulnerable to cross-site scripting
2011/07/25 JVN#47124169:
Oracle iPlanet Web Server information disclosure vulnerability
2011/07/15 JVN#87908726:
ASP.NET vulnerable to cross-site scripting
2011/07/15 JVN#86220950:
Google Search Appliance vulnerable to cross-site scripting
2011/07/08 JVN#51325625:
Internet Explorer vulnerable to cross-site scripting
2011/07/05 JVN#17844633:
XnView may insecurely load executable files
2011/07/05 JVN#47757122:
Opera vulnerable to denial-of-service (DoS)
2011/06/29 JVN#01547302:
ALZip vulnerable to buffer overflow
2011/06/24 JVN#55508059:
Cybozu Office vulnerable to cross-site scripting
2011/06/24 JVN#54074460:
Multiple Cybozu products vulnerable to cross-site scripting
2011/06/24 JVN#80877328:
Multiple Cybozu products vulnerable to cross-site scripting
2011/06/24 JVN#59779256:
Cybozu Garoon vulnerable to cross-site scripting
2011/06/20 JVN#43386477:
WeblyGo vulnerable to cross-site scripting
2011/06/16 JVN#87239473:
Ichitaro series vulnerable to arbitrary code execution
2011/06/15 JVN#40382909:
Microsoft Outlook read receipt function vulnerability
2011/06/15 JVN#72586781:
ASP.NET vulnerable to cross-site scripting
2011/06/15 JVN#26408023:
Internet Explorer vulnerable to cross-site scripting
2011/06/15 JVN#73643130:
Microsoft MSXML vulnerability in HTTP request processing
2011/06/15 JVN#63451350:
Clipboard contents alteration vulnerability in Internet Explorer
2011/06/15 JVN#5D1D3E36:
Microsoft Windows VBScript implementation file name disclosure vulnerability
2011/06/10 JVN#18680611:
Java Web Start may insecurely load dynamic libraries
2011/06/10 JVN#09206238:
Java Web Start may insecurely load settings files
2011/06/10 JVN#29212182:
Java Web Start may insecurely load policy files
2011/05/26 JVN#46984044:
WalRack upload file handilng vulnerability
2011/05/25 JVN#45658190:
Movable Type vulnerable to cross-site scripting
2011/05/19 JVN#77697803:
iVIEW Suite vulnerable to SQL injection
2011/05/17 JVN#99175647:
Virus Buster 2009 key input encryption function vulnerability
2011/05/11 JVN#96839637:
La Fonera+ vulnerable to denial-of-service (DoS)
2011/05/11 JVN#63898867:
Applications that use the Windows Help function may be vulnerable to privilege escalation
2011/05/10 JVN#37878530:
EC-CUBE vulnerable to cross-site request forgery
2011/04/19 JVN#50505257:
Multiple Buffalo routers vulnerable to cross-site request forgery
2011/04/11 JVN#55714408:
Multiple Yamaha routers vulnerable to denial-of-service (DoS)
2011/04/08 JVN#11424086:
Password Vault Web Access vulnerable to cross-site scripting
2011/03/25 JVN#99977321:
Picasa may insecurely load executable files
2011/03/14 JVN#01635457:
e107 vulnerable to cross-site scripting
2011/03/10 JVN#81294135:
IBM Tivoli vulnerable to denial-of-service (DoS)
2011/03/07 JVN#73162541:
OTRS vulnerable to OS command injection
2011/03/04 JVN#97334690:
IBM Lotus vulnerable to denial-of-service (DoS)
2011/03/04 JVN#26301278:
IBM WebSphere Application Server vulnerable to denial-of-service (DoS)
2011/03/04 JVN#16308183:
IBM DB2 vulnerable to denial-of-service (DoS)
2011/03/02 JVN#20982938:
Multiple Things CGI products vulnerable to cross-site scripting
2011/02/28 JVN#88991166:
SEIL Series routers vulnerable to buffer overflow
2011/02/23 JVN#38362957:
Lunascape may insecurely load executable files
2011/02/16 JVN#71542734:
F-Secure Internet Gatekeeper for Linux authentication issue
2011/02/02 JVN#33880169:
Opera may insecurely load executable files
2011/02/02 JVN#84393059:
EC-CUBE vulnerable to cross-site scripting
2011/01/26 JVN#95385972:
MODx Evolution vulnerable to directory traversal
2011/01/26 JVN#54092716:
MODx Evolution vulnerable to SQL injection
2011/01/21 JVN#94695018:
Lunascape may insecurely load dynamic libraries
2011/01/21 JVN#26605630:
Cisco Linksys WRT54GC vulnerable to buffer overflow
2011/01/18 JVN#09115481:
Cross-site scripting vulnerability in multiple Rocomotion products
2011/01/18 JVN#30414126:
Ruby Version Manager escape sequence injection vulnerability
2011/01/11 JVN#86347943:
SGX-SP Final and SGX-SP Final NE vulnerable to cross-site scripting
2011/01/11 JVN#53293565:
Contents-Mall vulnerability in password handling
2011/01/11 JVN#50704770:
Aipo vulnerable to SQL injection
2011/01/07 JVN#30881447:
SquirrelMail vulnerable to cross-site request forgery
2011/01/07 JVN#09157962:
SquirrelMail vulnerable to cross-site scripting

2010

2010/12/17 JVN#02175694:
AttacheCase may insecurely load executable files
2010/12/15 JVN#33301529:
Internet Explorer vulnerable to cross-site scripting
2010/12/15 JVN#21120853:
Internet Explorer vulnerable to cross-site scripting
2010/12/15 JVN#30273074:
Internet Explorer vulnerable to cross-site scripting
2010/12/15 JVN#62275332:
Internet Explorer vulnerable to cross-site scripting
2010/12/08 JVN#78536512:[Critical]
Movable Type vulnerable to SQL injection
2010/12/08 JVN#36673836:
