Vulnerability Reports

past 12 months20142013201220112010200920082007200620052004

2015

2015/04/14 JVN#56297719:
JBoss RichFaces vulnerable to remote Java code execution
2015/04/10 JVN#91383083:
Seasar S2Struts vulnerable to input validation bypass
2015/04/09 JVN#12329472:
Lhaplus vulnerable to remote code execution
2015/04/09 JVN#02527990:
Lhaplus vulnerable to directory traversal
2015/04/07 JVN#71903938:
bBlog vulnerable to cross-site request forgery
2015/04/03 JVN#68819526:
"Restaurant Karaoke SHIDAX" App for Android fails to verify SSL server certificates
2015/04/02 JVN#58784309:
Maruo Editor vulnerable to buffer overflow
2015/03/31 JVN#75615300:
All in One SEO Pack information management vulnerability
2015/03/27 JVN#81094176:
Android OS may behave as an open resolver
2015/03/26 JVN#97281747:
WordPress theme flashy vulnerable to cross-site scripting
2015/03/26 JVN#74547976:
Fumy Teacher's Schedule Board vulnerable to cross-site scripting
2015/03/24 JVN#86448949:
The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass
2015/03/20 JVN#41281927:
LINE vulnerable to script injection
2015/03/20 JVN#39175666:
MP Form Mail CGI eCommerce edition vulnerable to code injection
2015/03/17 JVN#97099798:
eXtplorer vulnerable to cross-site scripting
2015/03/06 JVN#87204433:
All In One WP Security & Firewall vulnerable to cross-site request forgery
2015/03/06 JVN#30832515:
All In One WP Security & Firewall vulnerable to SQL injection
2015/03/04 JVN#91016415:
Maroyaka Relay Novel vulnerable to cross-site scripting
2015/03/04 JVN#09871547:
Maroyaka Image Album vulnerable to cross-site scripting
2015/03/04 JVN#63687798:
Maroyaka Simple Board vulnerable to cross-site scripting
2015/03/03 JVN#55063777:
Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass
2015/03/03 JVN#93727681:
BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass
2015/02/27 JVN#63949115:
SEIL Series routers vulnerable to denial-of-service (DoS)
2015/02/27 JVN#77718330:
Vulnerability in the jBCrypt key stretching process
2015/02/27 JVN#88862608:
Joyful Note vulnerability in handling files
2015/02/27 JVN#62298871:
KENT-WEB Clip Board vulnerability where arbitary files may be deleted
2015/02/27 JVN#34790526:
checkpw vulnerable to denial-of-service (DoS)
2015/02/25 JVN#30135729:
SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution
2015/02/25 JVN#44544694:
Zen Cart Japanese version vulnerable to cross-site scripting
2015/02/24 JVN#42768331:
Speed Software Root Explorer and Explorer vulnerable to directory traversal
2015/02/20 JVN#93318392:
AL-Mail32 vulnerable to buffer overflow
2015/02/20 JVN#55365709:
AL-Mail32 vulnerable to denial-of-service (DoS)
2015/02/20 JVN#77294617:
AL-Mail32 vulnerable to directory traversal
2015/02/20 JVN#64455813:
Squid input validation vulnerability
2015/02/17 JVN#73261710:
C-BOARD Moyuku vulnerable to arbitrary file creation
2015/02/17 JVN#18387086:
Saurus CMS Community Edition vulnerable to cross-site scripting
2015/02/13 JVN#48659722:
Smartphone Passbook for Android information management vulnerability
2015/02/13 JVN#14522790:
Smartphone Passbook fails to verify SSL server certificates
2015/02/10 JVN#96155055:
PerlTreeBBS vulnerable to cross-site scripting
2015/02/05 JVN#17480391:
shiromuku(u1)GUESTBOOK vulnerable to cross-site scripting
2015/01/30 JVN#13566542:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2015/01/30 JVN#33735535:
Fumy News Clipper vulnerable to cross-site scripting
2015/01/29 JVN#88252465:
Arbitrary files may be overwritten in multiple VMware products
2015/01/27 JVN#32631078:
Multiple ASUS wireless LAN routers vulnerable to cross-site request forgery
2015/01/27 JVN#77792759:
Multiple ASUS wireless LAN routers vulnerable to OS command injection
2015/01/26 JVN#27142693:
NP-BBRM vulnerable in UPnP functionality
2015/01/23 JVN#94502417:
shiromuku(bu2)BBS vulnerable to arbitrary file creation
2015/01/19 JVN#88559134:
SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal

2014

2014/12/18 JVN#76515134:
WBS Gantt-Chart for JIRA vulnerable to cross-site scripting
2014/12/18 JVN#09289074:
WBS Gantt-Chart for JIRA vulnerable to cross-site scripting
2014/12/18 JVN#97384696:
TSUTAYA App for Android vulnerable to arbitrary Java method execution
2014/12/18 JVN#22440986:
Multiple Allied Telesis products vulnerable to buffer overflow
2014/12/12 JVN#61181790:
LinPHA vulnerable to cross-site scripting
2014/12/10 JVN#13160869:
Chyrp vulnerable to cross-site scripting
2014/12/09 JVN#87910097:
i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#98097877:
"Omake BBS" of i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#89613370:
i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#16406395:
"File Upload BBS" of i-HTTPD vulnerable to remote command execution
2014/12/04 JVN#24909891:
Kaku-San-Sei Million Arthur for Android information management vulnerability
2014/12/04 JVN#12798709:
KENT-WEB Clip Board vulnerable to cross-site scripting
2014/12/03 JVN#70490316:
DBD::PgPP vulnerable to SQL injection
2014/12/02 JVN#71762315:
LG Electronics mobile access routers lack access restrictions
2014/12/02 JVN#61593104:
ARROWS Me F-11D vulnerability where arbitrary areas may be accessed
2014/12/02 JVN#06302787:
OS command injection vulnerability in multiple FUJITSU Android devices
2014/12/02 JVN#67792023:
Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors
2014/12/01 JVN#04895240:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/12/01 JVN#21907573:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/11/28 JVN#54775800:
FAST/TOOLS vulnerable to improper restriction of XML external entity references
2014/11/21 JVN#07930208:
BSD Operating Systems vulnerable to denial-of-service (DoS)
2014/11/14 JVN#89852154:
iLogScanner vulnerable to cross-site scripting
2014/11/14 JVN#52422792:
Direct Web Remoting (DWR) vulnerable to cross-site scripting
2014/11/14 JVN#91502163:
Direct Web Remoting (DWR) vulnerable to XML external entity injection
2014/11/13 JVN#16318793:[Critical]
Ichitaro series vulnerable to arbitrary code execution
2014/11/11 JVN#14691234:
Multiple Cybozu products vulnerable to buffer overflow
2014/11/10 JVN#65559247:
OpenAM vulnerable to denial-of-service (DoS)
2014/10/28 JVN#55667175:
QNAP QTS vulnerable to OS command injection
2014/10/23 JVN#27388160:
SumaHo for Android fails to verify SSL/TLS server certificates
2014/10/16 JVN#23809730:
GIGAPOD vulnerable to denial-of-service (DoS)
2014/10/16 JVN#66285408:
Aflax vulnerable to cross-site scripting
2014/10/16 JVN#87373393:
BirdBlog vulnerable to cross-site scripting
2014/10/10 JVN#58417930:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/10/10 JVN#63587560:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/09/25 JVN#48270605:
Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates
2014/09/25 JVN#80531230:
jigbrowser+ for iOS same origin policy bypass
2014/09/25 JVN#16485017:
SLFileManager for Android vulnerable to directory traversal
2014/09/25 JVN#87863382:
N-Media file uploader vulnerability in handling uploaded files
2014/09/25 JVN#45442753:
Safari issue in handling application cache
2014/09/22 JVN#04560253:
Yuko Yuko App for Android fails to verify SSL server certificates
2014/09/19 JVN#61637002:
Dotclear vulnerable to cross-site scripting
2014/09/19 JVN#08994136:
Bump for Android vulnerable in handling of implicit intents
2014/09/17 JVN#36205251:
365 Links series vulnerable to cross-site scripting
2014/09/12 JVN#84376800:
Help Page in multiple Adobe products vulnerable to cross-site scripting
2014/09/09 JVN#73357573:
Movable Type vulnerable to cross-site scripting
2014/09/04 JVN#49672671:
WisePoint vulnerable to session fixation
2014/09/04 JVN#50367052:
EmFTP may insecurely load executable files
2014/08/29 JVN#17637243:
Kindle App for Android fails to verify SSL server certificates
2014/08/26 JVN#94409737:
MailPoet Newsletters vulnerable to cross-site request forgery
2014/08/19 JVN#20812625:
Advance-Flow vulnerable to SQL injection
2014/08/18 JVN#27531188:
Cakifo vulnerable to cross-site scripting
2014/08/15 JVN#04455183:
Shutter vulnerable to cross-site scripting
2014/08/15 JVN#48039501:
Shutter vulnerable to SQL injection
