JVNRSS Feed - JP
https://jvn.jp/
JVNRSS Feed - Update EntryJVNjvn@jvn.jp2024-03-28T11:29:33+09:002024-03-28T11:29:33+09:002024-03-28T11:29:33+09:00SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries
https://jvn.jp/en/jp/JVN40367518/
SonicDICOM Media Viewer may insecurely load Dynamic Link Libraries.JVNjvn@jvn.jpJVN#40367518https://jvn.jp/en/jp/JVN40367518/2024-03-27T12:00:15+09:002024-03-27T12:00:15+09:002024-03-27T12:00:15+09:00Multiple vulnerabilities in WordPress Plugin "Survey Maker"
https://jvn.jp/en/jp/JVN51098626/
WordPress Plugin "Survey Maker" provided by AYS Pro Plugins contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#51098626https://jvn.jp/en/jp/JVN51098626/2024-03-27T12:00:00+09:002024-03-27T12:00:00+09:002024-03-27T12:00:00+09:000ch BBS Script (0ch) vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN46874970/
0ch BBS Script (0ch) contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#46874970https://jvn.jp/en/jp/JVN46874970/2024-03-25T15:00:25+09:002024-03-25T15:00:25+09:002024-03-25T15:00:25+09:00ffBull vulnerable to OS command injection
https://jvn.jp/en/jp/JVN17176449/
ffBull contains an OS command injection vulnerability.JVNjvn@jvn.jpJVN#17176449https://jvn.jp/en/jp/JVN17176449/2024-03-25T15:00:20+09:002024-03-25T15:00:20+09:002024-03-25T15:00:20+09:00Mini Thread vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN40523785/
Mini Thread provided by Flash CGI contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#40523785https://jvn.jp/en/jp/JVN40523785/2024-03-25T15:00:15+09:002024-03-25T15:00:15+09:002024-03-25T15:00:15+09:00WebProxy vulnerable to OS command injection
https://jvn.jp/en/jp/JVN22376992/
WebProxy contains an OS command injection vulnerability.JVNjvn@jvn.jpJVN#22376992https://jvn.jp/en/jp/JVN22376992/2024-03-25T15:00:10+09:002024-03-25T15:00:10+09:002024-03-25T15:00:10+09:00TvRock vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN69107517/
TvRock contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#69107517https://jvn.jp/en/jp/JVN69107517/2024-03-25T15:00:05+09:002024-03-25T15:00:05+09:002024-03-25T15:00:05+09:00"EasyRange" may insecurely load executable files
https://jvn.jp/en/jp/JVN13113728/
"EasyRange" <http://sira.jp/soft/> provided by sira.jp (according to the original report submitted by the reporter) contains an issue with the executable file search path, which may lead to loading an arbitrary executable file.JVNjvn@jvn.jpJVN#13113728https://jvn.jp/en/jp/JVN13113728/2024-03-25T15:00:00+09:002024-03-25T15:00:00+09:002024-03-25T15:00:00+09:00WordPress Plugin "easy-popup-show" vulnerable to cross-site request forgery
https://jvn.jp/en/jp/JVN86206017/
WordPress Plugin "easy-popup-show" contains a cross-site request forgery vulnerability.JVNjvn@jvn.jpJVN#86206017https://jvn.jp/en/jp/JVN86206017/2024-03-25T12:00:00+09:002024-03-25T12:00:00+09:002024-03-25T12:00:00+09:00Multiple vulnerabilities in FitNesse
https://jvn.jp/en/jp/JVN94521208/
FitNesse contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#94521208https://jvn.jp/en/jp/JVN94521208/2024-03-18T12:00:00+09:002024-03-18T12:00:00+09:002024-03-18T12:00:00+09:00"ABEMA" App for Android fails to restrict access permissions
https://jvn.jp/en/jp/JVN70640802/
"ABEMA" App for Android provided by AbemaTV, Inc. fails to restrict access permissions.JVNjvn@jvn.jpJVN#70640802https://jvn.jp/en/jp/JVN70640802/2024-03-15T12:00:00+09:002024-03-15T12:00:00+09:002024-03-15T12:00:00+09:00a-blog cms vulnerable to directory traversal
https://jvn.jp/en/jp/JVN48443978/
a-blog cms contains a directory traversal vulnerability.JVNjvn@jvn.jpJVN#48443978https://jvn.jp/en/jp/JVN48443978/2024-03-08T12:00:00+09:002024-03-08T12:00:00+09:002024-03-08T12:00:00+09:00Multiple vulnerabilities in SKYSEA Client View
https://jvn.jp/en/jp/JVN54451757/
SKYSEA Client View provided by Sky Co.,LTD. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#54451757https://jvn.jp/en/jp/JVN54451757/2024-03-07T15:30:00+09:002024-03-07T15:30:00+09:002024-03-07T15:30:00+09:00FUJIFILM Business Innovation Corp. printers vulnerable to cross-site request forgery
https://jvn.jp/en/jp/JVN34328023/
FUJIFILM Business Innovation Corp. printers contain a cross-site request forgery vulnerability.JVNjvn@jvn.jpJVN#34328023https://jvn.jp/en/jp/JVN34328023/2024-03-06T16:30:15+09:002024-03-06T16:30:15+09:002024-03-06T16:30:15+09:00Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management
https://jvn.jp/en/jp/JVN82749078/
Multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#82749078https://jvn.jp/en/jp/JVN82749078/2024-03-06T16:30:00+09:002024-03-06T16:30:00+09:002024-03-06T16:30:00+09:00Toyoko Inn official App vulnerable to improper server certificate verification
https://jvn.jp/en/jp/JVN52919306/
Toyoko Inn official App is vulnerable to improper server certificate verification.JVNjvn@jvn.jpJVN#52919306https://jvn.jp/en/jp/JVN52919306/2024-03-06T12:00:00+09:002024-03-06T12:00:00+09:002024-03-06T12:00:00+09:00Protection mechanism failure in RevoWorks
https://jvn.jp/en/jp/JVN35928117/
RevoWorks SCVX and RevoWorks Browser provided by J's Communications Co., Ltd. contain a protection mechanism failure vulnerability.JVNjvn@jvn.jpJVN#35928117https://jvn.jp/en/jp/JVN35928117/2024-02-29T14:00:15+09:002024-02-29T14:00:15+09:002024-02-29T14:00:15+09:00OET-213H-BTS1 missing authorization check in the initial configuration
