Japan Vulnerability Notes

The content of ”Instructions" is updated (2021-04-16)

Past Announcements

Recent Vulnerability Notes

JVN#70566757:

WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting [June 11, 2021 12:00]

JVNVU#92417259:

Multiple vulnerabilities in Trend Micro Home Network Security [June 09, 2021 10:00]

JVNVU#92413403:

urllib3 vulnerable to Regular expression Denial-of-Service (ReDoS) [June 07, 2021 11:00]

JVN#64064138:

ATOM - Smart life App vulnerable to improper server certificate verification [June 03, 2021 12:00]

JVN#91691168:

goo blog App fails to restrict custom URL schemes properly [June 02, 2021 12:00]

JVN#98239374:

Zettlr vulnerable to cross-site scripting [June 02, 2021 10:00]

JVNVU#92862829:

Multiple vulnerabilities in Buffalo WSR-1166DHP3 and WSR-1166DHP4 routers [May 31, 2021 16:30]

JVNVU#93332929:

Multiples security updates for multiple Trend Micro products (May 2021) [May 31, 2021 16:00]

JVN#54025691:

Gurunavi Apps fail to restrict access permissions [May 24, 2021 12:00]

JVN#53910556:

Multiple cross-site scripting vulnerabilities in multiple PHP Factory products [May 21, 2021 12:00]

JVN#78254777:

Installer of Overwolf may insecurely load Dynamic Link Libraries [May 21, 2021 12:00]

JVN#74686032:

QND vulnerable to privilege escalation [May 21, 2021 12:00]

JVN#65733194:

The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries [May 21, 2021 12:00]

JVN#49704918:

mod_auth_openidc vulnerable to denial-of-service (DoS) [May 14, 2021 12:00]

JVN#71263107:

Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points [May 14, 2021 12:00]

Past Vulnerability Notes

JVNTR-2011-05:: Apache HTTPD 1.3/2.x Range header DoS vulnerability (CVE-2011-3192, JVNVU#405811)

JVNTR-2011-02:: Java Double.parseDouble denial of service (Aka. "2.2250738585072011e-308" issue ) (CVE-2010-4476)

JVNTR-2011-01:: Microsoft Windows graphics engine thumbnail stack buffer overflow (CVE-2010-3970, JVNVU#106516)

JVNTR-2010-26:: Apple Quicktime Updates for Multiple Vulnerabilities (CVE-2010-1818, JVNVU#997815)

JVNTR-2010-25:: Adobe Flash Vulnerabilities (CVE-2010-2884, TA10-263A)

JVN provided by
JPCERT/CC
IPA

Related Associations
JEITA
JISA
CSAJ
JNSA

Partners
CERT/CC
CPNI