Vulnerability Reports JP

2019

2019/10/15 JVN#74530672:

NetCommons3 vulnerable to cross-site scripting

2019/10/11 JVN#14776551:

Multiple vulnerabilities in WordPress Plugin "wpDataTables Lite"

2019/10/07 JVN#59436681:

Multiple vulnerabilities in EC-CUBE module "REMISE Payment module (2.11, 2.12 and 2.13)"

2019/10/07 JVN#95875796:

Multiple OS command injection vulnerabilities in DBA-1510P

2019/09/19 JVN#97845465:

Multiple integer overflow vulnerabilities in LINE(Android)

2019/09/13 JVN#11708203:

Multiple buffer overflow vulnerabilities in multiple Ricoh printers and Multifunction Printers (MFPs)

2019/09/12 JVN#39383894:

apng-drawable vulnerable to integer overflow

2019/09/10 JVN#74699196:

SHIRASAGI vulnerable to open redirect

2019/09/02 JVN#93833849:

Panasonic Video Insight VMS vulnerable to SQL injection

2019/08/26 JVN#71877187:

Cybozu Garoon vulnerable to SQL injection

2019/08/23 JVN#17127920:

Smart TV Box fails to restrict access permissions

2019/08/15 JVN#07679150:

ApeosWare Management Suite and ApeosWare Management Suite 2 contain open redirect vulnerability

2019/08/07 JVN#29343839:

EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting

2019/07/31 JVN#94889214:

Central Dogma vulnerable to cross-site scripting

2019/07/18 JVN#92510087:

WordPress Plugin "Category Specific RSS feed Subscription" vulnerable to cross-site request forgery

2019/07/16 JVN#48981892:

WordPress Plugin "WordPress Ultra Simple Paypal Shopping Cart" vulnerable to cross-site request forgery

2019/07/16 JVN#62618482:

Multiple vulnerabilities in Cybozu Garoon

2019/07/10 JVN#75617741:

Intel Dual Band Wireless-AC 8260 vulnerable to denial-of-service (DoS)

2019/07/05 JVN#37230341:

Multiple vulnerabilities in Access analysis CGI An-Analyzer

2019/07/01 JVN#28218613:

The management console of iDoors Reader vulnerable to authentication bypass

2019/06/27 JVN#43172719:

Multiple vulnerabilities in Hikari Denwa router/Home GateWay

2019/06/24 JVN#29933378:

WordPress Plugin "Custom CSS Pro" vulnerable to cross-site request forgery

2019/06/24 JVN#49575131:

WordPress Plugin ”HTML5 Maps” vulnerable to cross-site request forgery

2019/06/21 JVN#13555032:

Multiple vulnerabilities in VAIO Update

2019/06/19 JVN#88804335:

WordPress Plugin "Personalized WooCommerce Cart Page” vulnerable to cross-site request forgery

2019/06/17 JVN#31406910:

WordPress Plugin "Related YouTube Videos" vulnerable to cross-site request forgery

2019/06/13 JVN#89046645:

A map plugin for Minecraft server "Dynmap" fails to restrict access permissions

2019/06/12 JVN#80925867:

WordPress Plugin "Contest Gallery” vulnerable to cross-site request forgery

2019/06/10 JVN#96988995:

Multiple vulnerabilities in WordPress Plugin "Online Lesson Booking"

2019/06/10 JVN#95685939:

Multiple vulnerabilities in WordPress Plugin "Attendance Manager"

2019/06/07 JVN#84876282:

Multiple vulnerabilities in GROWI

2019/06/07 JVN#29188908:

Joruri CMS 2017 vulnerable to cross-site scripting

2019/06/07 JVN#58052567:

Multiple vulnerabilities in Joruri Mail

2019/05/31 JVN#88962935:

Multiple vulnerabilities in WordPress Plugin "Zoho SalesIQ"

2019/05/24 JVN#57806517:

Android App "Tootdon for Mastodon" fails to verify SSL server certificates

2019/05/23 JVN#33652328:

WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery

2019/05/22 JVN#71498764:

Apache Camel vulnerable to XML external entity injection (XXE)

2019/05/10 JVN#69903953:

Electronic reception and examination of application for radio licenses Offline may insecurely load Dynamic Link Libraries

2019/05/10 JVN#91361851:

Installer of Electronic reception and examination of application for radio licenses Online may insecurely load Dynamic Link Libraries

2019/05/10 JVN#87655507:

CREATE SD official App for Android fails to restrict access permissions

2019/04/25 JVN#58849431:

Multiple vulnerabilities in Cybozu Garoon

2019/04/03 JVN#25261088:

GNU Wget vulnerable to buffer overflow

2019/04/01 JVN#01119243:

API server used by JR East Japan train operation information push notification App for Android fails to restrict access permissions

2019/03/27 JVN#63981842:

PowerAct Pro Master Agent for Windows fails to restrict acess permissions

2019/03/19 JVN#60497148:

"an" App for iOS vulnerable to directory traversal

2019/03/15 JVN#06527859:

KinagaCMS vulnerable to cross-site scripting

2019/03/12 JVN#11622218:

iChain Insurance Wallet App for iOS vulnerable to directory traversal

2019/03/05 JVN#40288903:

Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting

2019/02/28 JVN#79543573:

The installer of Microsoft Teams may insecurely load Dynamic Link Libraries

2019/02/28 JVN#97656108:

WordPress plugin "Smart Forms" vulnerable to cross-site request forgery

2019/02/28 JVN#69181574:

Windows 7 may insecurely load Dynamic Link Libraries

2019/02/27 JVN#56542712:

Multiple vulnerabilities in Nablarch

2019/02/26 JVN#83501605:

WordPress plugin "FormCraft" vulnerable to cross-site request forgery

2019/02/20 JVN#05875753:

azure-umqtt-c vulnerable to denial-of-service (DoS)

2019/02/18 JVN#50810870:

Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries

2019/02/12 JVN#40439414:

A vulnerability in V20 PRO L-01J that may cause a crash

2019/02/06 JVN#43193964:

OpenAM (Open Source Edition) vulnerable to open redirect

2019/02/05 JVN#63860183:

POWER EGG vulnerability where EL expression may be executed

2019/01/31 JVN#83826673:

The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries

2019/01/31 JVN#52168232:

UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries

2019/01/24 JVN#98505783:

HOUSE GATE App for iOS vulnerable to directory traversal

2019/01/10 JVN#58010349:

WordPress plugin "spam-byebye" vulnerable to cross-site scripting

2018

2018/12/26 JVN#96493183:

GROWI vulnerable to cross-site scripting

2018/12/25 JVN#33677949:

Installer of Mapping Tool may insecurely load Dynamic Link Libraries

2018/12/25 JVN#27052429:

WordPress plugin "Google XML Sitemaps" vulnerable to cross-site scripting

2018/12/21 JVN#13199224:

PgpoolAdmin fails to restrict access permissions

2018/12/21 JVN#69812763:

cordova-plugin-ionic-webview vulnerable to path traversal

2018/12/19 JVN#99810718:

Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway

2018/12/14 JVN#87535892:

Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR

2018/12/10 JVN#25385698:

Cybozu Garoon access restriction bypass vulnerability

2018/12/10 JVN#23161885:

Multiple vulnerabilities in Cybozu Remote Service

2018/12/07 JVN#32155106:

Multiple vulnerabilities in i-FILTER

2018/12/06 JVN#89767228:

Multiple vulnerabilities in multiple SEIKO EPSON printers and scanners

2018/11/29 JVN#36895151:

Panasonic applications register unquoted service paths

2018/11/28 JVN#25359688:

EC-CUBE vulnerable to open redirect

2018/11/28 JVN#78422300:

The installer of MARKET SPEED may insecurely load Dynamic Link Libraries

2018/11/27 JVN#55263945:

Multiple vulnerabilities in RICOH Interactive Whiteboard

2018/11/20 JVN#65082538:

Multiple vulnerabilities in Panasonic BN-SDWBP3

2018/11/14 JVN#16697622:

Cybozu Dezie vulnerable to directory traversal

2018/11/14 JVN#15232217:

Multiple directory traversal vulnerabilities in Cybozu Office

2018/11/14 JVN#83739174:

Cybozu Mailwise vulnerable to directory traversal

2018/11/09 JVN#85760090:

Multiple vulnerabilities in WordPress plugin "LearnPress"

2018/11/09 JVN#15709478:

The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries

2018/11/02 JVN#75738023:

WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting

2018/11/02 JVN#96551318:

Mail app for iOS vulnerable to denial-of-service (DoS)

2018/10/29 JVN#37943805:

Confluence Server vulnerable to script injection

2018/10/26 JVN#59394343:

Multiple vulnerabilities in OpenDolphin

2018/10/24 JVN#21528670:

SecureCore Standard Edition vulnerable to authentication bypass

2018/10/24 JVN#60702986:

BlueStacks App Player fails to restrict access permissions

2018/10/19 JVN#58005743:

Web Isolation vulnerable to cross-site scripting

2018/10/19 JVN#36343375:

Multiple vulnerabilities in YukiWiki