https://jvn.jp/en/jp/JVN77203800/
OET-213H-BTS1 developed by Zhejiang Uniview Technologies Co.,Ltd and provided by Atsumi Electric Co., Ltd. does not perform an authorization check in the initial configuration.JVNjvn@jvn.jpJVN#77203800https://jvn.jp/en/jp/JVN77203800/2024-02-29T14:00:00+09:002024-02-29T14:00:00+09:002024-02-29T14:00:00+09:00OpenPNE plugin "opTimelinePlugin" vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN78084105/
OpenPNE plugin "opTimelinePlugin" contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#78084105https://jvn.jp/en/jp/JVN78084105/2024-02-29T12:00:00+09:002024-02-29T12:00:00+09:002024-02-29T12:00:00+09:00Multiple vulnerabilities in baserCMS
https://jvn.jp/en/jp/JVN73283159/
baserCMS provided by baserCMS Users Community contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#73283159https://jvn.jp/en/jp/JVN73283159/2024-02-27T12:00:00+09:002024-02-27T12:00:00+09:002024-02-27T12:00:00+09:00Multiple vulnerabilities in ELECOM wireless LAN routers
https://jvn.jp/en/jp/JVN44166658/
Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#44166658https://jvn.jp/en/jp/JVN44166658/2024-02-20T12:00:00+09:002024-02-20T12:00:00+09:002024-02-20T12:00:00+09:00a-blog cms vulnerable to URL spoofing
https://jvn.jp/en/jp/JVN48966481/
a-blog cms contains an URL spoofing vulnerability.JVNjvn@jvn.jpJVN#48966481https://jvn.jp/en/jp/JVN48966481/2024-02-15T12:00:00+09:002024-02-15T12:00:00+09:002024-02-15T12:00:00+09:00Zeroshell vulnerable to OS command injection
https://jvn.jp/en/jp/JVN44033918/
Zeroshell Linux distribution contains an OS command injection vulnerability.JVNjvn@jvn.jpJVN#44033918https://jvn.jp/en/jp/JVN44033918/2024-02-07T12:00:00+09:002024-02-07T12:00:00+09:002024-02-07T12:00:00+09:00Cybozu KUNAI for Android vulnerable to denial-of-service (DoS)
https://jvn.jp/en/jp/JVN18743512/
Cybozu KUNAI for Android contains a denial-of-service (DoS) vulnerability.JVNjvn@jvn.jpJVN#18743512https://jvn.jp/en/jp/JVN18743512/2024-02-06T12:00:00+09:002024-02-06T12:00:00+09:002024-02-06T12:00:00+09:00Group Office vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN63567545/
Group Office contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#63567545https://jvn.jp/en/jp/JVN63567545/2024-02-01T12:00:15+09:002024-02-01T12:00:15+09:002024-02-01T12:00:15+09:00Payment EX vulnerable to information disclosure
https://jvn.jp/en/jp/JVN41129639/
Payment EX provided by Simplesite contains an information disclosure vulnerability.JVNjvn@jvn.jpJVN#41129639https://jvn.jp/en/jp/JVN41129639/2024-02-01T12:00:00+09:002024-02-01T12:00:00+09:002024-02-01T12:00:00+09:00"Mercari" App for Android fails to restrict custom URL schemes properly
https://jvn.jp/en/jp/JVN70818619/
"Mercari" App for Android provided by Mercari, Inc. fails to restrict custom URL schemes properly.JVNjvn@jvn.jpJVN#70818619https://jvn.jp/en/jp/JVN70818619/2024-01-24T12:00:15+09:002024-01-24T12:00:15+09:002024-01-24T12:00:15+09:00Oracle WebLogic Server vulnerable to HTTP header injection
https://jvn.jp/en/jp/JVN93541851/
Oracle WebLogic Server contains an HTTP header injection vulnerability.JVNjvn@jvn.jpJVN#93541851https://jvn.jp/en/jp/JVN93541851/2024-01-24T12:00:00+09:002024-01-24T12:00:00+09:002024-01-24T12:00:00+09:00Android App "Spoon" uses a hard-coded API key for an external service
https://jvn.jp/en/jp/JVN96154238/
Android App "Spoon" uses a hard-coded API key for an external service.JVNjvn@jvn.jpJVN#96154238https://jvn.jp/en/jp/JVN96154238/2024-01-23T14:00:45+09:002024-01-23T14:00:45+09:002024-01-23T14:00:45+09:00Improper restriction of XML external entity references (XXE) in MLIT "Electronic Delivery Check System" and "Electronic delivery item Inspection Support System"
https://jvn.jp/en/jp/JVN77736613/
"Electronic Delivery Check System" and "Electronic delivery item Inspection Support System" provided by Ministry of Land, Infrastructure, Transport and Tourism, Japan improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#77736613https://jvn.jp/en/jp/JVN77736613/2024-01-23T14:00:30+09:002024-01-23T14:00:30+09:002024-01-23T14:00:30+09:00Improper restriction of XML external entity references (XXE) in "Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)"
https://jvn.jp/en/jp/JVN01434915/
"Electronic Delivery Check System (Ministry of Agriculture, Forestry and Fisheries The Agriculture and Rural Development Project Version)" provided by Ministry of Agriculture, Forestry and Fisheries improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#01434915https://jvn.jp/en/jp/JVN01434915/2024-01-23T14:00:15+09:002024-01-23T14:00:15+09:002024-01-23T14:00:15+09:00Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense
https://jvn.jp/en/jp/JVN40049211/
Electronic Deliverables Creation Support Tool provided by Ministry of Defense improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#40049211https://jvn.jp/en/jp/JVN40049211/2024-01-23T14:00:00+09:002024-01-23T14:00:00+09:002024-01-23T14:00:00+09:00Access analysis CGI An-Analyzer vulnerable to open redirect
https://jvn.jp/en/jp/JVN73587943/
Access analysis CGI An-Analyzer contains an open redirect vulnerability.JVNjvn@jvn.jpJVN#73587943https://jvn.jp/en/jp/JVN73587943/2024-01-22T12:00:15+09:002024-01-22T12:00:15+09:002024-01-22T12:00:15+09:00Multiple vulnerabilities in a-blog cms
