Vulnerability Reports

past 12 months ｜2012 ｜2011 ｜2010 ｜2009 ｜2008 ｜2007 ｜2006 ｜2005 ｜2004

2013

2013/05/23 JVN#39699406:: EC-CUBE vulnerable to information disclosure as a result of improper input checking

2013/05/23 JVN#45306814:: EC-CUBE fails to restrict access permissions

2013/05/23 JVN#00985872:: EC-CUBE vulnerable to session fixation

2013/05/23 JVN#52552792:: EC-CUBE vulnerable to cross-site scripting

2013/05/20 JVN#10461119:: Cross-site scripting vulnerability in the web2py social bookmarking widget

2013/05/15 JVN#85371480:: Wi-Fi Spot Configuration Software vulnerability in the connection process

2013/05/13 JVN#18501376:: OpenPNE vulnerable to cross-site scripting

2013/05/08 JVN#61972596:: Online Service Gate vulnerable in Office 365 password management

2013/04/26 JVN#55074201:: Yahoo! Browser vulnerable to address bar spoofing

2013/04/26 JVN#01313594:: jigbrowser+ for Android vulnerable to address bar spoofing

2013/04/15 JVN#06251813:: Multiple Cybozu products vulnerable to cross-site request forgery

2013/04/12 JVN#02895867:: Sleipnir Mobile for Android loads arbitrary Extension API

2013/04/11 JVN#65034198:: Sleipnir for Windows vulnerable to address bar spoofing

2013/04/04 JVN#04288738:: Active! mail vulnerable to information disclosure

2013/03/29 JVN#01167429:: OpenWnn for Android vulnerable to information disclosure

2013/03/28 JVN#51305555:: Lotus Domino vulnerable to denial-of-service (DoS)

2013/03/26 JVN#11434157:: OpenWnn/Flick support vulnerable to information disclosure

2013/03/26 JVN#11249169:: COBIME vulnerable to information disclosure

2013/03/26 JVN#80922020:: ArtIME Japanese Input vulnerable to information disclosure

2013/03/26 JVN#77360971:: Simeji vulnerable to information disclosure

2013/03/19 JVN#59503133:: Multiple NEC mobile routers vulnerable to cross-site request forgery

2013/03/18 JVN#41022517:: VxWorks Web Server vulnerable to denial-of-service (DoS)

2013/03/18 JVN#65923092:: VxWorks WebCLI vulnerable to denial-of-service (DoS)

2013/03/18 JVN#20671901:: VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

2013/03/18 JVN#52492830:: VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

2013/03/18 JVN#01611135:: VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

2013/03/18 JVN#45545972:: VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

2013/03/07 JVN#05132866:: Multiple Cisco products vulnerable to denial-of-service (DoS)

2013/03/01 JVN#55924624:: Kingsoft Writer vulnerable to buffer overflow

2013/02/28 JVN#36339873:: dopvSTAR* vulnerable to cross-site scripting

2013/02/28 JVN#64756004:: dopvCOMET* vulnerable to cross-site scripting

2013/02/26 JVN#16817324:: Multiple JustSystems products vulnerable to arbitrary code execution

2013/02/21 JVN#75585394:: NEC Universal RAID Utility fails to restrict access permissions

2013/02/15 JVN#02596643:: 3DM (3ware Disk Manager) vulnerable to directory traversal

2013/02/14 JVN#78601526:: GREE for Android vulnerable to directory traversal

2013/02/14 JVN#09223079:: imgboard vulnerable to cross-site scripting

2013/02/08 JVN#95863326:: Cybozu Garoon vulnerable to cross-site scripting

2013/02/08 JVN#07629635:: Cybozu Garoon vulnerable to SQL injection

2013/02/07 JVN#91387819:: mora Downloader may insecurely load executable files

2013/01/31 JVN#86040029:: Weathernews Touch for Android stores location information in the system log file

2013/01/25 JVN#24343509:: WebSphere Application Server (WAS) vulnerable to cross-site scripting

2013/01/22 JVN#99681273:: myu-s / PHP WeblogSystem by netmania vulnerable to cross-site scripting

2013/01/18 JVN#52197991:: Documents Pro (formerly Files HD) vulnerable to directory traversal

2013/01/18 JVN#91881278:: Documents Pro (formerly Files HD) vulnerable to cross-site scripting

2012

2012/12/21 JVN#33159152:: Loctouch for Android information management vulnerability

2012/12/21 JVN#42625179:: Loctouch for Android vulnerable in handling of implicit intents

2012/12/21 JVN#65458431:: concrete5 vulnerable to cross-site scripting

2012/12/20 JVN#27691264:: Opera Mini / Opera Mobile for Android vulnerable in the WebView class

2012/12/20 JVN#69589791:: Boat Browser / Boat Browser Mini vulnerable in the WebView class

2012/12/17 JVN#66596216:: WikkaWiki vulnerable to cross-site scripting

2012/12/14 JVN#53269985:: Welcart vulnerable to cross-site request forgery

2012/12/14 JVN#18731696:: Welcart vulnerable to cross-site scripting

2012/12/06 JVN#23563149:: KENT-WEB ACCESS REPORT vulnerable to cross-site scripting

2012/12/06 JVN#68830017:: KENT-WEB ACCESS REPORT vulnerable to cross-site scripting

2012/11/30 JVN#83907168:: Multiple KYOCERA mobile devices may reboot during email reception

2012/11/21 JVN#60931933:: BIGACE vulnerable to session fixation

2012/11/16 JVN#56923652:: Monaca Debugger for Android information management vulnerability

