Vulnerability Reports

past 12 months ｜2022 ｜2021 ｜2020 ｜2019 ｜2018 ｜2017 ｜2016 ｜2015 ｜2014 ｜2013 ｜2012 ｜2011 ｜2010 ｜2009

2023

2023/03/17 JVN#62420378:: TP-Link T2600G-28SQ uses vulnerable SSH host keys

2023/03/17 JVNVU#96198617:: Multiple vulnerabilities in Contec CONPROSYS IoT Gateway products

2023/03/13 JVN#64453490:: Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service

2023/03/08 JVN#82424996:: Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config

2023/03/07 JVNVU#96824262:: Multiple vulnerabilities in Buffalo network devices

2023/03/06 JVN#19872280:: Multiple vulnerabilities in PostgreSQL extension module pg_ivm

2023/03/03 JVNVU#94966432:: Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

2023/03/02 JVNVU#96890975:: Multiple vulnerabilities in Edgecross Basic Software for Windows

2023/03/01 JVNVU#96882769:: Multiple vulnerabilities in Trend Micro Maximum Security

2023/03/01 JVNVU#96221942:: Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2023/03/01 JVN#57224029:: Multiple vulnerabilities in SS1 and Rakuraku PC Cloud

2023/02/28 JVN#04785663:: Multiple cross-site scripting vulnerabilities in EC-CUBE

2023/02/28 JVN#78253670:: web2py development tool vulnerable to open redirect

2023/02/27 JVNTA#96606604:: Security Problem in Web Browser Permission Mechanism

2023/02/22 JVN#18765463:: Multiple cross-site scripting vulnerabilities in SHIRASAGI

2023/02/17 JVNVU#91848962:: Multiple vulnerabilities in Trend Micro Worry-Free Business Security and Worry-Free Business Security Services

2023/02/14 JVN#00712821:: Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools

2023/02/14 JVN#60263237:: The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries

2023/02/13 JVN#98612206:: Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G

2023/02/10 JVN#60320736:: NEC PC Settings Tool vulnerable to missing authentication for critical function

2023/02/10 JVNVU#99551468:: Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers

2023/02/06 JVN#11257333:: Ichiran App vulnerable to improper server certificate verification

2023/02/03 JVNVU#98917488:: Multiple vulnerabilities in JTEKT ELECTRONICS Screen Creator Advance 2

2023/01/31 JVN#22830348:: Vulnerability in Driver Distributor where passwords are stored in a recoverable format

2023/01/31 JVN#84642320:: SUSHIRO App for Android outputs sensitive information to the log file

2023/01/24 JVNVU#94200979:: Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Motion Pro

2023/01/24 JVN#01398015:: pgAdmin 4 vulnerable to directory traversal

2023/01/24 JVN#05288621:: EasyMail vulnerable to cross-site scripting

2023/01/23 JVN#72418815:: Pgpool-II vulnerable to information disclosure

2023/01/23 JVNVU#97195023:: Contec CONPROSYS HMI System (CHS) vulnerable to multiple SQL injections

2023/01/17 JVN#31073333:: WordPress plugin "Welcart e-Commerce" vulnerable to directory traversal

2023/01/12 JVN#57296685:: Multiple vulnerabilities in PIXELA PIX-RT100

2023/01/11 JVN#99957889:: Multiple vulnerabilities in MAHO-PBX NetDevancer series

2023/01/11 JVNVU#93704047:: Multiple vulnerabilities in EXPRESSCLUSTER X

2023/01/11 JVNVU#91744508:: Access of uninitialized pointer vulnerability in OMRON CX-Motion-MCH

2023/01/11 JVNVU#97575890:: Active debug code vulnerability in OMRON CP1L-EL20DR-D

2023/01/11 JVN#03832974:: pgAdmin 4 vulnerable to open redirect

2023/01/11 JVN#78481846:: TP-Link SG105PE vulnerable to authentication bypass

2023/01/10 JVNVU#91740661:: OpenAM Web Policy Agent (OpenAM Consortium Edition) vulnerable to path traversal

2023/01/06 JVN#55675303:: Digital Arts m-FILTER vulnerable to improper authentication

2023/01/05 JVN#16765254:: Multiple code injection vulnerabilities in ruby-git

2022

2022/12/28 JVNVU#90679513:: Multiple vulnerabilities in Fuji Electric V-SFT and TELLUS

2022/12/28 JVNVU#92811888:: Multiple vulnerabilities in Fuji Electric V-Server

2022/12/23 JVNVU#96679793:: Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2022/12/21 JVN#29902403:: Installers generated by Squirrel.Windows may insecurely load Dynamic Link Libraries

2022/12/21 JVN#43561812:: +Message App improper handling of Unicode control characters

2022/12/19 JVNVU#92689335:: Use-after-free vulnerability in Omron CX-Drive

2022/12/19 JVN#06093462:: Zenphoto vulnerable to cross-site scripting

2022/12/19 JVN#13075438:: Corel Roxio Creator LJB starts a program with an unquoted file path

2022/12/15 JVNVU#96195138:: Command injection vulnerability in SHARP Multifunctional Products (MFP)

2022/12/15 JVN#96321933:: Multiple vulnerabilities in DENSHI NYUSATSU CORE SYSTEM

2022/12/14 JVNVU#96873821:: Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)

2022/12/13 JVN#60211811:: Redmine vulnerable to cross-site scripting

2022/12/09 JVNVU#97099584:: Multiple vulnerabilities in Buffalo network devices

2022/12/05 JVNVU#93526386:: Contec SolarView Compact vulnerable to cross-site scripting

