Vulnerability Reports JP

past 12 months ｜2020 ｜2019 ｜2018 ｜2017 ｜2016 ｜2015 ｜2014 ｜2013 ｜2012 ｜2011 ｜2010 ｜2009 ｜2008 ｜2007

2021

2021/01/22 JVN#38248512:: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2

2021/01/19 JVN#57544707:: GROWI vulnerable to cross-site scripting

2021/01/14 JVN#35906450:: Multiple vulnerabilities in acmailer

2021/01/12 JVN#69635538:: The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries

2021/01/04 JVN#38752718:: Multiple NEC Products vulnerable to authentication bypass

2021/01/04 JVN#38784555:: Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series

2020

2020/12/18 JVN#10100024:: Management software for NEC Storage disk array system vulnerable to improper server certificate verification

2020/12/18 JVN#94244575:: Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

2020/12/15 JVN#94169589:: Multiple vulnerabilities in GROWI

2020/12/11 JVN#55917325:: Multiple vulnerabilities in Aterm SA3500G

2020/12/11 JVN#43969166:: Apache Struts 2 vulnerable to remote code execution (S2-061)

2020/12/10 JVN#12884935:: FileZen vulnerable to directory traversal

2020/12/07 JVN#59779918:: Apache Cordova Plugin camera vulnerable to information exposure

2020/12/03 JVN#24457594:: Multiple vulnerabilities in EC-CUBE

2020/12/03 JVN#42199826:: desknet's NEO vulnerable to cross-site scripting

2020/11/25 JVN#56450373:: Multiple vulnerabilities in GROWI

2020/11/24 JVN#27806339:: NETGEAR GS108Ev3 vulnerable to cross-site request forgery

2020/11/20 JVN#26835001:: The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

2020/11/19 JVN#90729322:: Hibernate ORM vulnerable to SQL injection

2020/11/18 JVN#94245475:: Movable Type Premium vulnerable to cross-site scripting

2020/11/12 JVN#44764844:: MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption

2020/11/05 JVN#00414047:: Studyplus App uses a hard-coded API key for an external service

2020/11/04 JVN#57942454:: Cybozu Garoon vulnerable to improper input validation

2020/10/21 JVN#31425618:: Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"

2020/10/14 JVN#92404841:: WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery

2020/10/05 JVN#82892096:: OS command injection vulnerability in multiple ELECOM LAN routers

2020/09/30 JVN#07426151:: InfoCage SiteShell installs their files with improper access permissions

2020/09/23 JVN#60093979:: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products

2020/09/17 JVN#31864411:: Multiple access restriction bypass vulnerabilities in UNIQLO App

2020/09/11 JVN#09166495:: Multiple vulnerabilities in Buffalo AirStation WHR-G54S

2020/09/07 JVN#32396594:: Yodobashi App for Android fails to restrict access permissions

2020/08/31 JVN#06446084:: CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)

2020/08/31 JVN#42665874:: "Shadankun Server Security Type" vulnerable to denial-of-service (DoS)

2020/08/28 JVN#29903998:: Multiple NETGEAR switching hubs vulnerable to cross-site request forgery

2020/08/27 JVN#40725650:: Multiple vulnerabilities in XOOPS module "XooNIps"

2020/08/26 JVN#77402327:: NITORI App fails to restrict access permissions

2020/08/25 JVN#50890770:: Apache Struts 2 vulnerable to denial-of-service (DoS)

2020/08/21 JVN#88315581:: Multiple cross-site scripting vulnerabilities in Exment

2020/08/11 JVN#46258789:: Multiple vulnerabilities in CyberMail

2020/08/03 JVN#25422698:[Critical]: SKYSEA Client View vulnerable to privilege escalation

2020/07/31 JVN#73169744:: Multiple vulnerabilities in multiple PHP Factory products

2020/07/31 JVN#84959128:: FANUC i Series CNC vulnerable to denial-of-service (DoS)

2020/07/29 JVN#40400577:: TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow

2020/07/28 JVN#48194211:: Multiple vulnerabilities in KonaWiki2 and KonaWiki3

2020/07/28 JVN#62161191:: JavaFX WebEngine does not properly restrict Java method execution

2020/07/22 JVN#05502028:: WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery

2020/07/09 JVN#55657988:: SHIRASAGI vulnerable to open redirect

2020/07/08 JVN#93167107:: Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object

2020/06/29 JVN#55497111:: Multiple vulnerabilities in Cybozu Garoon

2020/06/24 JVN#40039627:: Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution

2020/06/18 JVN#77458946:: EC-CUBE vulnerable to directory traversal

2020/06/11 JVN#32252648:: Multiple vulnerabilities in Zenphoto

2020/06/09 JVN#67447798:: Multiple SONY Wireless Headphones allow improper Bluetooth pairing

2020/06/05 JVN#40208370:: XACK DNS vulnerable to denial-of-service (DoS)

2020/05/29 JVN#78745667:: Multiples security updates for multiple Cybozu products

2020/05/25 JVN#59552136:: Cybozu Desktop for Windows vulenerable to arbitrary code execution

2020/05/19 JVN#20248858:: WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection

2020/05/19 JVN#96646182:: Panasonic Video Insight VMS vulnerable to arbitrary code execution

2020/05/13 JVN#41035278:: BookStack vulnerable to cross-site scripting

2020/05/13 JVN#28806943:: Multiple vulnerabilities in Movable Type

2020/05/11 JVN#61849442:: PALLET CONTROL vulnerable to arbitrary code execution

2020/04/28 JVN#47668991:: Sales Force Assistant vulnerable to cross-site scripting

2020/04/27 JVN#35649781:: Multiple vulnerabilities in Cybozu Garoon

2020/04/23 JVN#93064451:: Multiple SHARP Android devices vulnerable to information disclosure

2020/04/20 JVN#13467854:: Toshiba Electronic Devices & Storage software registers unquoted service paths

2020/04/08 JVN#89224521:: Multiple vulnerabilities in EasyBlocks IPv6

2020/04/07 JVN#56890693:: Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads

2020/03/31 JVN#38732359:: Multiple Yamaha network devices vulnerable to denial-of-service (DoS)

2020/03/24 JVN#88277644:[Unreachable]: Keijiban Tsumiki vulenrable to OS command injection

2020/03/24 JVN#27951364:[Unreachable]: WL-Enq (WEB Enquete) vulnerable to OS command injection

2020/03/24 JVN#88033799:[Unreachable]: WL-Enq (WEB Enquete) vulnerable to cross-site scripting

2020/03/24 JVN#58176087:[Unreachable]: Cute News vulnerable to PHP code execution

2020/03/24 JVN#29095127:[Unreachable]: CuteNews vulnerable to cross-site scripting

2020/03/24 JVN#63834780:[Unreachable]: Shihonkanri Plus GOOUT vulnerable to OS command injection

2020/03/24 JVN#32415420:[Unreachable]: Multiple vulnerabiliteis in Shihonkanri Plus GOOUT

2020/03/24 JVN#77634892:[Unreachable]: mailform vulnerable to PHP code execution

2020/03/24 JVN#85942151:[Unreachable]: mailform vulnerable to cross-site scripting

2020/03/03 JVN#19666251:: Multiple vulnerabilities in OpenBlocks IoT VX2

2020/03/02 JVN#73472345:: GRANDIT vulnerable to session management

2020/02/25 JVN#15697526:: Privilege escalation vulnerability in multiple RICOH printer drivers

2020/02/25 JVN#52962201:: Multiple vulnerabilities in RICOH printers

2020/02/19 JVN#25766797:: Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS

2020/02/19 JVN#49410695:: Multiple vulnerabilities in Aterm WG2600HS

2020/02/18 JVN#89259622:: WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery

2020/02/14 JVN#35496038:: ilbo App vulnerable to authentication bypass

2020/02/14 JVN#02921757:: Multiple Trend Micro products vulnerable to denial-of-service (DoS)

2020/02/10 JVN#34535327:: HtmlUnit vulenerable to arbitrary code execution

2020/02/06 JVN#94435544:: Movable Type vulnerable to cross-site scripting

2020/02/05 JVN#52486659:: Ghostscript access restriction bypass vulnerability

2020/01/31 JVN#00014057:: AWMS Mobile App vulnerable to improper server certificate verification

2020/01/28 JVN#28845872:: Android App "MyPallete" vulnerable to improper server certificate verification