Vulnerability Reports JP
2019
- 2019/03/19 JVN#60497148:
- "an" App for iOS vulnerable to directory traversal
- 2019/03/15 JVN#06527859:
- KinagaCMS vulnerable to cross-site scripting
- 2019/03/12 JVN#11622218:
- iChain Insurance Wallet App for iOS vulnerable to directory traversal
- 2019/03/05 JVN#40288903:
- Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting
- 2019/02/28 JVN#79543573:
- The installer of Microsoft Teams may insecurely load Dynamic Link Libraries
- 2019/02/28 JVN#97656108:
- WordPress plugin "Smart Forms" vulnerable to cross-site request forgery
- 2019/02/28 JVN#69181574:
- Windows 7 may insecurely load Dynamic Link Libraries
- 2019/02/27 JVN#56542712:
- Multiple vulnerabilities in Nablarch
- 2019/02/26 JVN#83501605:
- WordPress plugin "FormCraft" vulnerable to cross-site request forgery
- 2019/02/20 JVN#05875753:
- azure-umqtt-c vulnerable to denial-of-service (DoS)
- 2019/02/18 JVN#50810870:
- Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries
- 2019/02/12 JVN#40439414:
- A vulnerability in V20 PRO L-01J that may cause a crash
- 2019/02/06 JVN#43193964:
- OpenAM (Open Source Edition) vulnerable to open redirect
- 2019/02/05 JVN#63860183:
- POWER EGG vulnerability where EL expression may be executed
- 2019/01/31 JVN#83826673:
- The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries
- 2019/01/31 JVN#52168232:
- UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries
- 2019/01/24 JVN#98505783:
- HOUSE GATE App for iOS vulnerable to directory traversal
- 2019/01/10 JVN#58010349:
- WordPress plugin "spam-byebye" vulnerable to cross-site scripting
2018
- 2018/12/26 JVN#96493183:
- GROWI vulnerable to cross-site scripting
- 2018/12/25 JVN#33677949:
- Installer of Mapping Tool may insecurely load Dynamic Link Libraries
- 2018/12/25 JVN#27052429:
- WordPress plugin "Google XML Sitemaps" vulnerable to cross-site scripting
- 2018/12/21 JVN#13199224:
- PgpoolAdmin fails to restrict access permissions
- 2018/12/21 JVN#69812763:
- cordova-plugin-ionic-webview vulnerable to path traversal
- 2018/12/19 JVN#99810718:
- Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway
- 2018/12/14 JVN#87535892:
- Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR
- 2018/12/10 JVN#25385698:
- Cybozu Garoon access restriction bypass vulnerability
- 2018/12/10 JVN#23161885:
- Multiple vulnerabilities in Cybozu Remote Service
- 2018/12/07 JVN#32155106:
- Multiple vulnerabilities in i-FILTER
- 2018/12/06 JVN#89767228:
- Multiple vulnerabilities in multiple SEIKO EPSON printers and scanners
- 2018/11/29 JVN#36895151:
- Panasonic applications register unquoted service paths
- 2018/11/28 JVN#25359688:
- EC-CUBE vulnerable to open redirect
- 2018/11/28 JVN#78422300:
- The installer of MARKET SPEED may insecurely load Dynamic Link Libraries
- 2018/11/27 JVN#55263945:
- Multiple vulnerabilities in RICOH Interactive Whiteboard
- 2018/11/20 JVN#65082538:
- Multiple vulnerabilities in Panasonic BN-SDWBP3
- 2018/11/14 JVN#16697622:
- Cybozu Dezie vulnerable to directory traversal
- 2018/11/14 JVN#15232217:
- Multiple directory traversal vulnerabilities in Cybozu Office
- 2018/11/14 JVN#83739174:
- Cybozu Mailwise vulnerable to directory traversal
- 2018/11/09 JVN#85760090:
- Multiple vulnerabilities in WordPress plugin "LearnPress"
- 2018/11/09 JVN#15709478:
- The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries
- 2018/11/02 JVN#75738023:
- WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting
- 2018/11/02 JVN#96551318:
- Mail app for iOS vulnerable to denial-of-service (DoS)
- 2018/10/29 JVN#37943805:
- Confluence Server vulnerable to script injection
- 2018/10/26 JVN#59394343:
- Multiple vulnerabilities in OpenDolphin
- 2018/10/24 JVN#21528670:
- SecureCore Standard Edition vulnerable to authentication bypass
- 2018/10/24 JVN#60702986:
- BlueStacks App Player fails to restrict access permissions
- 2018/10/19 JVN#58005743:
- Web Isolation vulnerable to cross-site scripting
- 2018/10/19 JVN#36343375:
- Multiple vulnerabilities in YukiWiki
- 2018/10/15 JVN#95355683:[Critical]
- Multiple vulnerabilities in FileZen
- 2018/10/12 JVN#49995005:
- OpenAM (Open Source Edition) vulnerable to session management
- 2018/10/11 JVN#14323043:
- Metabase vulnerable to cross-site scripting
- 2018/10/09 JVN#73794686:
- User-friendly SVN vulnerable to cross-site scripting
- 2018/10/09 JVN#36623716:
- Music Center for PC improperly verifies software update files
- 2018/10/04 JVN#00344155:
- Multiple vulnerabilities in Denbun
- 2018/10/03 JVN#77885134:
- The installer of Baidu Browser may insecurely load Dynamic Link Libraries
- 2018/09/27 JVN#37288228:
- +Message App fails to verify SSL server certificates
- 2018/09/13 JVN#68528150:
- Multiple FXC network devices vulnerable to cross-site scripting
- 2018/09/10 JVN#12583112:
- Cybozu Garoon vulnerable to directory traversal
- 2018/09/07 JVN#59624986:
- Multiple vulnerabilities in INplc
- 2018/08/31 JVN#02037158:
- AttacheCase vulnerable to arbitrary script execution
- 2018/08/31 JVN#63556416:
- QNAP Photo Station vulnerable to cross-site scripting
- 2018/08/30 JVN#89550319:
- Movable Type vulnerable to cross-site scripting
- 2018/08/29 JVN#69967692:
- Multiple script injection vulnerabilities in multiple Yamaha network devices
- 2018/08/21 JVN#75700242:
- The installer of Digital Paper App may insecurely load Dynamic Link Libraries
- 2018/08/17 JVN#14451678:
- NoMachine App for Android vulnerable to environment variables alteration
- 2018/08/09 JVN#06372244:
- Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE
- 2018/08/07 JVN#83701666:
- Multiple vulnerabilities in multiple I-O DATA network camera products
- 2018/08/06 JVN#62121133:
- Multiple directory traversal vulnerabilities in AttacheCase
- 2018/08/03 JVN#18716340:
- Multiple cross-site scripting vulnerabilities in GROWI
- 2018/07/26 JVN#16933564:
- LINE MUSIC for Android fails to verify SSL server certificates
- 2018/07/24 JVN#41452671:
- The installers of multiple Canon IT Solutions Inc. software programs may insecurely load Dynamic Link Libraries
- 2018/07/23 JVN#39171169:
- Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries
- 2018/07/20 JVN#06813756:
- DLL planting vulnerability in multiple Yayoi 17 Series products
- 2018/07/20 JVN#71329812:
- WL-330NUL vulnerable to cross-site request forgery
- 2018/07/18 JVN#37376131:
- Multiple vulnerabilities in ORCA(Online Receipt Computer Advantage)
- 2018/07/18 JVN#62423700:
- Movable Type plugin MTAppjQuery vulnerable to PHP code execution
- 2018/07/17 JVN#70246549:
- WordPress plugin "FV Flowplayer Video Player" vulnerable to cross-site scripting
- 2018/07/13 JVN#55813866:
- Explzh vulnerable to directory traversal
- 2018/07/12 JVN#84825660:
- Multiple vulnerabilities in Aterm HC100RC
- 2018/07/12 JVN#26629618:
- Multiple vulnerabilities in Aterm W300P
- 2018/07/12 JVN#00401783:
- Multiple OS command injection vulnerabilities in Aterm WG1200HP
- 2018/07/06 JVN#52574492:
- The installers of multiple Logicool software programs may insecurely load Dynamic Link Libraries
- 2018/07/06 JVN#77409513:
- DHC Online Shop App for Android fails to verify SSL server certificates
- 2018/07/03 JVN#84967039:
- Installer of Glary Utilities may insecurely load Dynamic Link Libraries
- 2018/07/02 JVN#13415512:
- Cybozu Garoon vulnerable to SQL injection
- 2018/07/02 JVN#63895206:
- Multiple vulnerabilities in Calsos CSDX and CSDJ series products
- 2018/06/28 JVN#00846677:
- Mailman vulnerable to cross-site scripting