https://jvn.jp/en/jp/JVN34565930/
a-blog cms contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#34565930https://jvn.jp/en/jp/JVN34565930/2024-01-22T12:00:00+09:002024-01-22T12:00:00+09:002024-01-22T12:00:00+09:00FusionPBX vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN67215338/
FusionPBX contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#67215338https://jvn.jp/en/jp/JVN67215338/2024-01-19T12:00:00+09:002024-01-19T12:00:00+09:002024-01-19T12:00:00+09:00Multiple Dahua Technology products vulnerable to authentication bypass
https://jvn.jp/en/jp/JVN83655695/
Multiple products provided by Dahua Technology contain an authentication bypass vulnerability.JVNjvn@jvn.jpJVN#83655695https://jvn.jp/en/jp/JVN83655695/2024-01-18T12:00:00+09:002024-01-18T12:00:00+09:002024-01-18T12:00:00+09:00Drupal vulnerable to improper handling of structural elements
https://jvn.jp/en/jp/JVN63383723/
Drupal contains an improper handling of structural elements vulnerability.JVNjvn@jvn.jpJVN#63383723https://jvn.jp/en/jp/JVN63383723/2024-01-16T12:00:00+09:002024-01-16T12:00:00+09:002024-01-16T12:00:00+09:00Pleasanter vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN51135247/
Pleasanter provided by Implem Inc. contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#51135247https://jvn.jp/en/jp/JVN51135247/2024-01-15T14:00:15+09:002024-01-15T14:00:15+09:002024-01-15T14:00:15+09:00Thermal camera TMC series vulnerable to insufficient technical documentation
https://jvn.jp/en/jp/JVN96240417/
About thermal camera TMC series, sufficient technical information is not provided.JVNjvn@jvn.jpJVN#96240417https://jvn.jp/en/jp/JVN96240417/2024-01-15T14:00:00+09:002024-01-15T14:00:00+09:002024-01-15T14:00:00+09:00Improper input validation vulnerability in WordPress Plugin "WordPress Quiz Maker Plugin"
https://jvn.jp/en/jp/JVN37326856/
WordPress Plugin "WordPress Quiz Maker Plugin" contains an improper input validation vulnerability.JVNjvn@jvn.jpJVN#37326856https://jvn.jp/en/jp/JVN37326856/2024-01-12T12:00:00+09:002024-01-12T12:00:00+09:002024-01-12T12:00:00+09:00Multiple vulnerabilities in PowerCMS
https://jvn.jp/en/jp/JVN32646742/
PowerCMS provided by Alfasado Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#32646742https://jvn.jp/en/jp/JVN32646742/2023-12-26T12:00:15+09:002023-12-26T12:00:15+09:002023-12-26T12:00:15+09:00Multiple vulnerabilities in BUFFALO VR-S1000
https://jvn.jp/en/jp/JVN23771490/
VR-S1000 provided by BUFFALO INC. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#23771490https://jvn.jp/en/jp/JVN23771490/2023-12-26T12:00:00+09:002023-12-26T12:00:00+09:002023-12-26T12:00:00+09:00Multiple vulnerabilities in GROWI
https://jvn.jp/en/jp/JVN18715935/
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#18715935https://jvn.jp/en/jp/JVN18715935/2023-12-13T14:00:00+09:002023-12-13T14:00:00+09:002023-12-13T14:00:00+09:00Multiple denial-of-service (DoS) vulnerabilities in JTEKT ELECTRONICS HMI GC-A2 series
https://jvn.jp/en/jp/JVN34145838/
HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contains multiple denial-of-service (DoS) vulnerabilities.JVNjvn@jvn.jpJVN#34145838https://jvn.jp/en/jp/JVN34145838/2023-12-11T12:00:00+09:002023-12-11T12:00:00+09:002023-12-11T12:00:00+09:00RakRak Document Plus vulnerable to path traversal
https://jvn.jp/en/jp/JVN46895889/
RakRak Document Plus provided by Sumitomo Electric Information Systems Co., Ltd. contains a path traversal vulnerability.JVNjvn@jvn.jpJVN#46895889https://jvn.jp/en/jp/JVN46895889/2023-12-04T12:00:00+09:002023-12-04T12:00:00+09:002023-12-04T12:00:00+09:00Ruckus Access Point vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN45891816/
Ruckus Access Point contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#45891816https://jvn.jp/en/jp/JVN45891816/2023-12-01T12:00:00+09:002023-12-01T12:00:00+09:002023-12-01T12:00:00+09:00Multiple vulnerabilities in LuxCal Web Calendar
https://jvn.jp/en/jp/JVN15005948/
LuxCal Web Calendar provided by LuxSoft contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#15005948https://jvn.jp/en/jp/JVN15005948/2023-11-20T12:00:00+09:002023-11-20T12:00:00+09:002023-11-20T12:00:00+09:00Multiple vulnerabilities in CubeCart
https://jvn.jp/en/jp/JVN22220399/
CubeCart provided by CubeCart Limited contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#22220399https://jvn.jp/en/jp/JVN22220399/2023-11-17T12:00:15+09:002023-11-17T12:00:15+09:002023-11-17T12:00:15+09:00Redmine vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN13618065/
Redmine contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#13618065https://jvn.jp/en/jp/JVN13618065/2023-11-17T12:00:00+09:002023-11-17T12:00:00+09:002023-11-17T12:00:00+09:00OSS Calendar vulnerable to SQL injection
https://jvn.jp/en/jp/JVN67822421/
OSS Calendar provided by Thinkingreed Inc. contains an SQL injection vulnerability.JVNjvn@jvn.jpJVN#67822421https://jvn.jp/en/jp/JVN67822421/2023-11-14T12:00:00+09:002023-11-14T12:00:00+09:002023-11-14T12:00:00+09:00Multiple vulnerabilities in Pleasanter
https://jvn.jp/en/jp/JVN96209256/
Pleasanter provided by Implem Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#96209256https://jvn.jp/en/jp/JVN96209256/2023-11-13T14:00:00+09:002023-11-13T14:00:00+09:002023-11-13T14:00:00+09:00Multiple vulnerabilities in Cisco Firepower Management Center Software