2012/11/14 JVN#74829345:: Multiple Android devices vulnerable to denial-of-service (DoS)

2012/11/07 JVN#18223913:: BeZIP vulnerable to directory traversal

2012/11/02 JVN#55398821:: Pebble vulnerable to open redirect

2012/11/02 JVN#39563771:: Pebble vulnerable to HTTP header injection

2012/11/02 JVN#75492883:: Pebble vulnerability where entries may become unviewable

2012/11/02 JVN#52264310:: MosP kintai kanri vulnerable to authentication bypass

2012/11/02 JVN#23465354:: MosP kintai kanri fails to restrict access permissions

2012/10/31 JVN#75345069:: Mac OS X OpenSSH vulnerable to denial-of-service (DoS)

2012/10/26 JVN#00322303:: Tokyo BBS vulnerable to cross-site scripting

2012/10/23 JVN#42676559:: Safari vulnerable to local file content disclosure

2012/10/10 JVN#63650108:: Smarty vulnerable to cross-site scripting

2012/10/05 JVN#58160713:: MyWebSearch vulnerable to cross-site scripting

2012/09/28 JVN#86318665:: jigbrowser+ for Android vulnerable in the WebView class

2012/09/27 JVN#42014489:: Trend Micro Control Manager vulnerable to SQL injection

2012/09/25 JVN#93344001:: ATOK for Android issue in the access permissions for the learning information file

2012/09/20 JVN#56373673:: myLittleAdmin for SQL Server 2000 vulnerable to arbitrary script execution

2012/09/20 JVN#50701493:: Email Anti-virus (formerly WebShield SMTP) vulnerable to denial-of-service

2012/09/13 JVN#03015214:: KUNAI Browser for Remote Service beta vulnerable in the WebView class

2012/09/07 JVN#59652356:: Cybozu KUNAI for Android vulnerable in the WebView class

2012/09/07 JVN#23568423:: Cybozu KUNAI for Android vulnerable to arbitrary Java method execution

2012/08/31 JVN#77393797:: Cybozu Live for Android vulnerable in the WebView class

2012/08/31 JVN#23009798:: Cybozu Live for Android vulnerable to arbitrary Java method execution

2012/08/30 JVN#69880570:: Opera address bar spoofing vulnerability

2012/08/30 JVN#51615542:: Adobe Reader fails to properly handle signatures

2012/08/17 JVN#92038939:: mixi for Android information management vulnerability

2012/08/16 JVN#99192898:: Multiple GREE Android applications vulnerable in the WebView class

2012/08/08 JVN#39519659:: Sleipnir Mobile for Android vulnerable to arbitrary script execution

2012/08/08 JVN#99730704:: Sleipnir Mobile for Android vulnerable to arbitrary Java method execution

2012/08/07 JVN#67435981:: LINE for Android vulnerable in handling of implicit intents

2012/08/02 JVN#01598734:: GoodReader vulnerable to cross-site scripting

2012/07/30 JVN#51769987:: Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration

2012/07/30 JVN#90389651:: Multiple web browsers vulnerable in processing Tranfer-Encoding header

2012/07/24 JVN#88643450:: Sleipnir Mobile for Android vulnerable in the WebView class

2012/07/13 JVN#46088915:: Yahoo! Browser vulnerable in the WebView class

2012/07/06 JVN#79111101:: Movable Type plugin MT4i vulnerable to cross-site scripting

2012/07/06 JVN#03582364:: YY-BOARD vulnerable to cross-site scripting

2012/07/06 JVN#80835745:: Movable Type plugin MT4i vulnerable to cross-site scripting

2012/07/06 JVN#90615481:: Ruby hash table implementation vulnerable to denial-of-service

2012/07/03 JVN#59842447:: Zenphoto vulnerable to cross-site scripting

2012/07/03 JVN#05102851:: Yome Collection for Android issue in management of IMEI

2012/06/19 JVN#36993373:: SmallPICT vulnerable to cross-site scripting

2012/06/19 JVN#51176027:: Python SimpleHTTPServer vulnerable to cross-site scripting

2012/06/19 JVN#58102473:: WEB PATIO vulnerable to cross-site scripting

2012/06/19 JVN#33171616:: WEB PATIO vulnerable to cross-site scripting

2012/06/14 JVN#90751882:: Dolphin Browser vulnerable in the WebView class

2012/06/11 JVN#38163638:: Flash Player issue in implementations of the Same Origin Policy

2012/06/07 JVN#18397171:: FeedDemon vulnerable to arbitrary script execution

2012/06/06 JVN#24646833:: SEIL series fail to restrict access permissions

2012/06/06 JVN#15646988:: WordPress plugin WassUp vulnerable to cross-site scripting

2012/06/05 JVN#78305073:: @WEB ShoppingCart vulnerable to cross-site scripting

2012/06/01 JVN#23328321:: Puella Magi Madoka Magica iP for Android vulnerable to information disclosure

2012/06/01 JVN#97995841:: Segue vulnerable to SQL injection

2012/06/01 JVN#29083866:: Segue vulnerable to cross-site scripting

2012/05/25 JVN#85934986:: Logitec LAN-W300N/R series fails to restrict access permissions

2012/05/25 JVN#21422837:: Roundcube Webmail vulnerable to cross-site scripting

2012/05/25 JVN#39707339:: Opera fails to verify SSL server certificates

2012/05/25 JVN#47662377:: Sybase EAServer vulnerable to cross-site scripting

2012/05/25 JVN#77947437:: RSSOwl vulnerable to arbitrary script execution