Movable Type vulnerable to cross-site scripting
2010/12/08 JVN#62736872:
Vulnerability in Epson printer driver installer where access permissions are changed
2010/12/01 JVN#76662040:
Clipboard contents alteration vulnerability in Grani
2010/12/01 JVN#64764004:
Clipboard contents alteration vulnerability in Sleipnir
2010/11/26 JVN#36765384:
Google Chrome information disclosure vulnerability
2010/11/26 JVN#46026251:
Safari address bar spoofing vulnerability
2010/11/09 JVN#48425028:
Flash Player access restriction bypass vulnerability
2010/11/04 JVN#01948274:
Ichitaro series vulnerable to arbitrary code execution
2010/11/04 JVN#19173793:
Ichitaro series vulnerable to arbitrary code execution
2010/11/01 JVN#27868039:
GVim may insecurely load dynamic libraries
2010/10/29 JVN#72541530:
Active! mail 6 vulnerable to HTTP header injection
2010/10/22 JVN#07497935:
Multiple Yokka provided products may insecurely load executable files
2010/10/22 JVN#89272705:
Sleipnir and Grani may insecurely load executable files
2010/10/22 JVN#50610528:
Sleipnir and Grani may insecurely load dynamic libraries
2010/10/21 JVN#71138390:
Apsaly may insecurely load executable files
2010/10/21 JVN#48097065:
TeraPad may insecurely load dynamic libraries
2010/10/20 JVN#68536660:
Archive Decoder may insecurely load executable files
2010/10/20 JVN#85599999:
Explzh may insecurely load executable files
2010/10/18 JVN#50133036:
Cross-site Request Forgery Vulnerability in Oracle iPlanet Web Server
2010/10/15 JVN#36921800:
K2Editor may insecurely load executable files
2010/10/15 JVN#04665167:
XacRett may insecurely load executable files
2010/10/15 JVN#18774708:
Lhaplus may insecurely load executable files
2010/10/12 JVN#88850043:
Lhasa may insecurely load executable files
2010/10/12 JVN#82752978:
Lhaplus may insecurely load dynamic libraries
2010/10/05 JVN#69191943:
AD-EDIT2 vulnerable to cross-site scripting
2010/09/10 JVN#35605523:
Cross-site scripting vulnerability in Access Analyzer CGI by futomi's CGI Cafe
2010/08/31 JVN#75101998:
moobbs2 vulnerable to cross-site scripting
2010/08/31 JVN#24423311:
moobbs vulnerable to cross-site scripting
2010/08/25 JVN#12683004:
SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability
2010/08/20 JVN#91740962:[Critical]
Winny vulnerable to buffer overflow
2010/08/20 JVN#21471805:[Critical]
Winny vulnerable to buffer overflow
2010/08/20 JVN#25393522:[Critical]
Winny node information processing vulnerability
2010/08/20 JVN#54336184:[Critical]
Winny BBS information processing vulnerability
2010/08/13 JVN#86832361:
Microsoft Windows denial of service (DoS) vulnerability
2010/06/22 JVN#34729123:
Explzh buffer overflow vulnerability
2010/06/14 JVN#67120749:
Multiple vulnerabilities in ActiveGeckoBrowser
2010/06/02 JVN#36925871:
e-Pares vulnerable to session fixation
2010/06/02 JVN#82465391:
e-Pares vulnerable to cross-site request forgery
2010/06/02 JVN#58439007:
e-Pares vulnerable to cross-site scripting
2010/06/01 JVN#17293765:
Ichitaro series vulnerable to arbitrary code execution
2010/05/17 JVN#82749282:
CapsSuite Small Edition PatchMeister vulnerable to denial of service
2010/05/17 JVN#90872372:
WebSAM DeploymentManager vulnerable to denial of service
2010/05/17 JVN#90248889:
Interstage Application Server vulnerable in request processing
2010/05/12 JVN#92854093:
Movable Type vulnerable to cross-site scripting
2010/04/19 JVN#87730223:
Multiple Cybozu products vulnerable to authentication bypass
2010/04/12 JVN#98467259:
Ichitaro series vulnerable to arbitrary code execution
2010/04/08 JVN#14313132:
Cisco Router and Security Device Manager vulnerable to cross-site scripting
2010/04/08 JVN#46669729:
MODx vulnerable to cross-site scripting
2010/04/08 JVN#19774883:
MODx vulnerable to SQL injection
2010/04/07 JVN#49467403:
Internet Explorer information disclosure vulnerability
2010/04/02 JVN#60969543:
HL-SiteManager vulnerable to SQL injection
2010/04/01 JVN#38687002:
Compiere vulnerable to cross-site scripting
2010/04/01 JVN#57963254:
Compiere vulnerable to cross-site scripting
2010/04/01 JVN#41842181:
PrettyFormMail vulnerable to cross-site scripting
2010/03/05 JVN#06874657:
OpenPNE authentication bypass vulnerability
2010/02/25 JVN#73331060:
tDiary plugin tb-send.rb vulnerable to cross-site scripting
2010/01/14 JVN#50837839:
Oracle Application Server vulnerable to cross-site scripting
2010/01/12 JVN#22247093:
WebCalenderC3 vulnerable to directory traversal
2010/01/12 JVN#33977065:
WebCalenderC3 cross-site scripting vulnerability
2010/01/06 JVN#09872874:
Movable Type access restriction bypass vulnerability

2009

2009/12/15 JVN#00152874:
P forum vulnerable to directory traversal
2009/12/09 JVN#49602378:
SEIL/B1 authentication issue
2009/12/08 JVN#36207497:
Active! mail 2003 cookie disclosure vulnerability
2009/12/08 JVN#85821104:
Active! mail 2003 session ID disclosure vulnerability