https://jvn.jp/en/jp/JVN17806703/
Cisco Firepower Management Center Software provided by Cisco Systems contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#17806703https://jvn.jp/en/jp/JVN17806703/2023-11-13T12:00:00+09:002023-11-13T12:00:00+09:002023-11-13T12:00:00+09:00HOTELDRUID vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN99177549/
HOTELDRUID provided by DigitalDruid.Net contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#99177549https://jvn.jp/en/jp/JVN99177549/2023-11-10T12:00:15+09:002023-11-10T12:00:15+09:002023-11-10T12:00:15+09:00Remarshal unlimitedly expanding YAML alias nodes
https://jvn.jp/en/jp/JVN86156389/
Remarshal expands YAML alias nodes unlimitedly, vulnerable to Billion-laughs Attack.JVNjvn@jvn.jpJVN#86156389https://jvn.jp/en/jp/JVN86156389/2023-11-10T12:00:00+09:002023-11-10T12:00:00+09:002023-11-10T12:00:00+09:00EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution
https://jvn.jp/en/jp/JVN29195731/
EC-CUBE 3 series and 4 series provided by EC-CUBE CO.,LTD. contain an arbitrary code execution vulnerability.JVNjvn@jvn.jpJVN#29195731https://jvn.jp/en/jp/JVN29195731/2023-11-07T12:00:00+09:002023-11-07T12:00:00+09:002023-11-07T12:00:00+09:00Improper restriction of XML external entity references (XXE) in e-Tax software
https://jvn.jp/en/jp/JVN14762986/
e-Tax software provided by National Tax Agency improperly restricts XML external entity references (XXE) due to the configuration of the embedded XML parser.JVNjvn@jvn.jpJVN#14762986https://jvn.jp/en/jp/JVN14762986/2023-11-02T12:00:00+09:002023-11-02T12:00:00+09:002023-11-02T12:00:00+09:00Cybozu Remote Service vulnerable to uncontrolled resource consumption
https://jvn.jp/en/jp/JVN94132951/
Cybozu Remote Service provided by Cybozu, Inc. is vulnerable to uncontrolled resource consumption.JVNjvn@jvn.jpJVN#94132951https://jvn.jp/en/jp/JVN94132951/2023-10-31T12:00:00+09:002023-10-31T12:00:00+09:002023-10-31T12:00:00+09:00Inkdrop vulnerable to code injection
https://jvn.jp/en/jp/JVN48057522/
Inkdrop contains a code injection vulnerability.JVNjvn@jvn.jpJVN#48057522https://jvn.jp/en/jp/JVN48057522/2023-10-30T12:00:00+09:002023-10-30T12:00:00+09:002023-10-30T12:00:00+09:00Multiple vulnerabilities in baserCMS
https://jvn.jp/en/jp/JVN45547161/
baserCMS provided by baserCMS Users Community contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#45547161https://jvn.jp/en/jp/JVN45547161/2023-10-27T12:00:00+09:002023-10-27T12:00:00+09:002023-10-27T12:00:00+09:00Movable Type vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN39139884/
Movable Type provided by Six Apart Ltd. contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#39139884https://jvn.jp/en/jp/JVN39139884/2023-10-25T14:00:00+09:002023-10-25T14:00:00+09:002023-10-25T14:00:00+09:00HP ThinUpdate vulnerable to improper server certificate verification
https://jvn.jp/en/jp/JVN02058996/
HP ThinUpdate is vulnerable to improper server certificate verification.JVNjvn@jvn.jpJVN#02058996https://jvn.jp/en/jp/JVN02058996/2023-10-23T12:00:00+09:002023-10-23T12:00:00+09:002023-10-23T12:00:00+09:00Multiple vulnerabilities in JustSystems products
https://jvn.jp/en/jp/JVN28846531/
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#28846531https://jvn.jp/en/jp/JVN28846531/2023-10-19T12:00:00+09:002023-10-19T12:00:00+09:002023-10-19T12:00:00+09:00Improper restriction of XML external entity references (XXE) in Proself
https://jvn.jp/en/jp/JVN95981460/
Proself provided by North Grid Corporation improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#95981460https://jvn.jp/en/jp/JVN95981460/2023-10-18T14:30:00+09:002023-10-18T14:30:00+09:002023-10-18T14:30:00+09:00web2py vulnerable to OS command injection
https://jvn.jp/en/jp/JVN80476432/
web2py contains an OS command injection vulnerability.JVNjvn@jvn.jpJVN#80476432https://jvn.jp/en/jp/JVN80476432/2023-10-16T12:00:15+09:002023-10-16T12:00:15+09:002023-10-16T12:00:15+09:00Scanning evasion issue in Cisco Secure Email Gateway
https://jvn.jp/en/jp/JVN58574030/
Cisco Secure Email Gateway provided by Cisco Systems may fail to detect specially crafted files.JVNjvn@jvn.jpJVN#58574030https://jvn.jp/en/jp/JVN58574030/2023-10-16T12:00:00+09:002023-10-16T12:00:00+09:002023-10-16T12:00:00+09:00e-Gov Client Application fails to restrict custom URL schemes properly
https://jvn.jp/en/jp/JVN15808274/
e-Gov Client Application fails to restrict custom URL schemes properly.JVNjvn@jvn.jpJVN#15808274https://jvn.jp/en/jp/JVN15808274/2023-10-06T12:00:00+09:002023-10-06T12:00:00+09:002023-10-06T12:00:00+09:00Citadel WebCit vulnerable to cross-site scripting on Instant Messaging facility
https://jvn.jp/en/jp/JVN08237727/
Citadel WebCit contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#08237727https://jvn.jp/en/jp/JVN08237727/2023-10-04T12:00:00+09:002023-10-04T12:00:00+09:002023-10-04T12:00:00+09:00Improper restriction of XML external entity references (XXE) in FD Application
https://jvn.jp/en/jp/JVN39596244/
FD Application provided by Ministry of Health, Labour and Welfare improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#39596244https://jvn.jp/en/jp/JVN39596244/2023-10-02T12:00:00+09:002023-10-02T12:00:00+09:002023-10-02T12:00:00+09:00Shihonkanri Plus vulnerable to relative path traversal
https://jvn.jp/en/jp/JVN17434995/
