Japan Vulnerability Notes

(COMPLETED) The scheduled system maintenance for JVN iPedia and Vulnerability Report Web Form (2026-02-09)

Past Announcements

Recent Vulnerability Notes

JVN#20837860:

Multiple vulnerabilities in baserCMS [March 27, 2026 12:00]

JVN#48058823:

WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting [March 27, 2026 12:00]

JVN#83788689:

Multiple vulnerabilities in BUFFALO Wi-Fi routers [March 27, 2026 12:00]

JVN#49524110:

SHARP routers missing authentication for some web APIs [March 27, 2026 09:00]

JVN#08057419:

Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows [March 26, 2026 12:00]

JVN#18035227:

Digital Photo Frame GH-WDF10A vulnerable to improper access restriction [March 26, 2026 12:00]

JVN#19505323:

Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries [March 25, 2026 12:00]

JVN#90835713:

SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths [March 25, 2026 12:00]

JVNVU#95093977:

Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) [March 19, 2026 13:00]

JVN#96706146:

Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries [March 17, 2026 12:00]

JVN#46373837:

Missing authorization in the OpenAI thread/message API endpoints of GROWI [March 16, 2026 14:00]

JVN#22152812:

OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection [March 16, 2026 12:00]

JVNVU#98103854:

Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 [March 11, 2026 14:00]

JVN#17307628:

Improper file access permission settings in multiple Digital Arts products [March 09, 2026 15:15]

JVN#11676807:

Installer for Qsee Client may insecurely load Dynamic Link Libraries [March 09, 2026 12:00]

Past Vulnerability Notes

JVNTR-2011-05:: Apache HTTPD 1.3/2.x Range header DoS vulnerability (CVE-2011-3192, JVNVU#405811)

JVNTR-2011-02:: Java Double.parseDouble denial of service (Aka. "2.2250738585072011e-308" issue ) (CVE-2010-4476)

JVNTR-2011-01:: Microsoft Windows graphics engine thumbnail stack buffer overflow (CVE-2010-3970, JVNVU#106516)

JVNTR-2010-26:: Apple Quicktime Updates for Multiple Vulnerabilities (CVE-2010-1818, JVNVU#997815)

JVNTR-2010-25:: Adobe Flash Vulnerabilities (CVE-2010-2884, TA10-263A)

JVN provided by
JPCERT/CC
IPA

Related Associations
JEITA
JISA
CSAJ
JNSA

Partners
CERT/CC
CPNI