Vulnerability Reports

past 12 months ｜2020 ｜2019 ｜2018 ｜2017 ｜2016 ｜2015 ｜2014 ｜2013 ｜2012 ｜2011 ｜2010 ｜2009 ｜2008 ｜2007

2021

2021/05/14 JVN#49704918:: mod_auth_openidc vulnerable to denial-of-service (DoS)

2021/05/14 JVN#71263107:: Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points

2021/05/13 JVN#34232719:: Multiple vulnerabilities in KonaWiki2

2021/05/13 JVN#13076220:: RFNTPS vulnerable to OS command injection

2021/05/10 JVN#97554111:[Critical]: EC-CUBE vulnerable to cross-site scripting

2021/05/10 JVNVU#97581596:: Multiple vulnerabilities in Trend Micro Apex One, OfficeScan, and Worry-Free Business Security series

2021/04/27 JVNVU#99235714:: Multiple vulnerabilities in Buffalo broadband routers

2021/04/27 JVNVU#90274525:: Multiple Buffalo network devices contain hidden functionality

2021/04/27 JVN#35240327:: WordPress plugin "WP Fastest Cache" vulnerable to directory traversal

2021/04/27 JVN#97434260:: Hot Pepper Gourmet App fails to restrict access permissions

2021/04/22 JVN#55833077:[Unreachable]: yappa-ng vulnerable to cross-site scripting

2021/04/21 JVNVU#93491927:[Critical]: Multiple vulnerabilities in Apex One, Apex One as a Service and OfficeScan

2021/04/20 JVNVU#93009588:: Memory Exhaustion Denial-of-Service (DoS) vulnerability in Trend Micro Scan Engine

2021/04/20 JVNVU#92208501:: Multiple vulnerabilities in Worry-Free Business Security

2021/04/20 JVNVU#97680506:: Multiple vulnerabilities in Worry-Free Business Security Services

2021/04/19 JVNVU#98074915:: Trend Micro Password Manager may insecurely load Dynamic Link Libraries

2021/04/14 JVN#54025691:: Gurunavi Apps fail to restrict access permissions

2021/04/09 JVN#29739718:: Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP

2021/04/09 JVN#67456944:: Multiple vulnerabilities in multiple Aterm products

2021/04/09 JVNVU#92898656:: D-Link DAP-1880AC contains multiple vulnerabilities

2021/04/01 JVN#73236007:: Archive collectively operation utility vulnerable to directory traversal

2021/03/26 JVN#64869876:: Multiple vulnerabilities in baserCMS

2021/03/25 JVN#68244135:[Unreachable]: rNote vulnerable to cross-site scripting

2021/03/25 JVN#94705238:[Unreachable]: Yomi-Search vulnerable to cross-site scripting

2021/03/25 JVN#83042295:[Unreachable]: Yomi-Search vulnerable to cross-site scripting

2021/03/25 JVN#37179202:[Unreachable]: Yomi-Search vulnerable to cross-site scripting

2021/03/25 JVN#93207949:[Unreachable]: Click Ranker vulnerable to cross-site scripting

2021/03/25 JVN#11438679:[Unreachable]: Kagemai vulnerable to cross-site request forgery

2021/03/25 JVN#42220311:[Unreachable]: Kagemai vulnerable to cross-site scripting

2021/03/25 JVN#12559271:[Unreachable]: Kagemai vulnerable to cross-site scripting

2021/03/25 JVN#97370614:[Unreachable]: MagazinegerZ vulnerable to cross-site scripting

2021/03/22 JVN#12737530:: UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS)

2021/03/19 JVN#37607293:: Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS)

2021/03/17 JVN#08191557:: WordPress plugin "Paid Memberships Pro" vulnerable to SQL injection

2021/03/15 JVN#45797538:: Multiple vulnerabilities in Cybozu Office

2021/03/12 JVN#47497535:: M-System DL8 contains multiple vulnerabilities

2021/03/11 JVN#18056666:: Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries

2021/03/10 JVN#86438134:: Multiple cross-site scripting vulnerabilities in GROWI

2021/03/08 JVNVU#94889258:: Multiple vulnerabilities in GROWI

2021/03/05 JVN#68418039:: The installers of E START products may insecurely load Dynamic Link Libraries

2021/03/05 JVNVU#99545969:: Trend Micro Security (Consumer) vulnerable to code injection

2021/02/24 JVN#66542874:: Multiple cross-site scripting vulnerabilities in Movable Type

