Vulnerability Reports JP

past 12 months ｜2020 ｜2019 ｜2018 ｜2017 ｜2016 ｜2015 ｜2014 ｜2013 ｜2012 ｜2011 ｜2010 ｜2009 ｜2008 ｜2007

2021

2021/04/14 JVN#54025691:: Gurunavi Apps fail to restrict access permissions

2021/04/09 JVN#29739718:: Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP

2021/04/09 JVN#67456944:: Multiple vulnerabilities in multiple Aterm products

2021/04/01 JVN#73236007:: Archive collectively operation utility vulnerable to directory traversal

2021/03/26 JVN#64869876:: Multiple vulnerabilities in baserCMS

2021/03/25 JVN#68244135:[Unreachable]: rNote vulnerable to cross-site scripting

2021/03/25 JVN#94705238:[Unreachable]: Yomi-Search vulnerable to cross-site scripting

2021/03/25 JVN#83042295:[Unreachable]: Yomi-Search vulnerable to cross-site scripting

2021/03/25 JVN#37179202:[Unreachable]: Yomi-Search vulnerable to cross-site scripting

2021/03/25 JVN#93207949:[Unreachable]: Click Ranker vulnerable to cross-site scripting

2021/03/25 JVN#11438679:[Unreachable]: Kagemai vulnerable to cross-site request forgery

2021/03/25 JVN#42220311:[Unreachable]: Kagemai vulnerable to cross-site scripting

2021/03/25 JVN#12559271:[Unreachable]: Kagemai vulnerable to cross-site scripting

2021/03/25 JVN#97370614:[Unreachable]: MagazinegerZ vulnerable to cross-site scripting

2021/03/22 JVN#12737530:: UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS)

2021/03/19 JVN#37607293:: Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS)

2021/03/17 JVN#08191557:: WordPress plugin "Paid Memberships Pro" vulnerable to SQL injection

2021/03/15 JVN#45797538:: Multiple vulnerabilities in Cybozu Office

2021/03/12 JVN#47497535:: M-System DL8 contains multiple vulnerabilities

2021/03/11 JVN#18056666:: Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries

2021/03/10 JVN#86438134:: Multiple cross-site scripting vulnerabilities in GROWI

2021/03/05 JVN#68418039:: The installers of E START products may insecurely load Dynamic Link Libraries

2021/02/24 JVN#66542874:: Multiple cross-site scripting vulnerabilities in Movable Type

2021/02/19 JVN#37417423:: Multiple vulnerabilities in SolarView Compact

2021/02/16 JVN#58774946:[Critical]: FileZen vulnerable to OS command injection

2021/02/15 JVN#87164507:: Calsos CSDJ fails to restrict access permissions

2021/02/10 JVN#80785288:: Wekan vulnerable to cross-site scripting

2021/02/05 JVN#50470170:: WordPress Plugin "Name Directory" vulnerable to cross-site request forgery

2021/02/04 JVN#42252698:: Panasonic Video Insight VMS vulnerable to arbitrary code execution

2021/01/27 JVN#41853173:: OS command injection vulnerability in multiple Infoscience Corporation log management tools

2021/01/26 JVN#96783542:: Multiple vulnerabilities in multiple LOGITEC products

2021/01/26 JVN#98115035:: Android App "ELECOM File Manager" vulnerable to directory traversal

2021/01/26 JVN#47580234:: Multiple vulnerabilities in multiple ELECOM products

2021/01/22 JVN#38248512:: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2

2021/01/19 JVN#57544707:: GROWI vulnerable to cross-site scripting

2021/01/14 JVN#35906450:: Multiple vulnerabilities in acmailer

2021/01/12 JVN#69635538:: The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries

2021/01/04 JVN#38752718:: Multiple NEC Products vulnerable to authentication bypass

2021/01/04 JVN#38784555:: Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series

2020

2020/12/18 JVN#10100024:: Management software for NEC Storage disk array system vulnerable to improper server certificate verification

2020/12/18 JVN#94244575:: Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

2020/12/15 JVN#94169589:: Multiple vulnerabilities in GROWI

2020/12/11 JVN#55917325:: Multiple vulnerabilities in Aterm SA3500G

2020/12/11 JVN#43969166:: Apache Struts 2 vulnerable to remote code execution (S2-061)

2020/12/10 JVN#12884935:: FileZen vulnerable to directory traversal

2020/12/07 JVN#59779918:: Apache Cordova Plugin camera vulnerable to information exposure