2009/12/08 JVN#49083120:
Active! mail 2003 cross-site scripting vulnerability
2009/12/07 JVN#79762947:[Critical]
EC-CUBE information disclosure vulnerability
2009/11/19 JVN#87341298:
Redmine vulnerable to cross-site request forgery
2009/11/19 JVN#01245481:
Redmine vulnerable to cross-site scripting
2009/11/04 JVN#75694913:
Roundcube Webmail vulnerable to cross-site request forgery
2009/11/04 JVN#72974205:
Roundcube Webmail vulnerable to cross-site request forgery
2009/10/28 JVN#13011682:
SEIL/X Series and SEIL/B1 denial of service vulnerability
2009/10/28 JVN#06362164:
SEIL/X Series and SEIL/B1 buffer overflow vulnerability
2009/10/26 JVN#75368899:
Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks
2009/10/20 JVN#33822756:
Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting
2009/10/15 JVN#23108985:
Multiple Cybozu products vulnerable to cross-site scripting
2009/10/02 JVN#84396512:
SugarCRM vulnerable to cross-site scripting
2009/09/18 JVN#65914253:
Directory traversal vulnerability in multiple phpspot products
2009/09/18 JVN#53591199:
Cross-site scripting vulnerability in multiple phpspot products
2009/09/17 JVN#00425482:
XF-Section vulnerable to cross-site scripting
2009/09/17 JVN#39157969:
Third-party cookie issue in Opera
2009/09/11 JVN#05857667:[Critical]
Webservice-DIC yoyaku_v41 vulnerable to command injection
2009/09/09 JVN#62211338:[Critical]
Buffer overflow vulnerability in Microsoft Windows
2009/09/02 JVN#57040664:
ATOK screen lock bypass vulnerability
2009/08/27 JVN#68640473:
bingo!CMS core and bingo!CMS vulnerable to cross-site request forgery
2009/08/24 JVN#31035930:
SugarCRM vulnerable to SQL injection
2009/08/21 JVN#20478978:
Site Calendar 'mycaljp' vulnerable to cross-site scripting
2009/08/19 JVN#21388501:
ColdFusion vulnerable to cross-site scripting
2009/08/05 JVN#15267895:
Cross-site request forgery vulnerability in FreeNAS
2009/08/05 JVN#89791790:
Cross-site scripting vulnerability in FreeNAS
2009/07/31 JVN#80436657:[Critical]
Webservice-DIC yoyaku_v41 vulnerable to command injection
2009/07/29 JVN#59748723:
MySQL Connector/J vulnerable to SQL injection
2009/07/24 JVN#29852698:
Cross-site scripting vulnerability in RevoCounter CGI (Animation Counter)
2009/07/14 JVN#31110006:
shiromuku(fs6)DIARY cross-site scripting vulnerability
2009/06/25 JVN#32788272:
PHP-I-BOARD from Let's PHP! vulnerable to directory traversal
2009/06/25 JVN#20219071:
PHP-I-BOARD from Let's PHP! vulnerable to cross-site scripting
2009/06/25 JVN#93827000:
Tree BBS from Let's PHP! vulnerable to cross-site scripting
2009/06/24 JVN#08369659:
Movable Type access restriction bypass vulnerability
2009/06/24 JVN#86472161:
Movable Type cross-site scripting vulnerability
2009/06/19 JVN#12244807:
Cross-site scripting vulnerability in PukiWikiMod from XOOPS Maniac
2009/06/18 JVN#87239696:
iPhone OS denial of service (DoS) vulnerability
2009/06/11 JVN#70858401:[Critical]
Buffer overflow vulnerability in Microsoft Works converters
2009/06/10 JVN#55752635:
Cross-site scripting vulnerability in activeCollab
2009/06/09 JVN#87272440:
Apache Tomcat denial of service (DoS) vulnerability
2009/06/09 JVN#63832775:
Apache Tomcat information disclosure vulnerability
2009/06/08 JVN#20689557:
Predictable session ID vulnerability in Serene Bach
2009/05/29 JVN#70836284:
IMG-BBS from MT312 vulnerable to cross-site scripting
2009/05/29 JVN#01115659:
REP-BBS from MT312 vulnerable to cross-site scripting
2009/05/29 JVN#62527913:
Directory traversal vulnerability in multiple Cisco Systems products
2009/05/22 JVN#57036470:
Cross-site scripting vulnerability in leger (free edition)
2009/05/21 JVN#42927215:
a-News from Appleple vulnerable to cross-site scripting
2009/05/20 JVN#02331156:
HP System Management Homepage vulnerable to cross-site scripting
2009/05/18 JVN#28521500:
Trees from CGI RESCUE vulnerable to cross-site scripting
2009/05/13 JVN#73653977:
Sun GlassFish Enterprise Server and Sun Java System Application Server vulnerable to cross-site scripting
2009/05/11 JVN#03114223:
SQL injection vulnerability in SKIP from SKIP User Group
2009/05/11 JVN#43233160:
Cross-site scripting vulnerability in SKIP from SKIP User Group
2009/04/27 JVN#28020230:
Web Mailer from CGI RESCUE vulnerable to HTTP header injection
2009/04/27 JVN#76370393:
FORM2MAIL from CGI RESCUE allows unauthorized email transmission
2009/04/27 JVN#11396739:
Cross-site scripting vulnerability in MiniBBS from CGI RESCUE
2009/04/27 JVN#36982346:
MiniBBS22 from CGI RESCUE allows unauthorized email transmission
2009/04/24 JVN#97248625:
Movable Type cross-site scripting vulnerability
2009/04/16 JVN#82744714:
Cross-site scripting vulnerability in apricot.php from LovPop.net
2009/04/07 JVN#33846134:
Ichitaro series buffer overflow vulnerability
2009/04/02 JVN#74747784:
XOOPS Cube Legacy cross-site scripting vulnerability
2009/03/31 JVN#63511247:
Access Analyzer CGI Professional Version vulnerability allows third party to gain administrative privileges
2009/03/16 JVN#23558374:
Cross-site scripting vulnerability in Access Analyzer CGI Standard Version (Ver. 3.x)
2009/03/10 JVN#84899898:
MP Form Mail CGI vulnerability allows third party to gain administrative privileges
2009/02/26 JVN#66905322:
Apache Tomcat information disclosure vulnerability
2009/02/25 JVN#91591874:
PEAK XOOPS piCal cross-site scripting vulnerability
2009/02/23 JVN#16767117:
Buffer overflow vulnerability in ActiveX Control for Sony SNC series network cameras
2009/02/12 JVN#29641290:[Critical]
Becky! Internet Mail buffer overflow vulnerability
2009/02/10 JVN#45184501:
FAST ESP cross-site scripting vulnerability
2009/01/23 JVN#80771386:
Fulltext search CGI vulnerability allows third party to gain administrative privileges
2009/01/20 JVN#93431860:
Oracle WebLogic Server vulnerable to cross-site scripting
2009/01/15 JVN#28344798:
Cisco IOS cross-site scripting vulnerability
2009/01/09 JVN#72630020:
MODx vulnerable to SQL injection
2009/01/09 JVN#66828183:
MODx cross-site request forgery vulnerability
2009/01/09 JVN#10170564:
MODx cross-site scripting vulnerability
2009/01/08 JVN#71945722:
Movable Type Enterprise cross-site scripting vulnerability
2009/01/07 JVN#36802959:
MyNETS cross-site scripting vulnerability

2008

2008/12/25 JVN#98063934:
BlackJumboDog authentication bypass vulnerability
2008/12/25 JVN#17298485:
Mayaa cross-site scripting vulnerability
2008/12/19 JVN#50327700:
PHP vulnerable to cross-site scripting
2008/12/12 JVN#07468800:
Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe
2008/12/03 JVN#02216739:
Movable Type Enterprise cross-site scripting vulnerability
2008/11/26 JVN#70599814:
I-O DATA DEVICE HDL-F series cross-site request forgery vulnerability
2008/11/21 JVN#86833991:
CGI RESCUE MiniBBS2000 directory traversal vulnerability
2008/11/17 JVN#47875752:
GungHo LoadPrgAx vulnerable to arbitrary Java program execution
2008/11/06 JVN#19072922:[Critical]
EC-CUBE vulnerable to SQL injection
2008/11/06 JVN#67060882:
sISAPILocation vulnerability bypasses HTTP header rewrite function
2008/10/28 JVN#20502807:[Critical]
Snoopy command injection vulnerability
2008/10/20 JVN#53267766:
MyNETS cross-site scripting vulnerability
2008/10/20 JVN#55410403:
Internet Explorer vulnerable in handling CDO protocol
2008/10/20 JVN#03300113:
Blosxom vulnerable to cross-site scripting
2008/10/17 JVN#81490697:
Movable Type cross-site scripting vulnerability
2008/10/17 JVN#67334580:
hisa_cart information disclosure vulnerability
2008/10/10 JVN#30732239:
Apache Tomcat allows access from a non-permitted IP address
2008/10/06 JVN#92651529:
Nucleus EUC-JP Japanese Edition vulnerable to cross-site scripting
2008/10/01 JVN#81111541:[Critical]
EC-CUBE vulnerable to SQL injection
2008/10/01 JVN#99916563:
EC-CUBE cross-site scripting vulnerability
2008/10/01 JVN#36085487:
EC-CUBE cross-site scripting vulnerability
2008/10/01 JVN#26621646:
EC-CUBE cross-site scripting vulnerability
2008/09/26 JVN#54824688:
phpMyAdmin cross-site scripting vulnerability
2008/09/17 JVN#94163107:
Kantan WEB Server cross-site scripting vulnerability
2008/09/17 JVN#79026329:
Kantan WEB Server directory traversal vulnerability
2008/09/10 JVN#18616622:
Multiple Tor World CGI scripts vulnerable to arbitrary script execution
2008/09/09 JVN#30385652:
Movable Type vulnerable to cross-site scripting
2008/09/09 JVN#55010230:
Sound Master 2nd from High Norm vulnerable to cross-site scripting
2008/09/03 JVN#79914432:
Webservice-DIC shop_v50 and shop_v52 vulnerable to cross-site scripting
2008/08/29 JVN#03859837:
Blogn vulnerable to cross-site scripting
2008/08/29 JVN#84125369:
Blogn vulnerable to cross-site request forgery
2008/08/26 JVN#27417220:
mysql-lists from AquaGardenSoft Co.,Ltd. vulnerable to cross-site scripting
2008/08/21 JVN#53886050:
Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script execution
2008/08/21 JVN#52557009:
La!cooda WIZ and LacoodaST vulnerable to cross-site scripting
2008/08/21 JVN#31723154:
LacoodaST from SpaceTag, Inc. session fixation vulnerability
2008/08/21 JVN#83428818:
La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery
2008/08/12 JVN#66077895:
Virus Security and Virus Security ZERO denial of service (DoS) vulnerability
2008/07/31 JVN#33706820:
Multiple Panasonic Communications Co., Ltd. network cameras vulnerable to cross-site scripting
2008/07/25 JVN#60419863:
Geeklog Forum Plugin vulnerable to cross-site scripting
2008/07/23 JVN#72065744:
K's CGI Access Log Kaiseki (Jcode.pm) vulnerable to cross-site scripting
2008/07/23 JVN#46869708:
K's CGI Access Log Kaiseki (jcode.pl) vulnerable to cross-site scripting
2008/07/22 JVN#67573833:
Multiple Century Systems routers vulnerable to cross-site request forgery
2008/07/18 JVN#49704543:
WebProxy from LunarNight Laboratory vulnerable to cross-site scripting
