Vulnerability Reports

past 12 months20192018201720162015201420132012201120102009200820072006

2020

2020/10/21 JVN#31425618:
Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"
2020/10/20 JVNVU#99467898:
Local File Inclusion vulnerability in OneThird CMS
2020/10/14 JVN#92404841:
WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery
2020/10/06 JVNVU#95014999:
Trend Micro Antivirus for Mac vulnerable to a privilege escalation
2020/10/05 JVN#82892096:
OS command injection vulnerability in multiple ELECOM LAN routers
2020/09/30 JVN#07426151:
InfoCage SiteShell installs their files with improper access permissions
2020/09/25 JVNVU#93741515:
CMONOS.JP vulnerable to cross-site scripting
2020/09/23 JVNVU#91216654:
ServerProtect for Linux vulnerable to OS command injection
2020/09/23 JVN#60093979:
Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
2020/09/17 JVN#31864411:
Multiple access restriction bypass vulnerabilities in UNIQLO App
2020/09/11 JVN#09166495:
Multiple vulnerabilities in Buffalo AirStation WHR-G54S
2020/09/07 JVN#32396594:
Yodobashi App for Android fails to restrict access permissions
2020/08/31 JVNVU#90813748:
Multiple vulnerabilities in Trend Micro Deep Security Manager and Vulnerability Protection
2020/08/31 JVN#06446084:
CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)
2020/08/31 JVN#42665874:
"Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
2020/08/28 JVN#29903998:
Multiple NETGEAR switching hubs vulnerable to cross-site request forgery
2020/08/27 JVN#40725650:
Multiple vulnerabilities in XOOPS module "XooNIps"
2020/08/26 JVN#77402327:
NITORI App fails to restrict access permissions
2020/08/25 JVNVU#98542645:
Multiple vulnerabilities in InterScan Web Security Virtual Appliance (IWSVA)
2020/08/25 JVN#50890770:
Apache Struts 2 vulnerable to denial-of-service (DoS)
2020/08/21 JVN#88315581:
Multiple cross-site scripting vulnerabilities in Exment
2020/08/11 JVN#46258789:
Multiple vulnerabilities in CyberMail
2020/08/06 JVNVU#98423028:
Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries
2020/08/06 JVNVU#94105662:
Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read
2020/08/05 JVNVU#99160193:
Trend Micro anti-rootkit driver improperly validates inputs
2020/08/03 JVN#25422698:[Critical]
SKYSEA Client View vulnerable to privilege escalation
2020/08/03 JVNTA#96129397:
Falsification and eavesdropping of contents across multiple websites via Web Rehosting services
2020/07/31 JVN#73169744:
Multiple vulnerabilities in multiple PHP Factory products
2020/07/31 JVN#84959128:
FANUC i Series CNC vulnerable to denial-of-service (DoS)
2020/07/29 JVN#40400577:
TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow
2020/07/28 JVN#48194211:
Multiple vulnerabilities in KonaWiki2 and KonaWiki3
2020/07/28 JVN#62161191:
JavaFX WebEngine does not properly restrict Java method execution
2020/07/22 JVN#05502028:
WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery
2020/07/09 JVN#55657988:
SHIRASAGI vulnerable to open redirect
2020/07/08 JVN#93167107:
Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object
2020/07/03 JVNVU#95413676:
Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series
2020/06/30 JVNVU#90307594:
Multiple vulnerabilities in Mitsubishi Electoric FA Engineering Software
2020/06/29 JVN#55497111:
Multiple vulnerabilities in Cybozu Garoon
2020/06/24 JVN#40039627:
Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution
2020/06/23 JVNVU#91424496:
Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information
2020/06/18 JVN#77458946:
EC-CUBE vulnerable to directory traversal
2020/06/11 JVN#32252648:
Multiple vulnerabilities in Zenphoto
2020/06/09 JVN#67447798:
Multiple SONY Wireless Headphones allow improper Bluetooth pairing
2020/06/05 JVN#40208370:
XACK DNS vulnerable to denial-of-service (DoS)
2020/05/29 JVN#78745667:
Multiples security updates for multiple Cybozu products
2020/05/25 JVN#59552136:
Cybozu Desktop for Windows vulenerable to arbitrary code execution
2020/05/19 JVN#20248858:
WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection
2020/05/19 JVN#96646182:
Panasonic Video Insight VMS vulnerable to arbitrary code execution
2020/05/13 JVN#41035278:
BookStack vulnerable to cross-site scripting
2020/05/13 JVN#28806943:
Multiple vulnerabilities in Movable Type
2020/05/11 JVN#61849442:
PALLET CONTROL vulnerable to arbitrary code execution
2020/04/28 JVN#47668991:
Sales Force Assistant vulnerable to cross-site scripting
2020/04/27 JVN#35649781:
Multiple vulnerabilities in Cybozu Garoon
2020/04/23 JVN#93064451:
Multiple SHARP Android devices vulnerable to information disclosure
2020/04/20 JVN#13467854:
Toshiba Electronic Devices & Storage software registers unquoted service paths
2020/04/10 JVNVU#99911229:
Installers of Multiple Trend Micro Products may insecurely load Dynamic Link Libraries
2020/04/08 JVN#89224521:
Multiple vulnerabilities in EasyBlocks IPv6
2020/04/07 JVN#56890693:
Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads
2020/04/06 JVNVU#93266623:
Trend Micro Password Manager may insecurely load Dynamic Link Libraries
2020/03/31 JVN#38732359:
Multiple Yamaha network devices vulnerable to denial-of-service (DoS)
2020/03/30 JVNVU#91553662:
Denial-of-service (DoS) vulnerability in Mitsubishi Electric MELSOFT transmission port
2020/03/30 JVNVU#99396686:
A vulnerability in TOYOTA MOTOR's DCU (Display Control Unit)
2020/03/24 JVN#88277644:[Unreachable]
Keijiban Tsumiki vulenrable to OS command injection
2020/03/24 JVN#27951364:[Unreachable]
WL-Enq (WEB Enquete) vulnerable to OS command injection
2020/03/24 JVN#88033799:[Unreachable]
WL-Enq (WEB Enquete) vulnerable to cross-site scripting
2020/03/24 JVN#58176087:[Unreachable]
Cute News vulnerable to PHP code execution
2020/03/24 JVN#29095127:[Unreachable]
CuteNews vulnerable to cross-site scripting
2020/03/24 JVN#63834780:[Unreachable]
Shihonkanri Plus GOOUT vulnerable to OS command injection
2020/03/24 JVN#32415420:[Unreachable]
Multiple vulnerabiliteis in Shihonkanri Plus GOOUT
2020/03/24 JVN#77634892:[Unreachable]
mailform vulnerable to PHP code execution
2020/03/24 JVN#85942151:[Unreachable]
mailform vulnerable to cross-site scripting
2020/03/18 JVNVU#98100897:[Critical]
Multiple vulnerabilities in Trend Micro Worry-Free Business Security
2020/03/18 JVNVU#91632701:[Critical]
Multiple vulnerabilities in Trend Micro Apex One and OfficeScan
2020/03/12 JVNVU#99239584:
Rowhammer attacks for TRR equipped DDR4 memory systems
2020/03/11 JVNVU#92370624:
Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric data collection analyzer MELQIC IU1 series
2020/03/03 JVN#19666251:
Multiple vulnerabilities in OpenBlocks IoT VX2
2020/03/02 JVN#73472345:
GRANDIT vulnerable to session management
2020/02/25 JVN#15697526:
Privilege escalation vulnerability in multiple RICOH printer drivers
2020/02/25 JVN#52962201:
Multiple vulnerabilities in RICOH printers
2020/02/19 JVN#25766797:
Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS
2020/02/19 JVN#49410695:
Multiple vulnerabilities in Aterm WG2600HS
2020/02/18 JVN#89259622:
WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery
2020/02/17 JVNVU#95424547:
Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000
2020/02/14 JVN#35496038:
ilbo App vulnerable to authentication bypass
2020/02/14 JVN#02921757:
Multiple Trend Micro products vulnerable to denial-of-service (DoS)
2020/02/10 JVN#34535327:
HtmlUnit vulenerable to arbitrary code execution
2020/02/06 JVN#94435544:
Movable Type vulnerable to cross-site scripting
2020/02/05 JVN#52486659:
Ghostscript access restriction bypass vulnerability
2020/01/31 JVN#00014057:
AWMS Mobile App vulnerable to improper server certificate verification
2020/01/28 JVN#28845872:
Android App "MyPallete" vulnerable to improper server certificate verification
2020/01/21 JVN#66435380:
Multiple Fuji Xerox mobile applications fails to verify SSL server certificates
2020/01/17 JVN#37183636:
Trend Micro Password Manager vulnerable to information disclosure
2020/01/17 JVN#49593434:
Trend Micro Password Manager vulnerable to information disclosure
2020/01/10 JVN#07375820:
Junos OS vulnerable to directory traversal
2020/01/10 JVN#21753370:
Junos OS vulnerable to cross-site scripting
2020/01/08 JVN#97325754:
F-RevoCRM vulnerable to cross-site scripting

