Vulnerability Reports

past 12 months2013201220112010200920082007200620052004

2014

2014/10/16 JVN#23809730:
GIGAPOD vulnerable to denial-of-service (DoS)
2014/10/16 JVN#66285408:
Aflax vulnerable to cross-site scripting
2014/10/16 JVN#87373393:
BirdBlog vulnerable to cross-site scripting
2014/10/10 JVN#58417930:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/10/10 JVN#63587560:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/09/25 JVN#48270605:
Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates
2014/09/25 JVN#80531230:
jigbrowser+ for iOS same origin policy bypass
2014/09/25 JVN#16485017:
SLFileManager for Android vulnerable to directory traversal
2014/09/25 JVN#87863382:
N-Media file uploader vulnerability in handling uploaded files
2014/09/25 JVN#45442753:
Safari issue in handling application cache
2014/09/22 JVN#04560253:
Yuko Yuko App for Android fails to verify SSL server certificates
2014/09/19 JVN#61637002:
Dotclear vulnerable to cross-site scripting
2014/09/19 JVN#08994136:
Bump for Android vulnerable in handling of implicit intents
2014/09/17 JVN#36205251:
365 Links series vulnerable to cross-site scripting
2014/09/12 JVN#84376800:
Help Page in multiple Adobe products vulnerable to cross-site scripting
2014/09/09 JVN#73357573:
Movable Type vulnerable to cross-site scripting
2014/09/04 JVN#49672671:
WisePoint vulnerable to session fixation
2014/09/04 JVN#50367052:
EmFTP may insecurely load executable files
2014/08/29 JVN#17637243:
Kindle App for Android fails to verify SSL server certificates
2014/08/26 JVN#94409737:
MailPoet Newsletters vulnerable to cross-site request forgery
2014/08/19 JVN#20812625:
Advance-Flow vulnerable to SQL injection
2014/08/18 JVN#27531188:
Cakifo vulnerable to cross-site scripting
2014/08/15 JVN#04455183:
Shutter vulnerable to cross-site scripting
2014/08/15 JVN#48039501:
Shutter vulnerable to SQL injection
2014/08/14 JVN#27702217:
Ameba for Android contains an issue where it fails to verify SSL server certificates
2014/08/12 JVN#07957080:
Dominion KX2-101 vulnerable to denial-of-service (DoS)
2014/08/08 JVN#87962145:
Piwigo vulnerable to SQL injection
2014/08/08 JVN#09717399:
Piwigo vulnerable to cross-site scripting
2014/08/08 JVN#80310172:
Piwigo vulnerable to cross-site scripting
2014/08/06 JVN#32726697:
GOM Player vulnerable to denial-of-service (DoS)
2014/08/01 JVN#22534185:
ServerView Operations Manager vulnerable to cross-site scripting
2014/07/30 JVN#72950786:
Outlook.com for Android contains an issue where it fails to verify SSL server certificates
2014/07/29 JVN#94592501:
Multiple I-O DATA IP Cameras vulnerable to authentication bypass
2014/07/29 JVN#42511610:
acmailer contains a cross-site request forgery vulnerability
2014/07/29 JVN#85748534:
PerlMailer vulnerable to cross-site scripting
2014/07/25 JVN#30281958:
Arbitrary program execution vulnerability in TrendLink ActiveX control
2014/07/18 JVN#94791545:
FuelPHP vulnerable to remote code execution
2014/07/18 JVN#84335912:
File Explorer vulnerable to directory traversal
2014/07/18 JVN#36028879:
Meridian vulnerable to cross-site scripting
2014/07/16 JVN#41028866:
Multifunctional MailForm Free vulnerable to cross-site scripting
2014/07/15 JVN#19118282:
Seasar S2Struts vulnerable to ClassLoader manipulation
2014/07/15 JVN#94838679:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#75990997:
Cybozu Garoon vulnerable to access restriction bypass
2014/07/15 JVN#80583739:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#97558950:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#31082531:
Cybozu Garoon 3 API access restriction bypass vulnerability
2014/07/15 JVN#42024228:
Cybozu Garoon CGI vulnerable to remote command execution
2014/07/08 JVN#35376006:
Becky! Internet Mail vulnerable to buffer overflow
2014/07/02 JVN#35998716:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/07/02 JVN#85571806:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/06/25 JVN#36259412:
Web Kyukincho vulnerable to cross-site request forgery
2014/06/25 JVN#80006084:
Web Kyukincho vulnerable to cross-site scripting
2014/06/24 JVN#63940326:
Sophos Disk Encryption vulnerable to authentication bypass
2014/06/24 JVN#05329568:
Login rebuilder vulnerable to cross-site request forgery
2014/06/20 JVN#02213197:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#49974594:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#92737498:
Usermin vulnerable to cross-site scripting
2014/06/20 JVN#48805624:
Usermin vulnerable to OS command injection
2014/06/18 JVN#10603428:
JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates
2014/06/17 JVN#30962312:
TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
2014/06/17 JVN#07677464:
050 plus for Android information management vulnerability
2014/06/13 JVN#10724763:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/06/13 JVN#49154900:
Spring Framework vulnerable to directory traversal
2014/06/11 JVN#58029817:
C-BOARD Moyuku vulnerable to cross-site scripting
2014/06/11 JVN#50129191:
JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution
2014/06/06 JVN#61247051:
OpenSSL improper handling of Change Cipher Spec message
2014/06/04 JVN#54650130:
SOY CMS vulnerable to cross-site scripting
2014/06/04 JVN#78136804:
CN8000 vulnerable to denial-of-service (DoS)
2014/05/08 JVN#68340046:
intra-mart vulnerable to open redirect
2014/04/30 JVN#31230946:
Cybozu Garoon API access restriction bypass vulnerability
2014/04/30 JVN#90519014:
Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS)
2014/04/25 JVN#19294237:
Apache Struts vulnerable to ClassLoader manipulation
2014/04/18 JVN#13313061:
TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery
2014/04/18 JVN#00058727:
Cybozu Remote Service Manager vulnerable to session fixation
2014/04/18 JVN#10319260:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2014/04/18 JVN#22670349:
AndExplorer vulnerable to directory traversal
2014/04/16 JVN#93004610:
Redmine vulnerable to open redirect
2014/04/14 JVN#55438786:
Content Provider in CamiApp for Android fails to restrict access permissions
2014/04/11 JVN#47386847:
SD Card Manager vulnerable to directory traversal
2014/03/20 JVN#70029459:
ES File Explorer vulnerable to directory traversal
2014/03/20 JVN#14282890:
Silex vulnerable to cross-site scripting
2014/03/18 JVN#89260331:
sp mode mail vulnerability where Java methods may be executed
2014/03/18 JVN#05951929:
sp mode mail issue where emails in the process of creation may be accessed
2014/03/18 JVN#81739241:
sp mode mail issue when accessing attachments in incoming mail
2014/03/17 JVN#16263849:
Demaecan for Android. contains an issue where it fails to verify SSL server certificates
2014/03/17 JVN#38227002:
Unzipper vulnerable to directory traversal
2014/02/26 JVN#71045461:
Cybozu Garoon vulnerable to SQL injection
2014/02/26 JVN#26393529:
Cybozu Garoon vulnerable to directory traversal
2014/02/26 JVN#24035499:
Cybozu Garoon vulnerable to session management
2014/02/26 JVN#48810179:
Denny's App for Android. contains an issue where it fails to verify SSL server certificates
2014/02/26 JVN#02017463:
Norman Security Suite vulnerable to privilege escalation
2014/02/26 JVN#87797318:
XooNIps vulnerable to cross-site scripting
2014/02/21 JVN#24730765:
Blackboard Vista/CE vulnerable to cross-site scripting
2014/02/21 JVN#43254599:
AutoCAD may insecurely load dynamic libraries
2014/02/21 JVN#33382534:
AutoCAD vulnerable to arbitrary VBScript execution
2014/02/10 JVN#14876762:[Critical]
Apache Commons FileUpload vulnerable to denial-of-service (DoS)
2014/02/07 JVN#50943964:
phpMyFAQ vulnerable to cross-site request forgery
2014/02/07 JVN#30050348:
phpMyFAQ vulnerable to cross-site scripting
2014/02/06 JVN#23256725:
Opera browser for Android issue in handling intent scheme URL's
2014/01/31 JVN#30718178:
Joyful Note vulnerable to cross-site scripting
2014/01/28 JVN#28011378:
Sanshiro Series vulnerable to arbitrary code execution
2014/01/28 JVN#91153528:
Multiple SQL injection vulnerabilities in Cybozu Garoon
2014/01/24 JVN#69986880:
OpenPNE vulnerable to PHP Object Injection
2014/01/24 JVN#49384502:
SimZip (Simple Zip Viewer) vulnerable to directory traversal
2014/01/22 JVN#51770585:
EC-CUBE vulnerable to information disclosure
2014/01/22 JVN#17849447:
EC-CUBE vulnerable to information alteration
2014/01/22 JVN#81637882:
Information disclosure vulnerability in Sleipnir Mobile for Android
2014/01/10 JVN#85716574:
NeoFiler vulnerable to directory traversal
2014/01/10 JVN#44392991:
Security File Manager vulnerable to directory traversal
2014/01/10 JVN#51285738:
tetra filer vulnerable to directory traversal
2014/01/10 JVN#88313872:
ZIP with Pass vulnerable to directory traversal