2008/07/18 JVN#81667751:
Directory traversal vulnerability in WebLogic Server and WebLogic Express plug-ins
2008/07/14 JVN#88676089:
Safari installed in iPod touch and iPhone vulnerable in handling server certificates
2008/07/07 JVN#00945448:
Redmine vulnerable to cross-site scripting
2008/07/03 JVN#77432756:
FreeStyleWiki cross-site scripting vulnerability
2008/06/27 JVN#52363223:
Cybozu Garoon vulnerable to arbitrary script execution
2008/06/27 JVN#18700809:
Cybozu Garoon session fixation vulnerability
2008/06/27 JVN#18405927:
Multiple Cybozu products vulnerable to cross-site request forgery
2008/06/25 JVN#36635562:
nProtect : Netizen denial of service (DoS) vulnerability
2008/06/19 JVN#45389864:
CGIWrap error page cross-site scripting vulnerability
2008/06/17 JVN#14072646:
BlognPlus SQL injection vulnerability
2008/06/10 JVN#88935101:
X.Org Foundation X server buffer overflow vulnerability
2008/06/04 JVN#25448394:
Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history
2008/05/30 JVN#43906021:
WEB MART from KENT WEB vulnerable to cross-site scripting
2008/04/28 JVN#74468481:[Critical]
Lhaplus buffer overflow vulnerability
2008/04/28 JVN#31351020:
Cross-site scripting vulnerabilities in multiple Bluemoon Inc. XOOPS modules
2008/04/23 JVN#76788395:
Sony mylo COM-2 does not verify server SSL certificate
2008/04/04 JVN#21563357:
Mozilla Firefox cross-site scripting vulnerability
2008/03/27 JVN#76669770:
PerlMailer cross-site scripting vulnerability
2008/03/27 JVN#58803701:
DesignForm cross-site scripting vulnerability
2008/03/21 JVN#00892830:
Namazu cross-site scripting vulnerability
2008/03/18 JVN#13159997:[Critical]
Multiple I-O DATA DEVICE wireless LAN routers default configuration does not set authentication
2008/03/12 JVN#79114735:
Google Desktop cross-site scripting vulnerability
2008/03/11 JVN#04032535:
Sun Java Runtime Environment (JRE) contains a vulnerability in processing XSLT transformations
2008/03/07 JVN#10606373:
BFup ActiveX Control buffer overflow vulnerability
2008/03/07 JVN#21312708:
MTCMS WYSIWYG Editor cross-site scripting vulnerability
2008/03/07 JVN#95014590:
Zimbra Collaboration Suite script execution vulnerability
2008/03/05 JVN#10056705:
FTP bounce vulnerability in multiple Canon digital multifunction copiers and laser beam printers
2008/02/29 JVN#53757727:
Nagios cross-site scripting vulnerability
2008/02/21 JVN#54593414:
Cross-site scripting vulnerability in multiple Tor World CGI scripts
2008/02/21 JVN#42381549:
Internet Scanner reporting engine vulnerable to cross-site scripting
2008/02/12 JVN#09470767:
Apache Tomcat fails to properly handle cookie value
2008/02/07 JVN#38893575:
PC2M cross-site scripting vulnerability
2008/02/05 JVN#91868305:
RaidenHTTPD cross-site scripting vulnerability
2008/01/28 JVN#01162446:
Cross-site scripting vulnerabilities in multiple Hal Networks shopping cart products
2008/01/28 JVN#88575577:
Multiple Yamaha routers vulnerable to cross-site request forgery
2008/01/07 JVN#08237857:
Multiple JustSystems products vulnerable to buffer overflow

2007

2007/12/26 JVN#33044255:
GreaseKit and Creammonkey allows execution of userscript functions
2007/12/25 JVN#44736880:
WinAce buffer overflow vulnerability
2007/12/21 JVN#89292430:
Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server
2007/12/20 JVN#50876069:
Flash Player allows to send arbitrary HTTP headers
2007/12/20 JVN#45675516:
Flash Player vulnerable in handling cross-domain policy files
2007/12/18 JVN#75130343:
Google Web Toolkit vulnerable to cross-site scripting
2007/12/13 JVN#80057925:
Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"
2007/12/13 JVN#52846259:
JP1/Cm2/Network Node Manager vulnerable to cross-site scripting
2007/12/12 JVN#23120863:
Rainboard cross-site scripting vulnerability
2007/12/11 JVN#90712589:
Multiple Cybozu products vulnerable to cross-site scripting
2007/12/11 JVN#77730435:
Multiple Cybozu products vulnerable to HTTP header injection
2007/12/11 JVN#50342989:
Multiple Cybozu products vulnerable to cross-site scripting
2007/12/11 JVN#77414947:
Cybozu Office denial of service (DoS) vulnerability
2007/12/07 JVN#02854109:
HttpLogger vulnerable to cross-site scripting
2007/12/04 JVN#66291445:
SonicStage CP buffer overflow vulnerability
2007/11/22 JVN#82610488:[Critical]
Lhaplus buffer overflow vulnerability
2007/11/21 JVN#55833292:
FileMaker cross-site scripting vulnerability
2007/11/20 JVN#33218020:
Feed2JS cross-site scripting vulnerability
2007/11/19 JVN#33820033:
RoundCube Webmail cross-site request forgery vulnerability
2007/11/13 JVN#65427327:
Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution
2007/11/09 JVN#99453765:
Cross-site scripting vulnerability in updir.php in UPDIR.NET
2007/11/07 JVN#84565055:
Lotus Domino cross-site scripting vulnerability
2007/11/05 JVN#79295963:
NetCommons cross-site scripting vulnerability
2007/10/25 JVN#29211062:
Ichitaro series buffer overflow vulnerability
2007/10/25 JVN#32981509:
Ichitaro series buffer overflow vulnerability
2007/10/25 JVN#50495547:
Ichitaro series buffer overflow vulnerability
2007/10/12 JVN#63304072:
MouseoverDictionary vulnerable to arbitrary script execution
2007/10/12 JVN#71872818:
AirStation series and BroadStation series vulnerable to cross-site request forgery
2007/10/05 JVN#61323184:
PowerArchiver buffer overflow vulnerability
2007/10/03 JVN#61208749:
Webmin OS command injection vulnerability
2007/10/01 JVN#79013771:
Safari allows access from HTTP to HTTPS
2007/09/28 JVN#70075625:
Aipo session fixation vulnerability
2007/09/21 JVN#70734805:
Lhaplus buffer overflow vulnerability
2007/09/07 JVN#35677737:
Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files
2007/09/06 JVN#75899905:
Fuktommy.com httpd.pl included in its HTML preprocessor vulnerable in allowing an attacker to view arbitrary CGI source code
2007/09/06 JVN#01913089:
Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal
2007/09/05 JVN#62868899:
7-ZIP32.DLL buffer overflow vulnerability
2007/09/03 JVN#43091983:
Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting
2007/08/31 JVN#20452446:
Shopping Basket Pro directory traversal vulnerability
2007/08/27 JVN#38199598:
Mayaa cross-site scripting vulnerability
2007/08/27 JVN#82276964:
Tuigwaa cross-site scripting vulnerability
2007/08/15 JVN#59851336:
Apache Tomcat Host Manager cross-site scripting vulnerability
2007/08/10 JVN#66303599:
WebCart cross-site scripting vulnerability
2007/08/02 JVN#16018033:
Safari URL spoofing vulnerability
2007/07/31 JVN#43615794:
Yayoi Kaikei improper handling of credential information
2007/07/25 JVN#25471539:
Aruba Mobility Controller Series cross-site scripting vulnerability
2007/07/20 JVN#34058672:
Nessus report function vulnerable to arbitrary script execution
2007/07/11 JVN#72595280:
Flash Player allows to send arbitrary Referer headers
2007/07/09 JVN#33593387:
KDDI sample CGI download program directory traversal vulnerability
2007/06/27 JVN#44532794:
rktSNS cross-site scripting vulnerability
2007/06/27 JVN#74063879:
sHTTPd cross-site scripting vulnerability
2007/06/25 JVN#05187780:
Hiki arbitrary file deletion vulnerability
2007/06/21 JVN#90438169:
RaidenHTTPD cross-site scripting vulnerability
2007/06/19 JVN#16535199:
Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability
2007/06/18 JVN#27203006:
Internet Explorer vulnerable in MHTML handling
2007/06/18 JVN#95019167:
Internet Explorer vulnerable in handling MHTML protocol
2007/06/15 JVN#64851600:
Apache Tomcat sample web application cross-site scripting vulnerability
2007/06/15 JVN#07100457:
Apache Tomcat cross-site scripting vulnerability
2007/06/14 JVN#63602912:
dotProject cross-site scripting vulnerability
2007/06/07 JVN#23891849:
ADPLAN cross-site scripting vulnerability
2007/06/04 JVN#89497739:
Meneame cross-site scripting vulnerability
2007/06/01 JVN#38605899:
Mozilla Firefox cross-site scripting vulnerability
2007/06/01 JVN#19240523:
HP System Management Homepage cross-site scripting vulnerability
2007/05/18 JVN#92832583:
Advance-Flow cross-site scripting vulnerability
2007/05/16 JVN#81294906:[Critical]
Homepage Builder sample CGI programs vulnerable to OS command injection
2007/05/09 JVN#36628264:
Lunascape RSS reader arbitrary script execution vulnerability
2007/05/08 JVN#44724673:[Critical]
Java Web Start vulnerable to execution of unauthorized system classes
2007/04/19 JVN#06735665:
Canon Network Camera Server VB100 Series vulnerable to cross-site scripting
2007/04/19 JVN#19445002:
APOP password recovery vulnerability
2007/04/17 JVN#91305178:
InfoBarrier4 self-decrypted file vulnerability
2007/04/16 JVN#62334841:
Shihonkanri Plus Ver2 GOOUT directory traversal vulnerability
2007/04/16 JVN#84646028:
open-gorotto cross-site scripting vulnerability
2007/03/30 JVN#40511721:
MailDwarf cross-site scripting vulnerability
2007/03/30 JVN#08951968:
MailDwarf vulnerability allows unauthorized sending of emails
2007/03/30 JVN#62399483:
Overlay Weaver cross-site scripting vulnerability
2007/03/29 JVN#73258608:
CruiseWorks and Minna De Office vulnerable in access restrictions
2007/03/26 JVN#86092776:
BASP21 vulnerable in handling CRLF sequences
2007/03/22 JVN#64227086:
NewsGlue and Ikinari Jijyoutsuu arbitrary script execution vulnerability
2007/03/19 JVN#83832818:
Interstage Application Server cross-site scripting vulnerability
2007/03/16 JVN#19795972:
FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability
2007/03/13 JVN#91706484:
Trac cross-site scripting vulnerability
2007/03/12 JVN#80126589:
CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables
2007/02/16 JVN#84746611:
Ariel AirOne series cross-site scripting vulnerability
2007/02/14 JVN#48566866:
ColdFusion error page cross-site scripting vulnerability