Shihonkanri Plus contains a relative path traversal vulnerability.JVNjvn@jvn.jpJVN#17434995https://jvn.jp/en/jp/JVN17434995/2023-09-27T12:00:00+09:002023-09-27T12:00:00+09:002023-09-27T12:00:00+09:00Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
https://jvn.jp/en/jp/JVN97197972/
WordPress plugin "Welcart e-Commerce" contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#97197972https://jvn.jp/en/jp/JVN97197972/2023-09-22T12:00:00+09:002023-09-22T12:00:00+09:002023-09-22T12:00:00+09:00Pyramid vulnerable to directory traversal
https://jvn.jp/en/jp/JVN41113329/
Pyramid provided by Pylons Project contains a directory traversal vulnerability.JVNjvn@jvn.jpJVN#41113329https://jvn.jp/en/jp/JVN41113329/2023-09-11T12:00:00+09:002023-09-11T12:00:00+09:002023-09-11T12:00:00+09:00"direct" Desktop App for macOS fails to restrict access permissions
https://jvn.jp/en/jp/JVN42691027/
"direct" Desktop App for macOS provided by L is B Corp. fails to restrict access permissions.JVNjvn@jvn.jpJVN#42691027https://jvn.jp/en/jp/JVN42691027/2023-09-06T14:00:00+09:002023-09-06T14:00:00+09:002023-09-06T14:00:00+09:00Multiple vulnerabilities in F-RevoCRM
https://jvn.jp/en/jp/JVN78113802/
F-RevoCRM provided by Thinkingreed Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#78113802https://jvn.jp/en/jp/JVN78113802/2023-09-05T14:00:00+09:002023-09-05T14:00:00+09:002023-09-05T14:00:00+09:00Multiple vulnerabilities in CGIs of PMailServer and PMailServer2
https://jvn.jp/en/jp/JVN92720882/
CGIs included with PMailServer and PMailServer2 provided by A.K.I Software contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#92720882https://jvn.jp/en/jp/JVN92720882/2023-09-05T12:00:00+09:002023-09-05T12:00:00+09:002023-09-05T12:00:00+09:00Multiple vulnerabilities in SHIRASAGI
https://jvn.jp/en/jp/JVN82758000/
SHIRASAGI contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#82758000https://jvn.jp/en/jp/JVN82758000/2023-09-04T12:00:00+09:002023-09-04T12:00:00+09:002023-09-04T12:00:00+09:00Multiple vulnerabilities in i-PRO VI Web Client
https://jvn.jp/en/jp/JVN60140221/
VI Web Client provided by i-PRO Co., Ltd. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#60140221https://jvn.jp/en/jp/JVN60140221/2023-08-31T12:00:00+09:002023-08-31T12:00:00+09:002023-08-31T12:00:00+09:00SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)
https://jvn.jp/en/jp/JVN86484824/
Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service (ReDoS) vulnerability.JVNjvn@jvn.jpJVN#86484824https://jvn.jp/en/jp/JVN86484824/2023-08-24T12:00:15+09:002023-08-24T12:00:15+09:002023-08-24T12:00:15+09:00"Skylark" App fails to restrict custom URL schemes properly
https://jvn.jp/en/jp/JVN03447226/
"Skylark" App fails to restrict custom URL schemes properly.JVNjvn@jvn.jpJVN#03447226https://jvn.jp/en/jp/JVN03447226/2023-08-24T12:00:00+09:002023-08-24T12:00:00+09:002023-08-24T12:00:00+09:00Rakuten WiFi Pocket vulnerable to improper authentication
https://jvn.jp/en/jp/JVN55217369/
Management Screen of Rakuten WiFi Pocket provided by Rakuten Mobile, Inc. contains an improper authentication vulnerability.JVNjvn@jvn.jpJVN#55217369https://jvn.jp/en/jp/JVN55217369/2023-08-23T12:00:00+09:002023-08-23T12:00:00+09:002023-08-23T12:00:00+09:00WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN98946408/
WordPress Plugin "Advanced Custom Fields" contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#98946408https://jvn.jp/en/jp/JVN98946408/2023-08-21T12:00:15+09:002023-08-21T12:00:15+09:002023-08-21T12:00:15+09:00Multiple vulnerabilities in LuxCal Web Calendar
https://jvn.jp/en/jp/JVN04876736/
LuxCal Web Calendar provided by LuxSoft contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#04876736https://jvn.jp/en/jp/JVN04876736/2023-08-21T12:00:00+09:002023-08-21T12:00:00+09:002023-08-21T12:00:00+09:00Multiple vulnerabilities in Proself
https://jvn.jp/en/jp/JVN19661362/
Proself provided by North Grid Corporation contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#19661362https://jvn.jp/en/jp/JVN19661362/2023-08-18T11:00:00+09:002023-08-18T11:00:00+09:002023-08-18T11:00:00+09:00EC-CUBE 2 series vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN46993816/
EC-CUBE 2 series provided by EC-CUBE CO.,LTD. contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#46993816https://jvn.jp/en/jp/JVN46993816/2023-08-17T14:00:00+09:002023-08-17T14:00:00+09:002023-08-17T14:00:00+09:00"Rikunabi NEXT" App for Android fails to restrict custom URL schemes properly
https://jvn.jp/en/jp/JVN84820712/
"Rikunabi NEXT" App for Android provided by Recruit Co., Ltd. fails to restrict custom URL schemes properly.JVNjvn@jvn.jpJVN#84820712https://jvn.jp/en/jp/JVN84820712/2023-08-09T12:00:00+09:002023-08-09T12:00:00+09:002023-08-09T12:00:00+09:00"FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly
https://jvn.jp/en/jp/JVN42527152/
"FFRI yarai" and "FFRI yarai Home and Business Edition" provided by FFRI Security, Inc. handle exceptional conditions improperly. Their OEM products are affected too.JVNjvn@jvn.jpJVN#42527152https://jvn.jp/en/jp/JVN42527152/2023-08-07T15:30:00+09:002023-08-07T15:30:00+09:002023-08-07T15:30:00+09:00Multiple vulnerabilities in Special Interest Group Network for Analysis and Liaison's API
https://jvn.jp/en/jp/JVN83334799/