2019

2019/12/20 JVN#10377257:
Multiple vulnerabilities in a-blog cms
2019/12/19 JVN#01236065:
Android App "NTV News24" fails to verify SSL server certificates
2019/12/17 JVN#79854355:
Multiple vulnerabilities in Cybozu Office
2019/12/12 JVN#26847507:
Multiple vulnerabilities in "Custom Body Class"
2019/12/12 JVN#57070811:
Athenz vulnerable to open redirect
2019/12/10 JVN#63047298:
Kinza vulnerable to cross-site scripting
2019/12/02 JVN#49068796:
Multiple MOTEX products vulnerable to privilege escalation
2019/11/26 JVNVU#94282488:
Multiple vulnerabilities in multiple Trend Micro products
2019/11/26 JVN#19386781:
STAMP Workbench installer may insecurely load Dynamic Link Libraries
2019/11/26 JVN#26838191:
WordPress Plugin "WP Spell Check" vulnerable to cross-site request forgery
2019/11/13 JVN#65280626:
Movable Type vulnerable to open redirect
2019/11/11 JVNVU#91935870:
Multiple vulnerabilities in Trend Micro Anti-Threat Toolkit (ATTK)
2019/11/08 JVNVU#91743132:
Multiple Trend Micro products vulnerable to directory traversal
2019/11/07 JVN#41566067:
Rakuma App vulnerable to authentication information disclosure
2019/11/05 JVNVU#90577675:
Trend Micro Apex One vulnerable to command injection
2019/10/29 JVNVU#96213168:
Trend Micro OfficeScan vulnerable to directory traversal
2019/10/28 JVN#45633549:
Library Information Management System LIMEDIO vulnerable to open redirect
2019/10/25 JVNVU#99059651:
Multiple Trend Micro products vulnerable to XML external entity injection (XXE)
2019/10/23 JVN#34634458:
PowerCMS vulnerable to open redirect