2021/02/19 JVN#37417423:: Multiple vulnerabilities in SolarView Compact

2021/02/16 JVN#58774946:[Critical]: FileZen vulnerable to OS command injection

2021/02/15 JVN#87164507:: Calsos CSDJ fails to restrict access permissions

2021/02/10 JVN#80785288:: Wekan vulnerable to cross-site scripting

2021/02/05 JVN#50470170:: WordPress Plugin "Name Directory" vulnerable to cross-site request forgery

2021/02/04 JVN#42252698:: Panasonic Video Insight VMS vulnerable to arbitrary code execution

2021/02/03 JVNVU#98209799:: Trend Micro HouseCall for Home Networks (Windows Edition) may insecurely load Dynamic Link Libraries

2021/02/01 JVNVU#99814910:: Multiple vulnerabilities in the installer of Trend Micro Security 2020 (Consumer)

2021/01/27 JVN#41853173:: OS command injection vulnerability in multiple Infoscience Corporation log management tools

2021/01/26 JVN#96783542:: Multiple vulnerabilities in multiple LOGITEC products

2021/01/26 JVN#98115035:: Android App "ELECOM File Manager" vulnerable to directory traversal

2021/01/26 JVN#47580234:: Multiple vulnerabilities in multiple ELECOM products

2021/01/22 JVN#38248512:: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2

2021/01/22 JVNVU#92444096:: TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection

2021/01/19 JVN#57544707:: GROWI vulnerable to cross-site scripting

2021/01/14 JVNVU#99904867:: Multiple vulnerabilities in Worry-Free Business Security (WFBS)

2021/01/14 JVNVU#92683420:: Multiple vulnerabilities in Trend Micro Apex One and OfficeScan

2021/01/14 JVN#35906450:: Multiple vulnerabilities in acmailer

2021/01/12 JVN#69635538:: The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries

2021/01/05 JVNVU#98351146:: Multiple vulnerabilities in InterScan Web Security Virtual Appliance (IWSVA)

2021/01/04 JVN#38752718:: Multiple NEC Products vulnerable to authentication bypass

2021/01/04 JVN#38784555:: Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series

2020

2020/12/18 JVN#10100024:: Management software for NEC Storage disk array system vulnerable to improper server certificate verification

2020/12/18 JVN#94244575:: Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

2020/12/15 JVN#94169589:: Multiple vulnerabilities in GROWI

2020/12/11 JVN#55917325:: Multiple vulnerabilities in Aterm SA3500G

2020/12/11 JVN#43969166:: Apache Struts 2 vulnerable to remote code execution (S2-061)

2020/12/10 JVN#12884935:: FileZen vulnerable to directory traversal

2020/12/07 JVN#59779918:: Apache Cordova Plugin camera vulnerable to information exposure

2020/12/07 JVNVU#97704455:: ServerProtect for Linux vulnerable to heap-based buffer overflow

2020/12/03 JVN#24457594:: Multiple vulnerabilities in EC-CUBE

2020/12/03 JVN#42199826:: desknet's NEO vulnerable to cross-site scripting

2020/11/27 JVNVU#98890246:: Multiple vulnerabilities in Trend Micro InterScan Messaging Virtual Appliance (IMSVA)

2020/11/25 JVNTA#94494000:: Malleability attack against executables encrypted by CBC mode with no integrity check

2020/11/25 JVN#56450373:: Multiple vulnerabilities in GROWI

2020/11/24 JVN#27806339:: NETGEAR GS108Ev3 vulnerable to cross-site request forgery

2020/11/24 JVNVU#94694991:: Multiple vulnerabilities in Trend Micro Antivirus for Mac

2020/11/20 JVN#26835001:: The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

2020/11/19 JVN#90729322:: Hibernate ORM vulnerable to SQL injection

2020/11/18 JVNVU#96249940:: Trend Micro Security 2020 (Consumer) is vulnerable to arbitrary file deletion

2020/11/18 JVN#94245475:: Movable Type Premium vulnerable to cross-site scripting

2020/11/17 JVNVU#99880454:: Multiple vulnerabilities in KonaWiki3

2020/11/12 JVN#44764844:: MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption

2020/11/06 JVNVU#92053563:: Multiple vulnerabilities in XOOPS module "XooNIps"

2020/11/05 JVN#00414047:: Studyplus App uses a hard-coded API key for an external service