Special Interest Group Network for Analysis and Liaison's API provided by Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#83334799https://jvn.jp/en/jp/JVN83334799/2023-08-07T12:00:00+09:002023-08-07T12:00:00+09:002023-08-07T12:00:00+09:00Fujitsu Software Infrastructure Manager (ISM) stores sensitive information in cleartext
https://jvn.jp/en/jp/JVN38847224/
Fujitsu Software Infrastructure Manager (ISM) provided by Fujitsu Limited, with a certain configuration, stores sensitive information in cleartext form.JVNjvn@jvn.jpJVN#38847224https://jvn.jp/en/jp/JVN38847224/2023-08-04T14:00:00+09:002023-08-04T14:00:00+09:002023-08-04T14:00:00+09:00SEIKO EPSON printer Web Config vulnerable to denial-of-service (DoS)
https://jvn.jp/en/jp/JVN61337171/
SEIKO EPSON printer Web Config contains a denial-of-service (DoS) vulnerability due to improper input validation.JVNjvn@jvn.jpJVN#61337171https://jvn.jp/en/jp/JVN61337171/2023-08-02T14:00:00+09:002023-08-02T14:00:00+09:002023-08-02T14:00:00+09:00Fujitsu Real-time Video Transmission Gear "IP series" uses a hard-coded credentials
https://jvn.jp/en/jp/JVN95727578/
Real-time Video Transmission Gear "IP series" provided by Fujitsu Limited uses a hard-coded credentials.JVNjvn@jvn.jpJVN#95727578https://jvn.jp/en/jp/JVN95727578/2023-07-26T15:00:00+09:002023-07-26T15:00:00+09:002023-07-26T15:00:00+09:00Improper restriction of XML external entity references (XXE) in Applicant Programme
https://jvn.jp/en/jp/JVN37857022/
Applicant Programme provided by The Ministry of Justice improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#37857022https://jvn.jp/en/jp/JVN37857022/2023-07-24T12:00:00+09:002023-07-24T12:00:00+09:002023-07-24T12:00:00+09:00GBrowse vulnerable to unrestricted upload of files with dangerous types
https://jvn.jp/en/jp/JVN35897618/
GBrowse is vulnerable to unrestricted upload of files with dangerous types.JVNjvn@jvn.jpJVN#35897618https://jvn.jp/en/jp/JVN35897618/2023-07-21T12:00:00+09:002023-07-21T12:00:00+09:002023-07-21T12:00:00+09:00Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"
https://jvn.jp/en/jp/JVN90560760/
WordPress Plugin "TS Webfonts for SAKURA" provided by SAKURA internet Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#90560760https://jvn.jp/en/jp/JVN90560760/2023-07-20T12:00:00+09:002023-07-20T12:00:00+09:002023-07-20T12:00:00+09:00Improper restriction of XML external entity references (XXE) in XBRL data create application
https://jvn.jp/en/jp/JVN44726469/
XBRL data create application provided by Financial Services Agency improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#44726469https://jvn.jp/en/jp/JVN44726469/2023-07-18T14:00:00+09:002023-07-18T14:00:00+09:002023-07-18T14:00:00+09:00Multiple vulnerabilities in multiple ELECOM wireless LAN routers and wireless LAN repeaters
https://jvn.jp/en/jp/JVN05223215/
Multiple ELECOM wireless LAN routers and wireless LAN repeaters provided by ELECOM CO.,LTD. contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#05223215https://jvn.jp/en/jp/JVN05223215/2023-07-11T12:00:00+09:002023-07-11T12:00:00+09:002023-07-11T12:00:00+09:00Multiple vulnerabilities in SoftEther VPN and PacketiX VPN
https://jvn.jp/en/jp/JVN64316789/
SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities in VPN Client function, and Dynamic DNS Client function included in the VPN server.JVNjvn@jvn.jpJVN#64316789https://jvn.jp/en/jp/JVN64316789/2023-07-03T12:00:00+09:002023-07-03T12:00:00+09:002023-07-03T12:00:00+09:00"NewsPicks" App uses a hard-coded API key for an external service
https://jvn.jp/en/jp/JVN32739265/
"NewsPicks" App uses a hard-coded API key for an external service.JVNjvn@jvn.jpJVN#32739265https://jvn.jp/en/jp/JVN32739265/2023-06-30T12:00:00+09:002023-06-30T12:00:00+09:002023-06-30T12:00:00+09:00WordPress Plugin "Snow Monkey Forms" vulnerable to directory traversal
https://jvn.jp/en/jp/JVN97127032/
WordPress Plugin "Snow Monkey Forms" provided by Monkey Wrench Inc. contains a directory traversal vulnerability.JVNjvn@jvn.jpJVN#97127032https://jvn.jp/en/jp/JVN97127032/2023-06-27T12:00:30+09:002023-06-27T12:00:30+09:002023-06-27T12:00:30+09:00Multiple vulnerabilities in WAVLINK WL-WN531AX2
https://jvn.jp/en/jp/JVN78634340/
WL-WN531AX2 provided by WAVLINK TECHNOLOGY Ltd. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#78634340https://jvn.jp/en/jp/JVN78634340/2023-06-27T12:00:15+09:002023-06-27T12:00:15+09:002023-06-27T12:00:15+09:00Multiple vulnerabilities in Aterm series
https://jvn.jp/en/jp/JVN38343415/
Aterm series provided by NEC Corporation contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#38343415https://jvn.jp/en/jp/JVN38343415/2023-06-27T12:00:00+09:002023-06-27T12:00:00+09:002023-06-27T12:00:00+09:00Multiple vulnerabilities in Pleasanter
https://jvn.jp/en/jp/JVN97818024/
Pleasanter provided by Implem Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#97818024https://jvn.jp/en/jp/JVN97818024/2023-06-22T14:00:00+09:002023-06-22T14:00:00+09:002023-06-22T14:00:00+09:00SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)
https://jvn.jp/en/jp/JVN70502982/
Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service (ReDoS) vulnerability.JVNjvn@jvn.jpJVN#70502982https://jvn.jp/en/jp/JVN70502982/2023-06-20T14:00:00+09:002023-06-20T14:00:00+09:002023-06-20T14:00:00+09:00Multiple vulnerabilities in Panasonic AiSEG2
https://jvn.jp/en/jp/JVN19748237/