2007/02/14 JVN#14243645:
Adobe JRun cross-site scripting vulnerability
2007/02/14 JVN#28356427:
ColdFusion cross-site scripting vulnerability
2007/02/10 JVN#77366274:
CCC Cleaner buffer overflow vulnerability
2007/02/09 JVN#84430861:
Sage vulnerable to arbitrary script execution
2007/01/29 JVN#80271113:
MODx cross-site scripting vulnerability
2007/01/26 JVN#93700808:
Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
2007/01/26 JVN#64354801:
b2evolution cross-site scripting vulnerability
2007/01/25 JVN#82258242:[Critical]
Shopping Basket Professional vulnerable to OS command injection
2007/01/25 JVN#24879092:
CGI RESCUE WebFORM missing mail content vulnerability
2007/01/25 JVN#05123538:
CGI RESCUE WebFORM vulnerable to cross-site scripting
2007/01/25 JVN#05088443:
CGI RESCUE WebFORM vulnerable to HTTP header injection
2007/01/23 JVN#32985115:
Movable Type cross-site scripting vulnerability
2007/01/22 JVN#07274813:
phpAdsNew cross-site scripting vulnerability
2007/01/18 JVN#95249468:
Fresh Reader RSS feed cross-site scripting vulnerability
2007/01/17 JVN#13939411:
Drupal cross-site scripting vulnerability
2007/01/05 JVN#65500885:
Serene Bach cross-site scripting vulnerability

2006

2006/12/28 JVN#45006961:
Joomla! cross-site scripting vulnerability
2006/12/28 JVN#31185550:
tDiary arbitrary Ruby script execution vulnerability
2006/12/25 JVN#02729869:
pnamazu cross-site scripting vulnerability
2006/12/22 JVN#78520316:
a-blog cross-site scripting vulnerability
2006/12/21 JVN#74079537:
SugarCRM cross-site scripting vulnerability
2006/12/08 JVN#34830904:
Shobo Shobo Nikki System (sns) cross-site scripting vulnerability
2006/12/05 JVN#47272891:
Hanako buffer overflow vulnerability
2006/12/04 JVN#84798830:
Denial of service vulnerability in Ruby CGI library (cgi.rb)
2006/12/04 JVN#38746816:
TikiWiki cross-site scripting vulnerability
2006/11/30 JVN#08494205:
Chama Cargo cross-site scripting vulnerability
2006/11/29 JVN#21125043:
Blogn cross-site scripting vulnerability
2006/11/27 JVN#47223461:
tDiary cross-site scripting vulnerability
2006/11/24 JVN#57280612:
phpComasy cross-site scripting vulnerability
2006/11/20 JVN#46244305:
eyeOS cross-site scripting vulnerability
2006/11/17 JVN#61543834:
EC-CUBE cross-site scripting vulnerability
2006/11/14 JVN#84656399:
Nucleus cross-site scripting vulnerability
2006/11/10 JVN#34522909:
Kahua vulnerable in allowing to share login sessions
2006/11/06 JVN#30994815:
MyODBC Japanese Conversion Edition denial of service vulnerability
2006/11/06 JVN#88325166:
Hyper NIKKI System cross-site scripting vulnerability
2006/10/24 JVN#07235355:
desknet's buffer overflow vulnerability
2006/10/20 JVN#85996645:
NEC MultiWriter 1700C/7500C FTP server vulnerability
2006/10/20 JVN#63999575:
NEC MultiWriter 1700C web server authentication bypass vulnerability
2006/10/18 JVN#90815371:
Ichitaro buffer overflow vulnerability
2006/10/12 JVN#41241092:
Kmail CGI authentication bypass vulnerability
2006/10/02 JVN#93484133:
TeraStation HD-HTGL series cross-site request forgery vulnerability
2006/09/28 JVN#79484135:
Joomla! cross-site scripting vulnerability
2006/09/28 JVN#82240092:
Drupal cross-site scripting vulnerability
2006/09/26 JVN#68295640:
Movable Type vulnerabile to cross-site scripting
2006/09/26 JVN#30144870:
SugarCRM cross-site scripting vulnerability
2006/09/22 JVN#46630603:
MDPro cross-site scripting vulnerability
2006/09/13 JVN#52201480:
Microsoft Windows Indexing Service cross-site scripting vulnerability
2006/08/31 JVN#99776858:
Multiple vulnerabilities in Webmin and Usermin
2006/08/28 JVN#31125599:
Cybozu Office 6 information disclosure vulnerability
2006/08/28 JVN#90420168:
Cybozu products vulnerable to directory traversal
2006/08/23 JVN#11048526:
mail f/w system vulnerable to allow unauthorized email transmissionk
2006/08/16 JVN#39103264:
Owl SQL injection vulnerability
2006/08/16 JVN#01137722:
Owl cross-site scripting vulnerability
2006/08/14 JVN#02091617:
04WebServer cross-site scripting vulnerability
2006/08/14 JVN#27428836:
04WebServer directory traversal vulnerability
2006/08/14 JVN#51301450:
NetCommons cross-site scripting vulnerability
2006/08/10 JVN#62171179:
Kiri directory traversal vulnerability
2006/07/31 JVN#65677118:
Pixelpost cross-site scripting vulnerability
2006/07/28 JVN#27794427:
Dokeos cross-site scripting vulnerability
2006/07/18 JVN#92975133:
Loudblog cross-site scripting vulnerability
2006/07/18 JVN#62307185:
QwikiWiki cross-site scripting vulnerability
2006/07/18 JVN#81108784:
Geeklog cross-site scripting vulnerability
2006/07/12 JVN#76686161:
ServerView cross-site scripting vulnerability
2006/07/12 JVN#73368472:
ServerView directory traversal vulnerability
2006/07/11 JVN#83768862:
Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox
2006/07/11 JVN#13947696:
Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.