2020/12/03 JVN#24457594:: Multiple vulnerabilities in EC-CUBE

2020/12/03 JVN#42199826:: desknet's NEO vulnerable to cross-site scripting

2020/11/25 JVN#56450373:: Multiple vulnerabilities in GROWI

2020/11/24 JVN#27806339:: NETGEAR GS108Ev3 vulnerable to cross-site request forgery

2020/11/20 JVN#26835001:: The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

2020/11/19 JVN#90729322:: Hibernate ORM vulnerable to SQL injection

2020/11/18 JVN#94245475:: Movable Type Premium vulnerable to cross-site scripting

2020/11/12 JVN#44764844:: MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption

2020/11/05 JVN#00414047:: Studyplus App uses a hard-coded API key for an external service

2020/11/04 JVN#57942454:: Cybozu Garoon vulnerable to improper input validation

2020/10/21 JVN#31425618:: Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"

2020/10/14 JVN#92404841:: WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery

2020/10/05 JVN#82892096:: OS command injection vulnerability in multiple ELECOM LAN routers

2020/09/30 JVN#07426151:: InfoCage SiteShell installs their files with improper access permissions

2020/09/23 JVN#60093979:: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products

2020/09/17 JVN#31864411:: Multiple access restriction bypass vulnerabilities in UNIQLO App

2020/09/11 JVN#09166495:: Multiple vulnerabilities in Buffalo AirStation WHR-G54S

2020/09/07 JVN#32396594:: Yodobashi App for Android fails to restrict access permissions

2020/08/31 JVN#06446084:: CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)

2020/08/31 JVN#42665874:: "Shadankun Server Security Type" vulnerable to denial-of-service (DoS)

2020/08/28 JVN#29903998:: Multiple NETGEAR switching hubs vulnerable to cross-site request forgery

2020/08/27 JVN#40725650:: Multiple vulnerabilities in XOOPS module "XooNIps"

2020/08/26 JVN#77402327:: NITORI App fails to restrict access permissions

2020/08/25 JVN#50890770:: Apache Struts 2 vulnerable to denial-of-service (DoS)

2020/08/21 JVN#88315581:: Multiple cross-site scripting vulnerabilities in Exment

2020/08/11 JVN#46258789:: Multiple vulnerabilities in CyberMail

2020/08/03 JVN#25422698:[Critical]: SKYSEA Client View vulnerable to privilege escalation

2020/07/31 JVN#73169744:: Multiple vulnerabilities in multiple PHP Factory products

2020/07/31 JVN#84959128:: FANUC i Series CNC vulnerable to denial-of-service (DoS)

2020/07/29 JVN#40400577:: TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow

2020/07/28 JVN#48194211:: Multiple vulnerabilities in KonaWiki2 and KonaWiki3

2020/07/28 JVN#62161191:: JavaFX WebEngine does not properly restrict Java method execution

2020/07/22 JVN#05502028:: WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery

2020/07/09 JVN#55657988:: SHIRASAGI vulnerable to open redirect

2020/07/08 JVN#93167107:: Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object

2020/06/29 JVN#55497111:: Multiple vulnerabilities in Cybozu Garoon

2020/06/24 JVN#40039627:: Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution

2020/06/18 JVN#77458946:: EC-CUBE vulnerable to directory traversal

2020/06/11 JVN#32252648:: Multiple vulnerabilities in Zenphoto

2020/06/09 JVN#67447798:: Multiple SONY Wireless Headphones allow improper Bluetooth pairing

2020/06/05 JVN#40208370:: XACK DNS vulnerable to denial-of-service (DoS)

2020/05/29 JVN#78745667:: Multiples security updates for multiple Cybozu products

2020/05/25 JVN#59552136:: Cybozu Desktop for Windows vulenerable to arbitrary code execution

2020/05/19 JVN#20248858:: WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection

2020/05/19 JVN#96646182:: Panasonic Video Insight VMS vulnerable to arbitrary code execution

2020/05/13 JVN#41035278:: BookStack vulnerable to cross-site scripting

2020/05/13 JVN#28806943:: Multiple vulnerabilities in Movable Type

2020/05/11 JVN#61849442:: PALLET CONTROL vulnerable to arbitrary code execution

2020/04/28 JVN#47668991:: Sales Force Assistant vulnerable to cross-site scripting

2020/04/27 JVN#35649781:: Multiple vulnerabilities in Cybozu Garoon

2020/04/23 JVN#93064451:: Multiple SHARP Android devices vulnerable to information disclosure

2020/04/20 JVN#13467854:: Toshiba Electronic Devices & Storage software registers unquoted service paths