Panasonic AiSEG2 contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#19748237https://jvn.jp/en/jp/JVN19748237/2023-06-16T12:00:00+09:002023-06-16T12:00:00+09:002023-06-16T12:00:00+09:00Chatwork Desktop Application (Mac) vulnerable to code injection
https://jvn.jp/en/jp/JVN96828492/
Chatwork Desktop Application (Mac) contains a code injection vulnerability.JVNjvn@jvn.jpJVN#96828492https://jvn.jp/en/jp/JVN96828492/2023-06-13T12:00:00+09:002023-06-13T12:00:00+09:002023-06-13T12:00:00+09:00"WPS Office" vulnerable to OS command injection
https://jvn.jp/en/jp/JVN36060509/
"WPS Office" which was provided by KINGSOFT JAPAN, INC. contains an OS command injection vulnerability.JVNjvn@jvn.jpJVN#36060509https://jvn.jp/en/jp/JVN36060509/2023-06-12T12:00:00+09:002023-06-12T12:00:00+09:002023-06-12T12:00:00+09:00ASUS Router RT-AX3000 vulnerable to using sensitive cookies without 'Secure' attribute
https://jvn.jp/en/jp/JVN34232595/
ASUS Router RT-AX3000 uses sensitive cookies without 'Secure' attribute.JVNjvn@jvn.jpJVN#34232595https://jvn.jp/en/jp/JVN34232595/2023-06-09T12:00:15+09:002023-06-09T12:00:15+09:002023-06-09T12:00:15+09:00Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT
https://jvn.jp/en/jp/JVN28412757/
Wi-Fi AP UNIT provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#28412757https://jvn.jp/en/jp/JVN28412757/2023-06-09T12:00:00+09:002023-06-09T12:00:00+09:002023-06-09T12:00:00+09:00"Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification
https://jvn.jp/en/jp/JVN33836375/
"Jiyu Kukan Toku-Toku coupon" App is vulnerable to improper server certificate verification.JVNjvn@jvn.jpJVN#33836375https://jvn.jp/en/jp/JVN33836375/2023-06-01T14:00:00+09:002023-06-01T14:00:00+09:002023-06-01T14:00:00+09:00Pleasanter vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN62111727/
Pleasanter provided by Implem Inc. contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#62111727https://jvn.jp/en/jp/JVN62111727/2023-05-31T12:00:15+09:002023-05-31T12:00:15+09:002023-05-31T12:00:15+09:00DataSpider Servista uses a hard-coded cryptographic key
https://jvn.jp/en/jp/JVN38222042/
DataSpider Servista provided by SAISON INFORMATION SYSTEMS CO.,LTD. uses a hard-coded cryptographic key.JVNjvn@jvn.jpJVN#38222042https://jvn.jp/en/jp/JVN38222042/2023-05-31T12:00:00+09:002023-05-31T12:00:00+09:002023-05-31T12:00:00+09:00Starlette vulnerable to directory traversal
https://jvn.jp/en/jp/JVN95981715/
Starlette contains a directory traversal vulnerability.JVNjvn@jvn.jpJVN#95981715https://jvn.jp/en/jp/JVN95981715/2023-05-30T12:00:00+09:002023-05-30T12:00:00+09:002023-05-30T12:00:00+09:00ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal
https://jvn.jp/en/jp/JVN19243534/
ESS REC Agent Server Edition for Linux etc. contain a directory traversal vulnerability.JVNjvn@jvn.jpJVN#19243534https://jvn.jp/en/jp/JVN19243534/2023-05-26T12:00:00+09:002023-05-26T12:00:00+09:002023-05-26T12:00:00+09:00Wacom Tablet Driver installer for macOS vulnerable to improper link resolution before file access
https://jvn.jp/en/jp/JVN90278893/
Wacom Tablet Driver installer for macOS contains an improper link resolution before file access vulnerability.JVNjvn@jvn.jpJVN#90278893https://jvn.jp/en/jp/JVN90278893/2023-05-25T12:00:00+09:002023-05-25T12:00:00+09:002023-05-25T12:00:00+09:00Tornado vulnerable to open redirect
https://jvn.jp/en/jp/JVN45127776/
Tornado contains an open redirect vulnerability.JVNjvn@jvn.jpJVN#45127776https://jvn.jp/en/jp/JVN45127776/2023-05-22T12:00:00+09:002023-05-22T12:00:00+09:002023-05-22T12:00:00+09:00Multiple vulnerabilities in T&D and ESPEC MIC data logger products
https://jvn.jp/en/jp/JVN14778242/
Multiple data logger products provided by T&D Corporation and ESPEC MIC CORP. contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#14778242https://jvn.jp/en/jp/JVN14778242/2023-05-19T14:00:00+09:002023-05-19T14:00:00+09:002023-05-19T14:00:00+09:00Qrio Smart Lock Q-SL2 vulnerable to authentication bypass by capture-replay
https://jvn.jp/en/jp/JVN48687031/
Qrio Smart Lock Q-SL2 provided by Qrio, inc. contains an authentication bypass by capture-replay vulnerability.JVNjvn@jvn.jpJVN#48687031https://jvn.jp/en/jp/JVN48687031/2023-05-18T12:00:00+09:002023-05-18T12:00:00+09:002023-05-18T12:00:00+09:00Multiple vulnerabilities in Cybozu Garoon
https://jvn.jp/en/jp/JVN41694426/
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#41694426https://jvn.jp/en/jp/JVN41694426/2023-05-15T12:00:15+09:002023-05-15T12:00:15+09:002023-05-15T12:00:15+09:00Multiple vulnerabilities in WordPress Plugin "MW WP Form" and "Snow Monkey Forms"
https://jvn.jp/en/jp/JVN01093915/
WordPress Plugin "MW WP Form" and "Snow Monkey Forms" provided by Monkey Wrench Inc. contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#01093915https://jvn.jp/en/jp/JVN01093915/2023-05-15T12:00:00+09:002023-05-15T12:00:00+09:002023-05-15T12:00:00+09:00Beekeeper Studio vulnerable to code injection
https://jvn.jp/en/jp/JVN11705010/
Beekeeper Studio contains a code injection vulnerability.JVNjvn@jvn.jpJVN#11705010https://jvn.jp/en/jp/JVN11705010/2023-05-12T12:00:00+09:002023-05-12T12:00:00+09:002023-05-12T12:00:00+09:00Multiple vulnerabilities in MicroEngine Mailform
https://jvn.jp/en/jp/JVN31701509/
MicroEngine Mailform provided by MicroEngine Inc. contains multiple vulnerabilities.JVNjvn@jvn.jpJVN#31701509https://jvn.jp/en/jp/JVN31701509/2023-05-10T12:00:00+09:002023-05-10T12:00:00+09:002023-05-10T12:00:00+09:00WordPress Plugin "Newsletter" vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN59341308/