2006/07/06 JVN#44846612:
ATutor cross-site scripting vulnerability
2006/07/06 JVN#73705637:
ACollab SQL injection vulnerability
2006/07/03 JVN#98836916:
Wiki clone products vulnerable to denial of service attacks
2006/06/26 JVN#39188922:
dotProject cross-site scripting vulnerability
2006/06/26 JVN#76207423:
Phorum cross-site scripting vulnerability
2006/06/23 JVN#67974490:
Webmin directory traversal vulnerability
2006/06/14 JVN#74969119:
Microsoft Internet Explorer address bar spoofing vulnerability
2006/06/09 JVN#39570254:
CGI RESCUE WebFORM allows unauthorized email transmission
2006/06/05 JVN#97636431:
dotProject cross-site scripting vulnerability
2006/06/02 JVN#28513736:
Mozilla Firefox HTTP 1.0 response smuggling vulnerability
2006/06/02 JVN#62734622:
Mozilla Firefox vulnerable to HTTP response splitting
2006/05/24 JVN#16558862:
RWiki cross-site scripting vulnerability
2006/05/24 JVN#46691257:
RWiki arbitrary Ruby script execution vulnerability
2006/05/22 JVN#55425662:
MyWeb SQL injection vulnerability
2006/05/17 JVN#03D5EAA8:
Sun Java System Web Server cross-site scripting vulnerability
2006/05/09 JVN#84775942:
Multiple email clients vulnerable to directory traversal due to inappropriate unicode handling
2006/04/27 JVN#7F8621DE:
DonutP and UnDonut confirmation dialog display vulnerability
2006/04/26 JVN#72225922:
Apache Struts Validator allows to bypass input data validation
2006/04/21 JVN#74294680:
Winny buffer overflow vulnerability
2006/04/21 JVN#83263796:
SquirrelMail cross-site scripting vulnerability
2006/04/19 JVN#84091359:
Trac cross-site scripting vulnerability
2006/04/17 JVN#35274905:
FreeStyleWiki cross-site scripting vulnerability
2006/04/13 JVN#68630618:
QUICK CART cross-site scripting vulnerability
2006/04/13 JVN#10222000:
QUICK CART OS command injection vulnerability
2006/04/10 JVN#78363061:
CAFEMILK Shopping Cart CGI cross-site scripting vulnerability
2006/03/01 JVN#27365476:
Minnu's filer2 vulnerable in allowing arbitrary Ruby script execution
2006/02/28 JVN#65542239:
Hyper NIKKI System allows unauthorized email submission
2006/02/03 JVN#41550845:
Nagasaki Electronic Prefectural Office System SQL injection vulnerability
2006/02/01 JVN#77886599:
Hatena Toolbar sends URL information unecnrypted
2006/01/31 JVN#89344424:
Multiple email clients vulnerable in handling an attachement inapropriately
2006/01/17 JVN#73133641:
Eudora Japanese version stops working after the application crashes
2006/01/12 JVN#836B21C0:
Nagasaki Electronic Prefectural Office System vulnerable to bypass authentication
2006/01/12 JVN#6CA72ADB:
Nagasaki Electronic Prefectural Office System authentication information vulnerability

2005

2005/12/27 JVN#93004125:
BBSNote cross-site scripting vulnerability
2005/12/20 JVN#87830692:
WebNote Clip vulnerable to OS command injection
2005/12/15 JVN#06045169:
mod_imap cross-site scripting vulnerability
2005/12/14 JVN#28011334:
Opera bookmark function vulnerability
2005/12/13 JVN#15972537:
Fujitsu Java Runtime Environment reflection API vulnerability
2005/12/09 JVN#15243167:
Problem with referer header handling on mobile phone web browsers
2005/12/05 JVN#76357668:
MitakeSearch cross-site scripting vulnerability
2005/12/05 JVN#67001206:
Multiple vulnerabilities in FreeStyleWiki including cross-site scripting
2005/11/16 JVN#30451602:
HTTPD-User-Manage cross-site scripting vulnerability
2005/11/11 JVN#25106961:
Kent Web PostMail vulnerable to third party mail relay
2005/10/28 JVN#18282718:
Hyper Estraier directory traversal/denial of service vulnerability
2005/10/24 JVN#77105349:
XOOPS cross-site scripting vulnerability
2005/10/21 JVN#59130192:
eBASEweb SQL injection vulnerability
2005/10/11 JVN#23632449:
OpenSSL version rollback vulnerability
2005/09/30 JVN#76659792:
WirelessIP5000 has multiple vulnerabilities
2005/09/30 JVN#79314822:
Tomcat vulnerable in request processing
2005/09/29 JVN#31226748:
Vulnerability in multiple web browsers allowing request spoofing attacks
2005/09/22 JVN#79925E6F:
Cross-site scripting vulnerability in the Unicode version of msearch
2005/09/21 JVN#62914675:
Ruby vulnerability allowing to bypass safe level 4 as a sandbox
2005/09/20 JVN#40940493:
Webmin and Usermin authentication bypass vulnerability
2005/09/01 JVN#97422426:
Hyper NIKKI System cross-site request forgery vulnerability
2005/08/29 JVN#42435855:
FreeStyleWiki command injection vulnerability
2005/08/25 JVN#23727054:
Pochy denial-of-service (DoS) vulnerability
2005/08/24 JVN#8778A308:
Common Management Agent 3.x vulnerable to information leakage
2005/08/04 JVN#38138980:
Hiki cross-site scripting vulnerability
2005/07/28 JVN#29273468:
QRcode Perl CGI & PHP script vulnerable to denial of service attack
2005/07/20 JVN#60776919:
tDiary cross-site request forgery vulnerability
2005/07/13 JVN#93926203:
Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate
2005/07/12 JVN#257C6F28:
Vulnerability involving security zone handling in applications using Internet Explorer components
2005/06/10 JVN#7B700088:
SFS cross-site scripting vulnerability
2005/06/06 JVN#0DC004F6:
desknet's cross-site scripting vulnerability
2005/05/26 JVN#FCAD9BD8:
Inappropriate interpretation of mailto URL scheme by mail client software
2005/05/19 JVN#465742E4:
Wiki clone cross-site scripting vulnerability
2005/05/12 JVN#8EDB8A96:
Virus Security heap overflow vulnerability
2005/05/12 JVN#A45697B1:
Virus Security memory leak vulnerability
2005/05/12 JVN#74012178:
Movable Type session management vulnerability
2005/04/25 JVN#AF02FB4B:
nProtect Netizen has multiple vulnerabilities
2005/04/22 JVN#A7DA6818:
WebUD arbitrary program execution vulnerability
2005/04/19 JVN#97757029:
w3ml cross-site scripting vulnerability
2005/04/15 JVN#55023557:
Buffalo router configuration management interface vulnerable to remote access and password leakage
2005/04/14 JVN#9ADCBB12:
Website connection problem when a mobile phone terminal uses specific QR code
2005/04/11 JVN#55F159B6:
ppBlog cross-site scripting vulnerability
2005/03/29 JVN#C45D8EAD:
Norton AntiVirus causes abnormal OS termination when scanning illegal files
2005/03/29 JVN#23D7E89F:
Norton AntiVirus causes abnormal OS termination when a user edits a shared network file
2005/03/18 JVN#1F649902:
McAfee VirusScan Engine buffer overflow vulnerability
2005/03/14 JVN#DD18AD07:
Apache Tomcat denial of service vulnerability
2005/03/08 JVN#8BAAAB4E:
msearch directory traversal vulnerability
2005/02/07 JVN#8F8B1C85:
Cybozu Office browser script execution vulnerability
2005/01/11 JVN#1BF8D7AA:
LDAP server update function vulnerable to buffer overflow