Vulnerability Reports

past 12 months20172016201520142013201220112010200920082007200620052004

2018

2018/02/20 JVN#75453852:
LINE for iOS fails to verify SSL server certificates
2018/02/20 JVN#83834277:
Multiple vulnerabilities in FS010W
2018/02/15 JVN#28865183:
Insecure DLL Loading issue in multiple Trend Micro products
2018/02/13 JVN#87403477:
Application and self-extracting archive containing the application of "FLET'S v4 / v6 address selection tool" may insecurely load Dynamic Link Libraries
2018/02/13 JVN#04564808:
Installer of ”FLET'S Azukeru Backup Tool” may insecurely load Dynamic Link Libraries
2018/02/08 JVN#15462187:
MP Form Mail CGI eCommerce Edition vulnerable to OS command injection
2018/02/06 JVN#70615027:
The installer of Anshin net security for Windows may insecurely load Dynamic Link Libraries
2018/02/06 JVN#36048131:
Multiple I-O DATA network devices incorporating "MagicalFinder" vulnerable to OS command injection
2018/02/02 JVN#99312352:
WordPress plugin "MTS Simple Booking C" vulnerable to cross-site scripting
2018/02/02 JVN#15643848:
Spring Security and Spring Framework vulnerable to authentication bypass
2018/02/01 JVN#91393903:
Multiple vulnerabilities in epg search result viewer(kkcald)
2018/01/30 JVN#30636823:
WordPress plugin "WP Retina 2x" vulnerable to cross-site scripting
2018/01/30 JVNVU#95587881:
Deep Discovery Email Inspector vulnerable to arbitrary code execution
2018/01/22 JVN#26255241:
The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely load Dynamic Link Libraries
2018/01/19 JVN#10103841:
Nootka App for Android vulnerable to OS command injection
2018/01/19 JVN#26200083:
GroupSession vulnerable to open redirect
2018/01/16 JVNVU#95303354:
Multiple vulnerabilities in Deep Discovery Email Inspector
2018/01/16 JVNVU#91290407:
Trend Micro Control Manager vulnerable to SQL injection
2018/01/11 JVN#57842148:
Lhaplus vulnerable to improper verification when expanding ZIP64 archives

2017

2017/12/26 JVNVU#98736894:
Multiple vulnerabilities in InterScan Messaging Security Virtual Appliance
2017/12/25 JVN#45494523:
MQTT.js issue in handling PUBLISH packets
2017/12/22 JVN#60695371:
The installer of Music Center for PC may insecurely load Dynamic Link Libraries
2017/12/22 JVN#95423049:
The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries
2017/12/19 JVN#93333702:
OneThird CMS vulnerable to directory traversal
2017/12/18 JVN#84182676:
Multiple vulnerabilities in H2O
2017/12/11 JVN#27342829:
Qt for Android environment variables alteration
2017/12/11 JVN#67389262:
Qt for Android vulnerable to OS command injection
2017/12/08 JVNVU#95124098:
Fluentd vulenrable to escape sequence injection
2017/12/06 JVN#30352845:
The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries
2017/12/01 JVN#65994435:
Multiple vulnerabilities in multiple Buffalo broadband routers
2017/11/30 JVN#78501037:
Movable Type plugin A-Member and A-Reserve vulnerable to SQL injection
2017/11/30 JVN#98295787:
Multiple vulnerabilities in Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1
2017/11/29 JVN#71291160:
StreamRelay.net.exe and sDNSProxy.exe vulnerable to denial-of-service (DoS)
2017/11/27 JVNVU#94198685:
QND Advance/Standard vulnerable to directory traversal
2017/11/22 JVN#73141967:
PWR-Q200 vulnerable to DNS cache poisoning attacks
2017/11/21 JVN#08517069:
The installer of Media Go and Music Center for PC may insecurely load Dynamic Link Libraries
2017/11/16 JVN#76382932:
Robotic appliance COCOROBO vulnerable to session management
2017/11/14 JVNVU#94371484:
Packetbeat vulnerable to denial-of-service (DoS)
2017/11/14 JVN#05398317:
WordPress plugin "TablePress" vulnerable to improper restriction of XML external entity (XXE) references
2017/11/14 JVN#18420340:
Multiple vulnerabilities in BOOK WALKER for Windows/Mac
2017/11/13 JVN#29602086:
