Vulnerability Reports JP

past 12 months ｜2024 ｜2023 ｜2022 ｜2021 ｜2020 ｜2019 ｜2018 ｜2017 ｜2016 ｜2015 ｜2014 ｜2013 ｜2012 ｜2011

2025

2025/07/16 JVN#44419726:: ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials

2025/07/07 JVN#88251376:: Multiple vulnerabilities in Nimesa Backup and Recovery

2025/07/02 JVN#89505333:: Multiple vulnerabilities in Active! mail

2025/06/30 JVN#24333956:: SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting

2025/06/26 JVN#92520966:: Multiple vulnerabilities in iroha Board

2025/06/26 JVN#09924566:: Denial-of-service (DoS) vulnerabilities in multiple Apache products

2025/06/24 JVN#21624250:: Inefficient regular expressions in GROWI

2025/06/24 JVN#39435597:: Multiple vulnerabilities in ELECOM wireless LAN routers

2025/06/18 JVN#46288336:: KCM3100 vulnerable to authentication bypass using an alternate path or channel

2025/06/13 JVN#27937557:: Multiple vulnerabilities in RICOH Streamline NX PC Client

2025/06/12 JVN#17860456:: UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

2025/06/06 JVN#10964289:: Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery

2025/06/03 JVN#37075430:: TimeWorks vulnerable to path traversal

2025/06/03 JVN#05562338:: Improper file access permission settings in PC Time Tracer

2025/05/30 JVN#51394666:: Multiple vulnerabilities in wivia 5

2025/05/26 JVN#39546799:: Mailform Pro CGI generating error messages containing sensitive information

2025/05/23 JVN#68079883:: Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox'

2025/05/15 JVN#06238225:: Pgpool-II vulnerable to authentication bypass by primary weakness

2025/05/12 JVN#20474768:: Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

2025/04/25 JVN#82536398:: Multiple vulnerabilities in Quick Agent

2025/04/24 JVN#84627857:: i-PRO Configuration Tool vulnerable to use of hard-coded cryptographic key

2025/04/18 JVN#22348866:[Critical]: Active! mail vulnerable to stack-based buffer overflow

2025/04/10 JVN#30641875:: Multiple vulnerabilities in BizRobo!

2025/04/03 JVN#59547048:: WinRAR vulnerable to the symbolic link based "Mark of the Web" check bypass

2025/04/02 JVN#17260367:: Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products

2025/04/01 JVN#87266215:: WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization

2025/03/28 JVN#66982699:[Critical]: a-blog cms vulnerable to untrusted data deserialization

2025/03/26 JVN#39026557:: Multiple vulnerabilities in PowerCMS

2025/03/25 JVN#26321838:: Multiple vulnerabilities in AssetView

2025/03/19 JVN#04278547:: Multiple vulnerabilities in home gateway HGW-BL1500HM

2025/03/18 JVN#11230428:: +F FS010M vulnerable to OS command injection

2025/03/12 JVN#19358384:: hostapd vulnerable to improper processing of RADIUS packets

2025/03/06 JVN#24992507:: Multiple vulnerabilities in RemoteView Agent (for Windows)

2025/02/19 JVN#91300609:: RevoWorks SCVX and RevoWorks Browser vulnerable to incorrect resource transfer between spheres

2025/02/19 JVN#48742353:: Multiple cross-site scripting vulnerabilities in Movable Type

2025/02/17 JVN#26024080:: Multiple vulnerabilities in The LuxCal Web Calendar

2025/02/14 JVN#96957439:: acmailer CGI and acmailer DB vulnerable to OS command injection

2025/02/14 JVN#65447879:: Multiple vulnerabilities in NEC Aterm series (NV25-003)

2025/02/13 JVN#80527854:: Multiple vulnerabilities in FileMegane

2025/02/12 JVN#84319378:: acmailer vulnerable to cross-site scripting

2025/02/05 JVN#66673020:: Multiple vulnerabilities in Defense Platform Home Edition

2025/02/04 JVN#94806805:: WordPress Plugin "Activity Log WinterLock" vulnerable to cross-site request forgery

2025/01/29 JVN#23839833:: SXF Common Library vulnerable to improper input data handling

2025/01/28 JVN#88046370:: WordPress Plugin "Simple Image Sizes" vulnerable to cross-site scripting

2025/01/27 JVN#05508012:: EXIF Viewer Classic vulnerable to cross-site scripting

2025/01/22 JVN#15293958:: Multiple vulnerabilities in I-O DATA router UD-LT2

2025/01/21 JVN#83855727:: FortiWeb vulnerable to SQL injection

2025/01/08 JVN#57428125:: PLANEX COMMUNICATIONS MZK-DP300N vulnerable to cross-site scripting

2024

2024/12/16 JVN#08430039:: "Shonen Jump+" App for Android fails to restrict custom URL schemes properly

2024/12/16 JVN#61635834:: Multiple vulnerabilities in SHARP routers

2024/12/04 JVN#46615026:[Critical]: Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX

2024/12/02 JVN#53958863:: Multiple vulnerabilities in UNIVERGE IX/IX-R/IX-V series routers

2024/11/29 JVN#43845108:: Multiple FCNT Android devices vulnerable to authentication bypass

2024/11/27 JVN#88385716:: HAProxy vulnerable to HTTP request/response smuggling

2024/11/26 JVN#87182660:: WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting

2024/11/20 JVN#16114985:: "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key

2024/11/15 JVN#36791327:: Multiple vulnerabilities in FitNesse

2024/11/13 JVN#05136799:: WordPress Plugin "VK All in One Expansion Unit" vulnerable to cross-site scripting

2024/10/31 JVN#87770340:: Stack-based buffer overflow vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

2024/10/30 JVN#11779839:: Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials

2024/10/28 JVN#78335885:: Chatwork Desktop Application (Windows) uses a potentially dangerous function

2024/10/25 JVN#00876083:: Multiple vulnerabilities in baserCMS

2024/10/18 JVN#41397971:: Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software

2024/10/18 JVN#57285747:: N-LINE vulnerable to HTML injection

2024/10/18 JVN#31982676:: MUSASI version 3 performing authentication on client-side

2024/10/15 JVN#58721679:: SHIRASAGI vulnerable to path traversal

2024/10/11 JVN#74538317:: Multiple vulnerabilities in Exment

2024/10/10 JVN#54676967:: baserCMS plugin "BurgerEditor" vulnerable to directory listing

2024/10/01 JVN#72148744:: Apache Tomcat improper handling of TLS handshake process data

2024/09/30 JVN#39280069:: RevoWorks Cloud vulnerable to unintended process execution

2024/09/30 JVN#42445661:: Multiple vulnerabilities in Smart-tab

2024/09/27 JVN#21176842:: MF Teacher Performance Management System vulnerable to cross-site scripting

2024/09/24 JVN#57749899:: The installer of e-Tax software(common program) vulnerable to privilege escalation

2024/09/24 JVN#78356367:: Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions

2024/09/24 JVN#81966868:: Multiple vulnerabilities in PLANEX COMMUNICATIONS network devices

2024/09/18 JVN#19766555:: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

2024/09/18 JVN#42386607:: Assimp vulnerable to heap-based buffer overflow

2024/09/09 JVN#05579230:: Multiple Alps System Integration products and the OEM products vulnerable to cross-site request forgery

2024/09/09 JVN#67456481:: Pgpool-II vulnerable to information disclosure

2024/09/09 JVN#65724976:: WordPress Plugin "Forminator" vulnerable to cross-site scripting

2024/09/09 JVN#81570776:: "@cosme" App fails to restrict custom URL schemes properly

2024/09/06 JVN#32529796:: Multiple products from KINGSOFT JAPAN vulnerable to path traversal

2024/09/06 JVN#49873988:: Secure Boot bypass Vulnerability in PRIMERGY

2024/09/04 JVN#67963942:: WordPress Plugin "Advanced Custom Fields" vulnerable to cross-site scripting

2024/08/30 JVN#29238389:: IPCOM vulnerable to information disclosure

2024/08/30 JVN#25264194:: Multiple vulnerabilities in WordPress plugin "Carousel Slider"

2024/08/29 JVN#08342147:: WindLDR and WindO/I-NV4 store sensitive information in cleartext

2024/08/27 JVN#24885537:: Multiple vulnerabilities in ELECOM wireless LAN routers and access points

2024/08/23 JVN#12824024:: BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection

2024/08/22 JVN#83440451:: Multiple Safie products vulnerable to improper server certificate verification

2024/08/20 JVN#56648919:: "Rakuten Ichiba App" fails to restrict custom URL schemes properly

2024/08/06 JVN#78728294:: Firmware update for RICOH JavaTM Platform resets the TLS configuration

2024/08/06 JVN#29845579:: Cybozu Office vulnerable to bypass browsing restrictions in Custom App

2024/08/05 JVN#70666401:: Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN

2024/08/05 JVN#50850706:: Pimax Play and PiTool accept WebSocket connections from unintended endpoints

2024/07/30 JVN#26734798:: FFRI AMC vulnerable to OS command injection

2024/07/30 JVN#26225832:: EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting

2024/07/30 JVN#48324254:: EC-CUBE 4 Series improper input validation when installing plugins

2024/07/30 JVN#06672778:: Multiple vulnerabilities in ELECOM wireless LAN routers

2024/07/29 JVN#84326763:: Multiple vulnerabilities in SKYSEA Client View

2024/07/29 JVN#16420523:: SDoP vulnerable to stack-based buffer overflow

2024/07/26 JVN#02030803:: ORC vulnerable to stack-based buffer overflow

2024/07/18 JVN#87710540:: Assimp vulnerable to heap-based buffer overflow

2024/07/16 JVN#74825766:: Cybozu Garoon vulnerable to cross-site scripting

2024/07/16 JVN#25583987:: FUJITSU Network Edgiot GW1500 vulnerable to path traversal