2020/11/04 JVN#57942454:: Cybozu Garoon vulnerable to improper input validation

2020/10/21 JVN#31425618:: Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"

2020/10/20 JVNVU#99467898:: Local File Inclusion vulnerability in OneThird CMS

2020/10/14 JVN#92404841:: WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery

2020/10/06 JVNVU#95014999:: Trend Micro Antivirus for Mac vulnerable to a privilege escalation

2020/10/05 JVN#82892096:: OS command injection vulnerability in multiple ELECOM LAN routers

2020/09/30 JVN#07426151:: InfoCage SiteShell installs their files with improper access permissions

2020/09/25 JVNVU#93741515:: CMONOS.JP vulnerable to cross-site scripting

2020/09/23 JVNVU#91216654:: ServerProtect for Linux vulnerable to OS command injection

2020/09/23 JVN#60093979:: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products

2020/09/17 JVN#31864411:: Multiple access restriction bypass vulnerabilities in UNIQLO App

2020/09/11 JVN#09166495:: Multiple vulnerabilities in Buffalo AirStation WHR-G54S

2020/09/07 JVN#32396594:: Yodobashi App for Android fails to restrict access permissions

2020/08/31 JVNVU#90813748:: Multiple vulnerabilities in Trend Micro Deep Security Manager and Vulnerability Protection

2020/08/31 JVN#06446084:: CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)

2020/08/31 JVN#42665874:: "Shadankun Server Security Type" vulnerable to denial-of-service (DoS)

2020/08/28 JVN#29903998:: Multiple NETGEAR switching hubs vulnerable to cross-site request forgery

2020/08/27 JVN#40725650:: Multiple vulnerabilities in XOOPS module "XooNIps"

2020/08/26 JVN#77402327:: NITORI App fails to restrict access permissions

2020/08/25 JVNVU#98542645:: Multiple vulnerabilities in InterScan Web Security Virtual Appliance (IWSVA)

2020/08/25 JVN#50890770:: Apache Struts 2 vulnerable to denial-of-service (DoS)

2020/08/21 JVN#88315581:: Multiple cross-site scripting vulnerabilities in Exment

2020/08/11 JVN#46258789:: Multiple vulnerabilities in CyberMail

2020/08/06 JVNVU#98423028:: Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries

2020/08/06 JVNVU#94105662:: Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read

2020/08/05 JVNVU#99160193:: Trend Micro anti-rootkit driver improperly validates inputs

2020/08/03 JVN#25422698:[Critical]: SKYSEA Client View vulnerable to privilege escalation

2020/08/03 JVNTA#96129397:: Falsification and eavesdropping of contents across multiple websites via Web Rehosting services

2020/07/31 JVN#73169744:: Multiple vulnerabilities in multiple PHP Factory products

2020/07/31 JVN#84959128:: FANUC i Series CNC vulnerable to denial-of-service (DoS)

2020/07/29 JVN#40400577:: TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow

2020/07/28 JVN#48194211:: Multiple vulnerabilities in KonaWiki2 and KonaWiki3

2020/07/28 JVN#62161191:: JavaFX WebEngine does not properly restrict Java method execution

2020/07/22 JVN#05502028:: WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery

2020/07/09 JVN#55657988:: SHIRASAGI vulnerable to open redirect

2020/07/08 JVN#93167107:: Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object

2020/07/03 JVNVU#95413676:: Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series

2020/06/30 JVNVU#90307594:: Multiple vulnerabilities in Mitsubishi Electoric FA Engineering Software

2020/06/29 JVN#55497111:: Multiple vulnerabilities in Cybozu Garoon

2020/06/24 JVN#40039627:: Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution

2020/06/23 JVNVU#91424496:: Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information

2020/06/18 JVN#77458946:: EC-CUBE vulnerable to directory traversal

2020/06/11 JVN#32252648:: Multiple vulnerabilities in Zenphoto

2020/06/09 JVN#67447798:: Multiple SONY Wireless Headphones allow improper Bluetooth pairing

2020/06/05 JVN#40208370:: XACK DNS vulnerable to denial-of-service (DoS)

2020/05/29 JVN#78745667:: Multiples security updates for multiple Cybozu products

2020/05/25 JVN#59552136:: Cybozu Desktop for Windows vulenerable to arbitrary code execution

2020/05/19 JVN#20248858:: WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection

2020/05/19 JVN#96646182:: Panasonic Video Insight VMS vulnerable to arbitrary code execution