CS-Cart Japanese Edition vulnerable to cross-site scripting
2017/11/09 JVN#71284826:
Installer of HYPER SBI may insecurely load Dynamic Link Libraries
2017/11/06 JVN#23367475:
Wi-Fi STATION L-02F vulnerable to buffer overflow
2017/11/06 JVN#87886530:
I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)
2017/11/02 JVN#97243511:
Installer of ”Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries
2017/11/01 JVNVU#94207433:
Multiple vulnerabilities in Trend Micro Control Manager
2017/11/01 JVN#79546124:
OpenAM (Open Source Edition) vulnerable to authentication bypass
2017/10/24 JVNVU#93703434:
Memory corruption vulnerability in Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro
2017/10/17 JVN#54795166:
Home unit KX-HJB1000 contains multiple vulnerabilities
2017/10/16 JVNVU#91625548:
AssetView and AssetView PLATINUM contain multiple vulnerabilities
2017/10/11 JVN#94056834:
Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files
2017/10/11 JVN#55516206:
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
2017/10/11 JVN#58909026:
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
2017/10/11 JVN#14658424:
Cybozu Office fails to restrict access permissions
2017/09/25 JVNVU#90916766:
jwt-scala fails to verify token signatures
2017/09/20 JVNVU#90447827:
InterScan Web Security Virtual Appliance vulnerable to code injection
2017/09/20 JVNVU#93240386:
Multiple vulnerabilities in ServerProtect for Linux
2017/09/14 JVN#75929834:
Install program and Installer of i-フィルター 6.0 may insecurely load Dynamic Link Libraries and invoke executable files
2017/09/12 JVN#03044183:
Wi-Fi STATION L-02F fails to restrict access permissions
2017/09/12 JVN#68922465:
Backdoor access issue in Wi-Fi STATION L-02F
2017/09/11 JVN#76692689:
SEIL Series routers vulnerable to denial-of-service (DoS)
2017/09/11 JVN#57205588:
Installer of FENCE-Explorer may insecurely load Dynamic Link Libraries and invoke executable files
2017/09/08 JVN#00719891:
Multiple vulnerabilities in CG-WLR300NM
2017/08/31 JVN#09769017:
Multiple Fuji Xerox products may insecurely load Dynamic Link Libraries
2017/08/30 JVN#26115441:
Installer of ”Remote Support Tool (Enkaku Support Tool)” may insecurely load Dynamic Link Libraries
2017/08/25 JVN#22272314:
Installer of "Flets Setsuzoku Tool" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#36303528:
Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#14926025:
Installer of ”Flets Install Tool” may insecurely load Dynamic Link Libraries
2017/08/25 JVN#14658714:
Installer of "Flets Azukeru for Windows Auto Backup Tool" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#11601216:
Installer of "Security Kinou Mihariban" may insecurely load Dynamic Link Libraries
2017/08/25 JVN#87540575:
Installer of Optimal Guard may insecurely load Dynamic Link Libraries
2017/08/25 JVN#78151490:
Multiple vulnerabilities in baserCMS
2017/08/24 JVN#58559719:
WordPress plugin "BackupGuard" vulnerable to cross-site scripting
2017/08/24 JVN#39628662:
Multiple vulnerabilities in SEO Panel
2017/08/24 JVN#23340457:
Multiple vulnerabilities in WebCalendar
2017/08/23 JVN#30866130:
The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries
2017/08/23 JVN#87410770:
Multiple vulnerabilities in "Dokodemo eye Smart HD" SCR02HD
2017/08/22 JVN#67954465:
Installer of Photo Collection PC Software provided by NTT DOCOMO, INC. may insecurely load Dynamic Link Libraries and invoke executable files
2017/08/21 JVN#63564682:
Multiple vulnerabilities in Cybozu Garoon
2017/08/18 JVN#18641169:
Installer and self-extracting archive containing the installer of TDB CA TypeA use software may insecurely load Dynamic Link Libraries
2017/08/17 JVN#23546631:
Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
2017/08/17 JVN#71104430:
Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
2017/08/17 JVN#73559859:
Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program may insecurely load Dynamic Link Libraries
2017/08/17 JVN#53292345:
Teikihoukokusho Sakuseishien Tool may insecurely load Dynamic Link Libraries
2017/08/08 JVN#81659403:
Installer of Qua station connection tool for Windows may insecurely load Dynamic Link Libraries
2017/08/08 JVN#74871939:
WSR-300HP vulnerable to arbitrary code execution
2017/08/08 JVN#05340005:
WCR-1166DS vulnerable to OS command injection
2017/08/03 JVN#86724730:
Installer of IP Messenger may insecurely load Dynamic Link Libraries
2017/08/03 JVN#17788774:
Installer of Baidu IME may insecurely load Dynamic Link Libraries
2017/08/01 JVNVU#91587298:
Multiple vulnerabilities in MaLion
2017/07/27 JVN#74554973:
Installer of LhaForge may insecurely load Dynamic Link Libraries
2017/07/27 JVN#33797604:
NFC Port Software remover may insecurely load Dynamic Link Libraries
2017/07/27 JVN#16136413:
Installers of Sony PaSoRi related software may insecurely load Dynamic Link Libraries
2017/07/27 JVN#51410509:
I-O DATA WN-G300R31 uses hard-coded credentials
2017/07/27 JVN#01312667:
Multiple vulnerabilities in I-O DATA WN-AX1167GR
2017/07/24 JVN#17523256:
Installer of Tween may insecurely load Dynamic Link Libraries
2017/07/24 JVN#24238648:
RBB SPEED TEST App fails to verify SSL server certificates
2017/07/24 JVN#31459091:
WordPress plugin "Simple Custom CSS and JS" vulnerable to cross-site scripting
2017/07/24 JVN#92921024:
WordPress plugin "Popup Maker" vulnerable to cross-site scripting
2017/07/24 JVN#74247807:
Multiple cross-site scripting vulnerabilities in ScreenOS
2017/07/20 JVNVU#98807587:
gSOAP vulnerable to stack-based buffer overflow
2017/07/20 JVN#48413726:
Multiple vulnerabilities in multiple Buffalo wireless LAN routers
2017/07/20 JVN#48823557:
Multiple Buffalo wireless LAN access point devices do not properly perform authentication
2017/07/19 JVN#77412145:
SONY Portable Wireless Server WG-C10 fails to restrict access permissions
2017/07/19 JVN#14151222:
Multiple vulnerabilities SONY Portable Wireless Server WG-C10
2017/07/14 JVNVU#93377948:
Multiple vulnerabilities in "File Transfer Web Service" of AssetView for MacOS
2017/07/14 JVN#61502349:
Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries
2017/07/13 JVN#42031953:
FileCapsule Deluxe Portable and Encrypted Files in Self-Decryption Format created by FileCapsule Deluxe Portable may insecurely load Dynamic Link Libraries
2017/07/12 JVN#02852421:
Installer of Yahoo! Toolbar (for Internet explorer) may insecurely load Dynamic Link Libraries
2017/07/11 JVN#81676004:
Installers of Mozilla Firefox and Thunderbird for Windows may insecurely load Dynamic Link Libraries
2017/07/10 JVN#29939155:
Self-Extracting Archives created by File Compact may insecurely load Dynamic Link Libraries
2017/07/07 JVN#21627267:
Microsoft IME may insecurely load Dynamic Link Libraries
2017/07/07 JVN#21369452:
Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries
2017/07/06 JVN#63249051:
WordPress plugin "Shortcodes Ultimate" vulnerable to directory traversal
2017/07/04 JVN#39819446:
WordPress plugin "Responsive Lightbox" vulnerable to cross-site scripting
2017/07/04 JVN#20409270:
Installer of Douroshisetu Kihon Data Sakusei System may insecurely load Dynamic Link Libraries
2017/07/04 JVN#82120115:
Installer of Douro Kouji Kanseizutou Check Program may insecurely load Dynamic Link Libraries
2017/07/04 JVN#95996423:
MFC-J960DWN vulnerable to cross-site request forgery
2017/07/03 JVN#06337557:
Installer and self-extracting archive containing the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system may insecurely load Dynamic Link Libraries
2017/07/03 JVN#43534286:
Multiple vulnerabilities in Cybozu Garoon
2017/06/30 JVN#45134765:
Installer of PDF Digital Signature Plugin provided by the Ministry of Justice may insecurely load Dynamic Link Libraries