WordPress Plugin "Newsletter" contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#59341308https://jvn.jp/en/jp/JVN59341308/2023-05-09T12:00:30+09:002023-05-09T12:00:30+09:002023-05-09T12:00:30+09:00WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN95792402/
WordPress Plugin "VK Blocks" and "VK All in One Expansion Unit" contain multiple cross-site scripting vulnerabilities.JVNjvn@jvn.jpJVN#95792402https://jvn.jp/en/jp/JVN95792402/2023-05-09T12:00:15+09:002023-05-09T12:00:15+09:002023-05-09T12:00:15+09:00SR-7100VN vulnerable to privilege escalation
https://jvn.jp/en/jp/JVN80476232/
SR-7100VN contains a privilege escalation vulnerability.JVNjvn@jvn.jpJVN#80476232https://jvn.jp/en/jp/JVN80476232/2023-05-09T12:00:00+09:002023-05-09T12:00:00+09:002023-05-09T12:00:00+09:00JINS MEME CORE uses a hard-coded cryptographic key
https://jvn.jp/en/jp/JVN13306058/
JINS MEME CORE provided by JINS Inc. uses a hard-coded cryptographic key.JVNjvn@jvn.jpJVN#13306058https://jvn.jp/en/jp/JVN13306058/2023-05-08T14:00:15+09:002023-05-08T14:00:15+09:002023-05-08T14:00:15+09:00LINE WORKS Drive Explorer vulnerable to code injection
https://jvn.jp/en/jp/JVN01937209/
LINE WORKS Drive Explorer contains a code injection vulnerability.JVNjvn@jvn.jpJVN#01937209https://jvn.jp/en/jp/JVN01937209/2023-05-08T14:00:00+09:002023-05-08T14:00:00+09:002023-05-08T14:00:00+09:00WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN00971105/
WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#00971105https://jvn.jp/en/jp/JVN00971105/2023-04-24T12:00:00+09:002023-04-24T12:00:00+09:002023-04-24T12:00:00+09:00Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft
https://jvn.jp/en/jp/JVN73178249/
Shinseiyo Sogo Soft provided by The Ministry of Justice improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#73178249https://jvn.jp/en/jp/JVN73178249/2023-04-19T14:00:00+09:002023-04-19T14:00:00+09:002023-04-19T14:00:00+09:00WordPress plugin "LIQUID SPEECH BALLOON” vulnerable to cross-site request forgery
https://jvn.jp/en/jp/JVN99657911/
WordPress plugin "LIQUID SPEECH BALLOON” contains a cross-site request forgery vulnerability.JVNjvn@jvn.jpJVN#99657911https://jvn.jp/en/jp/JVN99657911/2023-04-19T12:00:15+09:002023-04-19T12:00:15+09:002023-04-19T12:00:15+09:00EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass
https://jvn.jp/en/jp/JVN50862842/
EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" provided by NE Inc. contains an authentication bypass vulnerability.JVNjvn@jvn.jpJVN#50862842https://jvn.jp/en/jp/JVN50862842/2023-04-19T12:00:00+09:002023-04-19T12:00:00+09:002023-04-19T12:00:00+09:00API server of TONE Family vulnerable to authentication bypass using an alternate path
https://jvn.jp/en/jp/JVN14492006/
API server of TONE Family provided by DREAM TRAIN INTERNET INC. contains an authentication bypass vulnerability using an alternate path.JVNjvn@jvn.jpJVN#14492006https://jvn.jp/en/jp/JVN14492006/2023-04-17T12:00:15+09:002023-04-17T12:00:15+09:002023-04-17T12:00:15+09:00Joruri Gw vulnerable to cross-site scripting
https://jvn.jp/en/jp/JVN87559956/
Joruri Gw provided by SiteBridge Inc. contains a cross-site scripting vulnerability.JVNjvn@jvn.jpJVN#87559956https://jvn.jp/en/jp/JVN87559956/2023-04-17T12:00:00+09:002023-04-17T12:00:00+09:002023-04-17T12:00:00+09:00JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor
https://jvn.jp/en/jp/JVN36340790/
JB Inquiry form contains an exposure of private personal information to an unauthorized actor vulnerability.JVNjvn@jvn.jpJVN#36340790https://jvn.jp/en/jp/JVN36340790/2023-04-14T14:00:15+09:002023-04-14T14:00:15+09:002023-04-14T14:00:15+09:00Trend Micro Security may insecurely load Dynamic Link Libraries
https://jvn.jp/en/jp/JVN76257155/
Trend Micro Security provided by Trend Micro Incorporated may insecurely load Dynamic Link Libraries.JVNjvn@jvn.jpJVN#76257155https://jvn.jp/en/jp/JVN76257155/2023-04-14T14:00:00+09:002023-04-14T14:00:00+09:002023-04-14T14:00:00+09:00Multiple vulnerabilities in JustSystems products
https://jvn.jp/en/jp/JVN79149117/
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#79149117https://jvn.jp/en/jp/JVN79149117/2023-04-04T12:00:15+09:002023-04-04T12:00:15+09:002023-04-04T12:00:15+09:00Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool
https://jvn.jp/en/jp/JVN75742861/
National land numerical information data conversion tool provided by Ministry of Land, Infrastructure, Transport and Tourism, Japan (MLIT) improperly restricts XML external entity references (XXE).JVNjvn@jvn.jpJVN#75742861https://jvn.jp/en/jp/JVN75742861/2023-04-04T12:00:00+09:002023-04-04T12:00:00+09:002023-04-04T12:00:00+09:00HAProxy vulnerable to HTTP request/response smuggling
https://jvn.jp/en/jp/JVN38170084/
HAProxy contains a HTTP request/response smuggling vulnerability.JVNjvn@jvn.jpJVN#38170084https://jvn.jp/en/jp/JVN38170084/2023-03-31T12:00:15+09:002023-03-31T12:00:15+09:002023-03-31T12:00:15+09:00Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210
https://jvn.jp/en/jp/JVN40604023/
SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities.JVNjvn@jvn.jpJVN#40604023https://jvn.jp/en/jp/JVN40604023/2023-03-31T12:00:00+09:002023-03-31T12:00:00+09:002023-03-31T12:00:00+09:00