Vulnerability Reports JP
2021
- 2021/01/22 JVN#38248512:
- Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
- 2021/01/19 JVN#57544707:
- GROWI vulnerable to cross-site scripting
- 2021/01/14 JVN#35906450:
- Multiple vulnerabilities in acmailer
- 2021/01/12 JVN#69635538:
- The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries
- 2021/01/04 JVN#38752718:
- Multiple NEC Products vulnerable to authentication bypass
- 2021/01/04 JVN#38784555:
- Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series
2020
- 2020/12/18 JVN#10100024:
- Management software for NEC Storage disk array system vulnerable to improper server certificate verification
- 2020/12/18 JVN#94244575:
- Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
- 2020/12/15 JVN#94169589:
- Multiple vulnerabilities in GROWI
- 2020/12/11 JVN#55917325:
- Multiple vulnerabilities in Aterm SA3500G
- 2020/12/11 JVN#43969166:
- Apache Struts 2 vulnerable to remote code execution (S2-061)
- 2020/12/10 JVN#12884935:
- FileZen vulnerable to directory traversal
- 2020/12/07 JVN#59779918:
- Apache Cordova Plugin camera vulnerable to information exposure
- 2020/12/03 JVN#24457594:
- Multiple vulnerabilities in EC-CUBE
- 2020/12/03 JVN#42199826:
- desknet's NEO vulnerable to cross-site scripting
- 2020/11/25 JVN#56450373:
- Multiple vulnerabilities in GROWI
- 2020/11/24 JVN#27806339:
- NETGEAR GS108Ev3 vulnerable to cross-site request forgery
- 2020/11/20 JVN#26835001:
- The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
- 2020/11/19 JVN#90729322:
- Hibernate ORM vulnerable to SQL injection
- 2020/11/18 JVN#94245475:
- Movable Type Premium vulnerable to cross-site scripting
- 2020/11/12 JVN#44764844:
- MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption
- 2020/11/05 JVN#00414047:
- Studyplus App uses a hard-coded API key for an external service
- 2020/11/04 JVN#57942454:
- Cybozu Garoon vulnerable to improper input validation
- 2020/10/21 JVN#31425618:
- Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"
- 2020/10/14 JVN#92404841:
- WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery
- 2020/10/05 JVN#82892096:
- OS command injection vulnerability in multiple ELECOM LAN routers
- 2020/09/30 JVN#07426151:
- InfoCage SiteShell installs their files with improper access permissions
- 2020/09/23 JVN#60093979:
- Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
- 2020/09/17 JVN#31864411:
- Multiple access restriction bypass vulnerabilities in UNIQLO App
- 2020/09/11 JVN#09166495:
- Multiple vulnerabilities in Buffalo AirStation WHR-G54S
- 2020/09/07 JVN#32396594:
- Yodobashi App for Android fails to restrict access permissions
- 2020/08/31 JVN#06446084:
- CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)
- 2020/08/31 JVN#42665874:
- "Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
- 2020/08/28 JVN#29903998:
- Multiple NETGEAR switching hubs vulnerable to cross-site request forgery
- 2020/08/27 JVN#40725650:
- Multiple vulnerabilities in XOOPS module "XooNIps"
- 2020/08/26 JVN#77402327:
- NITORI App fails to restrict access permissions
- 2020/08/25 JVN#50890770:
- Apache Struts 2 vulnerable to denial-of-service (DoS)
- 2020/08/21 JVN#88315581:
- Multiple cross-site scripting vulnerabilities in Exment
- 2020/08/11 JVN#46258789:
- Multiple vulnerabilities in CyberMail
- 2020/08/03 JVN#25422698:[Critical]
- SKYSEA Client View vulnerable to privilege escalation
- 2020/07/31 JVN#73169744:
- Multiple vulnerabilities in multiple PHP Factory products
- 2020/07/31 JVN#84959128:
- FANUC i Series CNC vulnerable to denial-of-service (DoS)
- 2020/07/29 JVN#40400577:
- TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow
- 2020/07/28 JVN#48194211:
- Multiple vulnerabilities in KonaWiki2 and KonaWiki3
- 2020/07/28 JVN#62161191:
- JavaFX WebEngine does not properly restrict Java method execution
- 2020/07/22 JVN#05502028:
- WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery
- 2020/07/09 JVN#55657988:
- SHIRASAGI vulnerable to open redirect
- 2020/07/08 JVN#93167107:
- Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object
- 2020/06/29 JVN#55497111:
- Multiple vulnerabilities in Cybozu Garoon
- 2020/06/24 JVN#40039627:
- Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution
- 2020/06/18 JVN#77458946:
- EC-CUBE vulnerable to directory traversal
- 2020/06/11 JVN#32252648:
- Multiple vulnerabilities in Zenphoto
- 2020/06/09 JVN#67447798:
- Multiple SONY Wireless Headphones allow improper Bluetooth pairing
- 2020/06/05 JVN#40208370:
- XACK DNS vulnerable to denial-of-service (DoS)
- 2020/05/29 JVN#78745667:
- Multiples security updates for multiple Cybozu products
- 2020/05/25 JVN#59552136:
- Cybozu Desktop for Windows vulenerable to arbitrary code execution
- 2020/05/19 JVN#20248858:
- WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection
- 2020/05/19 JVN#96646182:
- Panasonic Video Insight VMS vulnerable to arbitrary code execution
- 2020/05/13 JVN#41035278:
- BookStack vulnerable to cross-site scripting
- 2020/05/13 JVN#28806943:
- Multiple vulnerabilities in Movable Type
- 2020/05/11 JVN#61849442:
- PALLET CONTROL vulnerable to arbitrary code execution
- 2020/04/28 JVN#47668991:
- Sales Force Assistant vulnerable to cross-site scripting
- 2020/04/27 JVN#35649781:
- Multiple vulnerabilities in Cybozu Garoon
- 2020/04/23 JVN#93064451:
- Multiple SHARP Android devices vulnerable to information disclosure
- 2020/04/20 JVN#13467854:
- Toshiba Electronic Devices & Storage software registers unquoted service paths
- 2020/04/08 JVN#89224521:
- Multiple vulnerabilities in EasyBlocks IPv6
- 2020/04/07 JVN#56890693:
- Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads
- 2020/03/31 JVN#38732359:
- Multiple Yamaha network devices vulnerable to denial-of-service (DoS)
- 2020/03/24 JVN#88277644:[Unreachable]
- Keijiban Tsumiki vulenrable to OS command injection
- 2020/03/24 JVN#27951364:[Unreachable]
- WL-Enq (WEB Enquete) vulnerable to OS command injection
- 2020/03/24 JVN#88033799:[Unreachable]
- WL-Enq (WEB Enquete) vulnerable to cross-site scripting
- 2020/03/24 JVN#58176087:[Unreachable]
- Cute News vulnerable to PHP code execution
- 2020/03/24 JVN#29095127:[Unreachable]
- CuteNews vulnerable to cross-site scripting
- 2020/03/24 JVN#63834780:[Unreachable]
- Shihonkanri Plus GOOUT vulnerable to OS command injection
- 2020/03/24 JVN#32415420:[Unreachable]
- Multiple vulnerabiliteis in Shihonkanri Plus GOOUT
- 2020/03/24 JVN#77634892:[Unreachable]
- mailform vulnerable to PHP code execution
- 2020/03/24 JVN#85942151:[Unreachable]
- mailform vulnerable to cross-site scripting
- 2020/03/03 JVN#19666251:
- Multiple vulnerabilities in OpenBlocks IoT VX2
- 2020/03/02 JVN#73472345:
- GRANDIT vulnerable to session management
- 2020/02/25 JVN#15697526:
- Privilege escalation vulnerability in multiple RICOH printer drivers
- 2020/02/25 JVN#52962201:
- Multiple vulnerabilities in RICOH printers
- 2020/02/19 JVN#25766797:
- Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS
- 2020/02/19 JVN#49410695:
- Multiple vulnerabilities in Aterm WG2600HS
- 2020/02/18 JVN#89259622:
- WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery
- 2020/02/14 JVN#35496038:
- ilbo App vulnerable to authentication bypass
- 2020/02/14 JVN#02921757:
- Multiple Trend Micro products vulnerable to denial-of-service (DoS)
- 2020/02/10 JVN#34535327:
- HtmlUnit vulenerable to arbitrary code execution
- 2020/02/06 JVN#94435544:
- Movable Type vulnerable to cross-site scripting
- 2020/02/05 JVN#52486659:
- Ghostscript access restriction bypass vulnerability
- 2020/01/31 JVN#00014057:
- AWMS Mobile App vulnerable to improper server certificate verification
- 2020/01/28 JVN#28845872:
- Android App "MyPallete" vulnerable to improper server certificate verification