Vulnerability Reports

past 12 months20142013201220112010200920082007200620052004

2015

2015/02/27 JVN#63949115:
SEIL Series routers vulnerable to denial-of-service (DoS)
2015/02/27 JVN#77718330:
Vulnerability in the jBCrypt key stretching process
2015/02/27 JVN#88862608:
Joyful Note vulnerability in handling files
2015/02/27 JVN#62298871:
KENT-WEB Clip Board vulnerability where arbitary files may be deleted
2015/02/27 JVN#34790526:
checkpw vulnerable to denial-of-service (DoS)
2015/02/25 JVN#30135729:
SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution
2015/02/25 JVN#44544694:
Zen Cart Japanese version vulnerable to cross-site scripting
2015/02/24 JVN#42768331:
Speed Software Root Explorer and Explorer vulnerable to directory traversal
2015/02/20 JVN#93318392:
AL-Mail32 vulnerable to buffer overflow
2015/02/20 JVN#55365709:
AL-Mail32 vulnerable to denial-of-service (DoS)
2015/02/20 JVN#77294617:
AL-Mail32 vulnerable to directory traversal
2015/02/20 JVN#64455813:
Squid vulnerable to HTTP header injection
2015/02/17 JVN#73261710:
C-BOARD Moyuku vulnerable to arbitrary file creation
2015/02/17 JVN#18387086:
Saurus CMS Community Edition vulnerable to cross-site scripting
2015/02/13 JVN#48659722:
Smartphone Passbook for Android information management vulnerability
2015/02/13 JVN#14522790:
Smartphone Passbook fails to verify SSL server certificates
2015/02/10 JVN#96155055:
PerlTreeBBS vulnerable to cross-site scripting
2015/02/05 JVN#17480391:
shiromuku(u1)GUESTBOOK vulnerable to cross-site scripting
2015/01/30 JVN#13566542:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2015/01/30 JVN#33735535:
Fumy News Clipper vulnerable to cross-site scripting
2015/01/29 JVN#88252465:
Arbitrary files may be overwritten in multiple VMware products
2015/01/27 JVN#32631078:
Multiple ASUS wireless LAN routers vulnerable to cross-site request forgery
2015/01/27 JVN#77792759:
Multiple ASUS wireless LAN routers vulnerable to OS command injection
2015/01/26 JVN#27142693:
NP-BBRM vulnerable in UPnP functionality
2015/01/23 JVN#94502417:
shiromuku(bu2)BBS vulnerable to arbitrary file creation
2015/01/19 JVN#88559134:
SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal

2014

2014/12/18 JVN#76515134:
WBS Gantt-Chart for JIRA vulnerable to cross-site scripting
2014/12/18 JVN#09289074:
WBS Gantt-Chart for JIRA vulnerable to cross-site scripting
2014/12/18 JVN#97384696:
TSUTAYA App for Android vulnerable to arbitrary Java method execution
2014/12/18 JVN#22440986:
Multiple Allied Telesis products vulnerable to buffer overflow
2014/12/12 JVN#61181790:
LinPHA vulnerable to cross-site scripting
2014/12/10 JVN#13160869:
Chyrp vulnerable to cross-site scripting
2014/12/09 JVN#87910097:
i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#98097877:
"Omake BBS" of i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#89613370:
i-HTTPD vulnerable to cross-site scripting
2014/12/09 JVN#16406395:
"File Upload BBS" of i-HTTPD vulnerable to remote command execution
2014/12/04 JVN#24909891:
Kaku-San-Sei Million Arthur for Android information management vulnerability
2014/12/04 JVN#12798709:
KENT-WEB Clip Board vulnerable to cross-site scripting
2014/12/03 JVN#70490316:
DBD::PgPP vulnerable to SQL injection
2014/12/02 JVN#71762315:
LG Electronics mobile access routers lack access restrictions
2014/12/02 JVN#61593104:
ARROWS Me F-11D vulnerability where arbitrary areas may be accessed
2014/12/02 JVN#06302787:
OS command injection vulnerability in multiple FUJITSU Android devices
2014/12/02 JVN#67792023:
Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors
2014/12/01 JVN#04895240:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/12/01 JVN#21907573:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/11/28 JVN#54775800:
FAST/TOOLS vulnerable to improper restriction of XML external entity references
2014/11/21 JVN#07930208:
BSD Operating Systems vulnerable to denial-of-service (DoS)
2014/11/14 JVN#89852154:
iLogScanner vulnerable to cross-site scripting
2014/11/14 JVN#52422792:
Direct Web Remoting (DWR) vulnerable to cross-site scripting
2014/11/14 JVN#91502163:
Direct Web Remoting (DWR) vulnerable to XML external entity injection
2014/11/13 JVN#16318793:[Critical]
Ichitaro series vulnerable to arbitrary code execution
2014/11/11 JVN#14691234:
Multiple Cybozu products vulnerable to buffer overflow
2014/11/10 JVN#65559247:
OpenAM vulnerable to denial-of-service (DoS)
2014/10/28 JVN#55667175:
QNAP QTS vulnerable to OS command injection
2014/10/23 JVN#27388160:
SumaHo for Android fails to verify SSL/TLS server certificates
2014/10/16 JVN#23809730:
GIGAPOD vulnerable to denial-of-service (DoS)
2014/10/16 JVN#66285408:
Aflax vulnerable to cross-site scripting
2014/10/16 JVN#87373393:
BirdBlog vulnerable to cross-site scripting
2014/10/10 JVN#58417930:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/10/10 JVN#63587560:
Huawei E5332 vulnerable to denial-of-service (DoS)
2014/09/25 JVN#48270605:
Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates
2014/09/25 JVN#80531230:
jigbrowser+ for iOS same origin policy bypass
2014/09/25 JVN#16485017:
SLFileManager for Android vulnerable to directory traversal
2014/09/25 JVN#87863382:
N-Media file uploader vulnerability in handling uploaded files
2014/09/25 JVN#45442753:
Safari issue in handling application cache
2014/09/22 JVN#04560253:
Yuko Yuko App for Android fails to verify SSL server certificates
2014/09/19 JVN#61637002:
Dotclear vulnerable to cross-site scripting
2014/09/19 JVN#08994136:
Bump for Android vulnerable in handling of implicit intents
2014/09/17 JVN#36205251:
365 Links series vulnerable to cross-site scripting
2014/09/12 JVN#84376800:
Help Page in multiple Adobe products vulnerable to cross-site scripting
2014/09/09 JVN#73357573:
Movable Type vulnerable to cross-site scripting
2014/09/04 JVN#49672671:
WisePoint vulnerable to session fixation
2014/09/04 JVN#50367052:
EmFTP may insecurely load executable files
2014/08/29 JVN#17637243:
Kindle App for Android fails to verify SSL server certificates
2014/08/26 JVN#94409737:
MailPoet Newsletters vulnerable to cross-site request forgery
2014/08/19 JVN#20812625:
Advance-Flow vulnerable to SQL injection
2014/08/18 JVN#27531188:
Cakifo vulnerable to cross-site scripting
2014/08/15 JVN#04455183:
Shutter vulnerable to cross-site scripting
2014/08/15 JVN#48039501:
Shutter vulnerable to SQL injection
2014/08/14 JVN#27702217:
Ameba for Android contains an issue where it fails to verify SSL server certificates
2014/08/12 JVN#07957080:
Dominion KX2-101 vulnerable to denial-of-service (DoS)
2014/08/08 JVN#87962145:
Piwigo vulnerable to SQL injection
2014/08/08 JVN#09717399:
Piwigo vulnerable to cross-site scripting
2014/08/08 JVN#80310172:
Piwigo vulnerable to cross-site scripting
2014/08/06 JVN#32726697:
GOM Player vulnerable to denial-of-service (DoS)
2014/08/01 JVN#22534185:
ServerView Operations Manager vulnerable to cross-site scripting
2014/07/30 JVN#72950786:
Outlook.com for Android contains an issue where it fails to verify SSL server certificates
2014/07/29 JVN#94592501:
Multiple I-O DATA IP Cameras vulnerable to authentication bypass
2014/07/29 JVN#42511610:
acmailer contains a cross-site request forgery vulnerability
2014/07/29 JVN#85748534:
PerlMailer vulnerable to cross-site scripting
2014/07/25 JVN#30281958:
Arbitrary program execution vulnerability in TrendLink ActiveX control
2014/07/18 JVN#94791545:
FuelPHP vulnerable to remote code execution
2014/07/18 JVN#84335912:
File Explorer vulnerable to directory traversal
2014/07/18 JVN#36028879:
Meridian vulnerable to cross-site scripting
2014/07/16 JVN#41028866:
Multifunctional MailForm Free vulnerable to cross-site scripting
2014/07/15 JVN#19118282:
Seasar S2Struts vulnerable to ClassLoader manipulation
2014/07/15 JVN#94838679:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#75990997:
Cybozu Garoon vulnerable to access restriction bypass
2014/07/15 JVN#80583739:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#97558950:
Cybozu Garoon vulnerable to cross-site scritping
2014/07/15 JVN#31082531:
Cybozu Garoon 3 API access restriction bypass vulnerability
2014/07/15 JVN#42024228:
Cybozu Garoon CGI vulnerable to remote command execution
2014/07/08 JVN#35376006:
Becky! Internet Mail vulnerable to buffer overflow
2014/07/02 JVN#35998716:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/07/02 JVN#85571806:
SX-2000WG vulnerable to denial-of-service (DoS)
2014/06/25 JVN#36259412:
Web Kyukincho vulnerable to cross-site request forgery
2014/06/25 JVN#80006084:
Web Kyukincho vulnerable to cross-site scripting
2014/06/24 JVN#63940326:
Sophos Disk Encryption vulnerable to authentication bypass
2014/06/24 JVN#05329568:
Login rebuilder vulnerable to cross-site request forgery
2014/06/20 JVN#02213197:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#49974594:
Webmin vulnerable to cross-site scripting
2014/06/20 JVN#92737498:
Usermin vulnerable to cross-site scripting
2014/06/20 JVN#48805624:
Usermin vulnerable to OS command injection
2014/06/18 JVN#10603428:
JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates
2014/06/17 JVN#30962312:
TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
2014/06/17 JVN#07677464:
050 plus for Android information management vulnerability
2014/06/13 JVN#10724763:
SEIL Series routers vulnerable to denial-of-service (DoS)
2014/06/13 JVN#49154900:
Spring Framework vulnerable to directory traversal
2014/06/11 JVN#58029817:
C-BOARD Moyuku vulnerable to cross-site scripting
2014/06/11 JVN#50129191:
JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution
2014/06/06 JVN#61247051:
OpenSSL improper handling of Change Cipher Spec message
2014/06/04 JVN#54650130:
SOY CMS vulnerable to cross-site scripting
2014/06/04 JVN#78136804:
CN8000 vulnerable to denial-of-service (DoS)
2014/05/08 JVN#68340046:
intra-mart vulnerable to open redirect
2014/04/30 JVN#31230946:
Cybozu Garoon API access restriction bypass vulnerability
2014/04/30 JVN#90519014:
Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS)
2014/04/25 JVN#19294237:
Apache Struts vulnerable to ClassLoader manipulation
2014/04/18 JVN#13313061:
TOSHIBA TEC e-Studio series vulnerable to cross-site request forgery
2014/04/18 JVN#00058727:
Cybozu Remote Service Manager vulnerable to session fixation
2014/04/18 JVN#10319260:
Cybozu Remote Service Manager vulnerable to denial-of-service (DoS)
2014/04/18 JVN#22670349:
AndExplorer vulnerable to directory traversal
2014/04/16 JVN#93004610:
Redmine vulnerable to open redirect
2014/04/14 JVN#55438786:
Content Provider in CamiApp for Android fails to restrict access permissions
2014/04/11 JVN#47386847:
SD Card Manager vulnerable to directory traversal
2014/03/20 JVN#70029459:
ES File Explorer vulnerable to directory traversal
2014/03/20 JVN#14282890:
Silex vulnerable to cross-site scripting
2014/03/18 JVN#89260331:
sp mode mail vulnerability where Java methods may be executed
2014/03/18 JVN#05951929:
sp mode mail issue where emails in the process of creation may be accessed
2014/03/18 JVN#81739241:
sp mode mail issue when accessing attachments in incoming mail
2014/03/17 JVN#16263849:
Demaecan for Android. contains an issue where it fails to verify SSL server certificates
2014/03/17 JVN#38227002:
Unzipper vulnerable to directory traversal