2014/08/14 JVN#27702217:
Ameba for Android contains an issue where it fails to verify SSL server certificates
2014/08/12 JVN#07957080:
Dominion KX2-101 vulnerable to denial-of-service (DoS)
2014/08/08 JVN#87962145:
Piwigo vulnerable to SQL injection
2014/08/08 JVN#09717399:
Piwigo vulnerable to cross-site scripting
2014/08/08 JVN#80310172:
Piwigo vulnerable to cross-site scripting
2014/08/06 JVN#32726697:
GOM Player vulnerable to denial-of-service (DoS)
2014/08/01 JVN#22534185:
ServerView Operations Manager vulnerable to cross-site scripting
2014/07/30 JVN#72950786:
Outlook.com for Android contains an issue where it fails to verify SSL server certificates
2014/07/29 JVN#94592501:
Multiple I-O DATA IP Cameras vulnerable to authentication bypass
2014/07/29 JVN#42511610:
acmailer contains a cross-site request forgery vulnerability
2014/07/29 JVN#85748534:
PerlMailer vulnerable to cross-site scripting
2014/07/25 JVN#30281958:
Arbitrary program execution vulnerability in TrendLink ActiveX control
2014/07/18 JVN#94791545:
FuelPHP vulnerable to remote code execution
2014/07/18 JVN#84335912:
File Explorer vulnerable to directory traversal
2014/07/18 JVN#36028879:
Meridian vulnerable to cross-site scripting
2014/07/16 JVN#41028866:
Multifunctional MailForm Free vulnerable to cross-site scripting
2014/07/15 JVN#19118282:
Seasar S2Struts vulnerable to ClassLoader manipulation
2014/07/15 JVN#94838679:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#75990997:
Cybozu Garoon vulnerable to access restriction bypass
2014/07/15 JVN#80583739:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#97558950:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#31082531:
Cybozu Garoon 3 API access restriction bypass vulnerability
2014/07/15 JVN#42024228:
Cybozu Garoon CGI vulnerable to remote command execution
2014/07/08 JVN#35376006:
Becky! Internet Mail vulnerable to buffer overflow
2014/07/02 JVN#35998716:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/07/02 JVN#85571806:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/06/25 JVN#36259412:
Web Kyukincho vulnerable to cross-site request forgery
2014/06/25 JVN#80006084:
Web Kyukincho vulnerable to cross-site scripting
2014/06/24 JVN#63940326:
Sophos Disk Encryption vulnerable to authentication bypass
2014/06/24 JVN#05329568:
Login rebuilder vulnerable to cross-site request forgery
2014/06/20 JVN#02213197:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#49974594:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#92737498:
Usermin vulnerable to cross-site scripting
2014/06/20 JVN#48805624:
Usermin vulnerable to OS command injection
2014/06/18 JVN#10603428:
JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates
2014/06/17 JVN#30962312:
TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
2014/06/17 JVN#07677464:
050 plus for Android information management vulnerability
2014/06/13 JVN#10724763:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/06/13 JVN#49154900:
Spring Framework vulnerable to directory traversal
2014/06/11 JVN#58029817:
C-BOARD Moyuku vulnerable to cross-site scripting
2014/06/11 JVN#50129191:
JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution
2014/06/06 JVN#61247051:
OpenSSL improper handling of Change Cipher Spec message
2014/06/04 JVN#54650130:
SOY CMS vulnerable to cross-site scripting
2014/06/04 JVN#78136804:
CN8000 vulnerable to denial-of-service (DoS)
2014/05/08 JVN#68340046:
intra-mart vulnerable to open redirect
2014/04/30 JVN#31230946:
Cybozu Garoon API access restriction bypass vulnerability
2014/04/30 JVN#90519014:
Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS)
2014/04/25 JVN#19294237:
Apache Struts vulnerable to ClassLoader manipulation
2014/04/18 JVN#13313061:
TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery
2014/04/18 JVN#00058727:
Cybozu Remote Service Manager vulnerable to session fixation
2014/04/18 JVN#10319260:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2014/04/18 JVN#22670349:
AndExplorer vulnerable to directory traversal
2014/04/16 JVN#93004610:
Redmine vulnerable to open redirect
2014/04/14 JVN#55438786:
Content Provider in CamiApp for Android fails to restrict access permissions