2017/06/30 JVN#23389212:
Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice may insecurely load Dynamic Link Libraries
2017/06/28 JVN#79451345:
Installer of Setup file of advance preparation for e-Tax software (WEB version) may insecurely load Dynamic Link Libraries
2017/06/28 JVN#21174546:
Marp vulnerable to improper access control in JavaScript execution
2017/06/27 JVN#85901441:
Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway
2017/06/26 JVN#01775119:
Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries
2017/06/23 JVN#09293613:
Installer of Charamin OMP may insecurely load Dynamic Link Libraries
2017/06/20 JVN#24348065:
Multiple vulnerabilities in HOME SPOT CUBE2
2017/06/20 JVN#73550134:
WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting
2017/06/20 JVN#65411235:
Multiple I-O DATA network camera products vulnerable to cross-site request forgery
2017/06/15 JVN#56787058:
WordPress plugin "WP Job Manager" fails to restrict access permissions
2017/06/13 JVN#94771799:
Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries
2017/06/13 JVN#79738260:
Multiple vulnerabilities in WordPress plugin "WordPress Download Manager"
2017/06/13 JVN#25078144:
Source code security studying tool iCodeChecker vulnerable to cross-site scripting
2017/06/13 JVN#51355647:
WordPress plugin "WP-Members" vulnerable to cross-site scripting
2017/06/12 JVN#27198823:
Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely invoke an executable file
2017/06/12 JVN#56588965:
Cybozu KUNAI for Android vulnerable to cross-site scripting
2017/06/09 JVN#65154137:
Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) may insecurely load Dynamic Link Libraries
2017/06/09 JVN#34508179:
Installer of "Setup file of advance preparation" may insecurely load Dinamic Link Libraries
2017/06/09 JVN#67305782:
Installer of CASL II simulator(self-extract format) may insecurely load Dynamic Link Libraries
2017/06/08 JVN#31236539:
[Simeji for Windows(β)] installer may insecurely load Dynamic Link Libraries
2017/06/08 JVN#52691241:
Multiple installers of the software provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries
2017/06/07 JVN#99737748:
AppCheck may insecurely invoke an executable file
2017/06/06 JVN#01404851:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/06/06 JVN#20870477:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/06/06 JVN#32120290:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to information disclosure
2017/06/06 JVN#80238098:
Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution
2017/06/06 JVN#98617234:
WordPress plugin "Multi Feed Reader" vulnerable to SQL injection
2017/06/05 JVN#24087303:
Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries
2017/06/02 JVN#08020381:
Installer of SaAT Personal may insecurely load Dynamic Link Libraries
2017/06/02 JVN#91170929:
Installer of SaAT Netizen may insecurely load Dynamic Link Libraries
2017/06/01 JVN#06770361:
Installer of Tera Term may insecurely load Dynamic Link Libraries
2017/06/01 JVN#51274854:
Multiple software for Sharp IC Card Reader/Writer Devices may insecurely load Dynamic Link Libraries
2017/06/01 JVN#70951878:
WordPress plugin "WP Live Chat Support" vulnerable to cross-site scripting
2017/05/26 JVN#92422409:
The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries
2017/05/25 JVNTA#91240916:
Insecure DLL Loading and Command Execution Issues on Many Windows Application Programs
2017/05/25 JVN#41185163:
Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries
2017/05/25 JVN#75514460:
Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely load Dynamic Link Libraries
2017/05/25 JVN#42164352:
GroupSession fails to restrict access permissions
2017/05/24 JVN#91438377:
SSL Visibility Appliance may generate illegal RST packets
2017/05/19 JVN#12493656:
The installer of Empirical Project Monitor - eXtended may insecurely load Dynamic Link Libraries
2017/05/19 JVN#11326581:
Empirical Project Monitor - eXtended vulnerable to cross-site scripting
2017/05/19 JVN#85512750:
Empirical Project Monitor - eXtended vulnerable to cross-site scripting
2017/05/16 JVN#81820501:
FlashAir do not set credential information in PhotoShare
2017/05/16 JVN#46372675:
FlashAir fails to restrict access permissions in PhotoShare
2017/05/16 JVN#96165722:
WordPress plugin "WP Booking System" vulnerable to cross-site scripting
2017/05/16 JVN#24834813:
Multiple BestWebSoft WordPress plugins vulnerable to cross-site scripting
2017/05/16 JVN#70411623:
WordPress plugin "MaxButtons" vulnerable to cross-site scripting
2017/05/12 JVN#16248227:
PrimeDrive Desktop Application Installer may insecurely load executable files
2017/05/11 JVN#51978169:
The installer of SOY CMS vulnerable to cross-site scripting
2017/05/11 JVN#51819749:
SOY CMS vulnerable to directory traversal
2017/05/09 JVN#39605485:
The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries
2017/05/09 JVN#87760109:
Nessus vulnerable to cross-site scripting
2017/04/25 JVN#71572107:
Installer of Vivaldi for Windows may insecurely load executable files
2017/04/21 JVN#48790793:
WNC01WH vulnerable to OS command injection
2017/04/20 JVN#54268888:
Multiple JustSystems products including Hanako may insecurely load Dynamic Link Libraries
2017/04/20 JVN#93931029:
Hoozin Viewer vulnerable to buffer overflow
2017/04/20 JVN#54762089:
WordPress plugin "Booking Calendar" vulnerable to cross-site scripting
2017/04/20 JVN#18739672:
WordPress plugin "Booking Calendar" vulnerable to directory traversal
2017/04/19 JVN#86171513:
SEIL Series routers vulnerable to denial-of-service (DoS)
2017/04/18 JVN#08740778:
NETGEAR ProSAFE Plus Configuration Utility vulnerable to improper access control
2017/04/14 JVN#05340816:
Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries
2017/04/14 JVN#01537659:
WN-AC1167GR vulnerable to cross-site scripting
2017/04/13 JVN#77253951:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2017/04/13 JVN#62392065:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2017/04/11 JVN#17535578:
Multiple vulnerabilities in Cybozu Office
2017/04/11 JVN#82019695:
ASSETBASE vulnerable to cross-site scripting
2017/04/10 JVN#87770873:
CS-Cart Japanese Edition vulnerable to cross-site request forgery
2017/04/10 JVN#14396697:
CS-Cart Japanese Edition fails to restrict access permissions
2017/04/10 JVN#25598952:
​CS-Cart Japanese Edition fails to restrict access permissions
2017/04/10 JVN#81024552:
Multiple vulnerabilities in WN-G300R3
2017/04/10 JVN#17633442:
WordPress plugin "WP Statistics" vulnerable to cross-site scripting
2017/04/07 JVN#64451600:
Tablacus Explorer vulnerable to script injection
2017/03/30 JVN#55121369:
CentreCOM AR260S V2 vulnerable to privilege escalation
2017/03/23 JVN#55294532:
WordPress plugin "YOP Poll" vulnerable to cross-site scripting
2017/03/22 JVN#93699304:
Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries
2017/03/16 JVN#11448789:
Security guide for website operators vulnerable to OS command injection
2017/03/13 JVN#88745657:
Cybozu KUNAI for Android information management vulnerability
2017/03/07 JVN#13003724:
OneThird CMS vulnerable to cross-site scripting
2017/03/07 JVN#49408248:
OneThird CMS vulnerable to cross-site scripting
2017/03/02 JVN#46830433:
Multiple I-O DATA network camera products multiple vulnerabilities
2017/03/01 JVN#88713190:
PrimeDrive Desktop Application Installer may insecurely load Dynamic Link Libraries
2017/03/01 JVN#82619692:
Access CX App fails to verify SSL server certificates
2017/02/28 JVN#73083905:
Multiple vulnerabilities in WBCE CMS
2017/02/28 JVN#63474730:
CubeCart vulnerable to directory traversal
2017/02/27 JVNVU#98045645:
Ichitaro series vulnerable to heap-based buffer overflow