- 2018/06/27 JVN#58362455:
- MemoCGI vulnerable to directory traversal
- 2018/06/15 JVN#71535108:
- ANA App for iOS fails to verify SSL server certificates
- 2018/06/15 JVN#98975951:
- Chrome Extension "5000 trillion yen converter" vulnerable to cross-site scripting
- 2018/06/13 JVN#33124193:
- Local File Inclusion vulnerability in Zenphoto
- 2018/06/12 JVN#92265618:
- LINE for Windows may insecurely load Dynamic Link Libraries
- 2018/06/04 JVN#93226941:
- H2O vulnerable to buffer overflow
- 2018/05/31 JVN#27978559:
- Multiple vulnerabilities in Pixelpost
- 2018/05/29 JVN#20040004:
- The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely invoke an executable file
- 2018/05/28 JVN#60978548:
- WordPress plugin "Site Reviews" vulnerable to cross-site scripting
- 2018/05/28 JVN#16471686:
- WordPress plugin "Email Subscribers & Newsletters" vulnerable to cross-site scripting
- 2018/05/24 JVN#13940333:
- The installer of PlayMemories Home for Windows may insecurely load Dynamic Link Libraries
- 2018/05/24 JVN#79301396:
- Susie plug-in "axpdfium" may insecurely load Dynamic Link Libraries
- 2018/05/22 JVN#67881316:
- Multiple vulnerabilities in baserCMS
- 2018/05/22 JVN#52319657:
- Multiple cross-site scripting vulnerabilities in Cybozu Mailwise
- 2018/05/22 JVN#51737843:
- Multiple vulnerabilities in Cybozu Office
- 2018/05/21 JVN#96954395:
- Nessus vulnerable to cross-site scripting
- 2018/05/17 JVN#81196185:
- The installer of Visual C++ Redistributable may insecurely load Dynamic Link Libraries
- 2018/05/17 JVN#72748502:
- Self-Extracting Archive files created by IExpress may insecurely load Dynamic Link Libraries
- 2018/05/17 JVN#91151862:
- Multiple Microsoft Windows applications and installers may insecurely load Dynamic Link Libraries
- 2018/05/11 JVN#83671755:
- KINEPASS App fails to verify SSL server certificates
- 2018/05/11 JVN#27137002:
- IIJ SmartKey App for Android vulnerable to authentication bypass
- 2018/05/10 JVN#28804532:
- Multiple vulnerabilities in WordPress plugin "Ultimate Member"
- 2018/05/09 JVN#34562916:
- RT-AC1200HP vulnerable to cross-site scripting
- 2018/05/09 JVN#73742314:
- RT-AC68U vulnerable to cross-site scripting
- 2018/05/09 JVN#33901663:
- RT-AC87U vulnerable to cross-site scripting
- 2018/04/27 JVN#08386386:
- WordPress plugin "Open Graph for Facebook, Google+ and Twitter Card Tags" vulnerable to cross-site scripting
- 2018/04/27 JVN#61081552:
- WordPress plugin "PixelYourSite" vulnerable to cross-site scripting
- 2018/04/27 JVN#01040170:
- WordPress plugin "WP Google Map Plugin" vulnerable to cross-site scripting
- 2018/04/27 JVN#85531148:
- WordPress plugin "Events Manager" vulnerable to cross-site scripting
- 2018/04/27 JVN#68345747:
- The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries
- 2018/04/26 JVN#95589314:
- Joruri Gw vulnerable to arbitrary file upload
- 2018/04/17 JVN#52695336:
- EC-CUBE vulnerable to session fixation
- 2018/04/13 JVN#85056623:
- Installer of SoundEngine Free may insecurely load Dynamic Link Libraries
- 2018/04/12 JVN#92220486:
- The installer of PhishWall Client Internet Explorer edition may insecurely load Dynamic Link Libraries
- 2018/04/12 JVN#71255137:
- Tenable Appliance vulnerable to cross-site scripting
- 2018/04/10 JVN#77753476:
- Hatena Bookmark App for iOS contains an address bar spoofing vulnerability
- 2018/04/09 JVN#65268217:
- Multiple vulnerabilities in Cybozu Garoon
- 2018/03/30 JVN#01161596:
- Safari vulnerable to script injection
- 2018/03/29 JVN#72589538:
- LXR vulnerable to OS command injection
- 2018/03/29 JVN#93397125:
- Multiple vulnerabilities in WZR-1750DHP2
- 2018/03/27 JVN#43382653:
- iRemoconWiFi App for Android fails to verify SSL server certificates