2013

2013/12/26 JVN#69700259:
HP Autonomy Ultraseek vulnerable to cross-site scripting
2013/12/25 JVN#81706478:
Cybozu Garoon Keitai vulnerable to authentication bypass
2013/12/25 JVN#60997973:
Cybozu Garoon vulnerable to SQL injection
2013/12/24 JVN#63194482:
IrfanView vulnerable to buffer overflow
2013/12/24 JVN#13154935:
VMware ESX and ESXi may allow access to arbitrary files
2013/12/17 JVN#53768697:
Android OS vulnerable to arbitrary Java method execution
2013/12/13 JVN#28436508:
Juniper ScreenOS vulnerable to denial-of-service (DoS)
2013/12/10 JVN#21336955:
Cybozu Dezie vulnerable to cross-site scripting
2013/12/03 JVN#87729477:
Cybozu Garoon vulnerable to session fixation
2013/12/03 JVN#84221103:
Cybozu Garoon vulnerable to mail header injection
2013/12/03 JVN#94245330:
Cybozu Garoon vulnerable to denial-of-service (DoS)
2013/12/03 JVN#82375148:
Cybozu Garoon vulnerable to SQL injection
2013/12/03 JVN#23981867:
Multiple cross-site scripting vulnerabilities in Cybozu Garoon
2013/11/29 JVN#41703192:
TOWN (modified version) vulnerable to directory traversal
2013/11/22 JVN#97810280:
KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates
2013/11/22 JVN#28812735:
D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
2013/11/22 JVN#65312543:
D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
2013/11/20 JVN#06377589:
EC-CUBE vulnerable to cross-site scripting
2013/11/20 JVN#55630933:
EC-CUBE information disclosure vulnerability
2013/11/20 JVN#06870202:
EC-CUBE information disclosure vulnerability
2013/11/20 JVN#11221613:
EC-CUBE vulnerable to cross-site request forgery
2013/11/20 JVN#38790987:
EC-CUBE vulnerable to cross-site scripting
2013/11/20 JVN#61077110:
EC-CUBE vulnerable to information disclosure
2013/11/15 JVN#71256611:
ASP.NET vulnerable to open redirect
2013/11/12 JVN#44999463:
Ichitaro series vulnerable to arbitrary code execution
2013/11/07 JVN#28467717:
Page Scroller vulnerable to cross-site scripting
2013/11/07 JVN#12513975:
TOWN (modified version) vulnerable to cross-site scripting
2013/11/05 JVN#75720314:
Tiki Wiki CMS Groupware vulnerable to SQL injection
2013/11/05 JVN#81813850:
Tiki Wiki CMS Groupware vulnerable to cross-site scripting
2013/10/30 JVN#85336306:
Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU)
2013/10/30 JVN#70739377:
Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS)
2013/10/29 JVN#74608669:
RockDisk vulnerable to cross-site scripting
2013/10/18 JVN#52509236:
HDL-A and HDL2-A Series vulnerable in session management