2022/12/01 JVNVU#94514762:: Multiple vulnerabilities in UNIMO Technology digital video recorders

2022/11/25 JVNVU#92877622:: Multiple vulnerabilities in OMRON CX-Programmer

2022/11/25 JVN#87895771:: Cybozu Remote Service vulnerable to Uncontrolled Resource Consumption

2022/11/25 JVN#53682526:: Multiple cross-site scripting vulnerabilities in baserCMS

2022/11/24 JVN#29657972:: TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input

2022/11/21 JVN#26044739:: Typora fails to properly neutralize JavaScript code

2022/11/18 JVN#13927745:: WordPress Plugin "WordPress Popular Posts" accepts untrusted external inputs to update certain internal variables

2022/11/18 JVNVU#90082799:: Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2022/11/16 JVN#24659622:: RICOH Aficio SP 4210N vulnerable to cross-site scripting

2022/11/16 JVN#37014768:: Multiple vulnerabilities in Movable Type

2022/11/15 JVNVU#98082029:: Realtek chip deadlock vulnerability (CVE-2022-34326) in Mitsubishi Electric consumer electronics products

2022/11/14 JVN#54728399:: TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation

2022/11/14 JVNVU#97968855:: Multiple vulnerabilities in Hitachi Kokusai Network products for monitoring system(Camera, Encoder, Decoder)

2022/11/10 JVN#75437943:: Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure

2022/11/08 JVN#59663854:: WordPress Plugin "Salon booking system" vulnerable to cross-site scripting

2022/11/08 JVN#09409909:: Multiple vulnerabilities in WordPress

2022/11/01 JVN#46345126:: Multiple vulnerabilities in the web interfaces of Kyocera Document Solutions MFPs and printers

2022/10/28 JVN#74285622:: Multiple vulnerabilities in FUJI SOFT network devices

2022/10/25 JVN#86350682:: Multiple vulnerabilities in SHIRASAGI

2022/10/20 JVN#56968681:: Multiple vulnerabilities in nadesiko3

2022/10/19 JVNVU#97131578:: Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2022/10/19 JVN#10921428:: Lemon8 App fails to restrict access permissions

2022/10/18 JVNVU#99955870:: Stack-based buffer overflow vulnerability in Yokogawa Test & Measurement WTViewerE

2022/10/14 JVN#74534998:: Android App "IIJ SmartKey" vulnerable to information disclosure

2022/10/12 JVNVU#93424017:: Multiple vulnerabilities in SVMPC1 and SVMPC2

2022/10/11 JVN#74592196:[Critical]: bingo!CMS vulnerable to authentication bypass

2022/10/11 JVN#40620121:: The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries

2022/10/07 JVNVU#99960963:: Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows

2022/10/07 JVN#00845253:: Growi vulnerable to improper access control

2022/10/06 JVN#15411362:: IPFire WebUI vulnerable to cross-site scripting

2022/10/04 JVNVU#92805279:: Multiple vulnerabilities in Buffalo network devices

2022/09/30 JVN#78862034:: BookStack vulnerable to cross-site scripting

2022/09/15 JVN#21213852:: Multiple vulnerabilities in EC-CUBE

2022/09/15 JVN#30900552:: EC-CUBE plugin "Product Image Bulk Upload Plugin" vulnerable to insufficient verification in uploading files

2022/09/15 JVNVU#99326969:: OpenAM (OpenAM Consortium Edition) vulnerable to open redirect

2022/09/14 JVN#36454862:[Critical]: Multiple vulnerabilities in Trend Micro Apex One and Trend Micro Apex One as a Service

2022/09/09 JVN#48120704:: Movable Type plugin A-Form vulnerable to cross-site scripting

2022/09/05 JVN#34205166:: SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure

2022/09/02 JVN#76024879:: PowerCMS XMLRPC API vulnerable to command injection

2022/09/01 JVNVU#98305100:: Multiple vulnerabilities in Contec FLEXLAN FX3000 and FX2000 series

2022/08/31 JVNVU#90766406:: Multiple vulnerabilities in PLANEX Network camera products

2022/08/29 JVN#44721267:: Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries

2022/08/29 JVN#45473612:: Multiple vulnerabilities in CentreCOM AR260S V2

2022/08/24 JVN#57728859:: Movable Type XMLRPC API vulnerable to command injection

2022/08/24 JVN#46239102:: Multiple vulnerabilities in Exment

2022/08/23 JVNVU#96002401:: Multiple vulnerabilities in PukiWiki

2022/08/23 JVN#43979089:: PukiWiki vulnerable to cross-site scripting

2022/08/22 JVNVU#90821877:: UNIMO Technology digital video recorders vulnerable to missing authentication for critical functions

2022/08/22 JVNVU#98291763:: PLANEX MZK-DP150N contains hidden administrative functionality

2022/08/17 JVNVU#93109244:: Multiple vulnerabilities in Trend Micro Security

2022/08/17 JVNVU#96643038:: Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation

2022/08/04 JVN#42883072:: Kaitai Struct: compiler vulnerable to denial-of-service (DoS)

2022/07/29 JVN#17625382:: Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001

2022/07/28 JVN#57073973:: "JustSystems JUST Online Update for J-License" starts a program with an unquoted file path

2022/07/27 JVNVU#93696585:: CONTEC SolarView Compact vulnerable to insufficient verification in uploading files

2022/07/27 JVN#81563390:: "Hulu / フールー" App for iOS vulnerable to improper server certificate verification

2022/07/27 JVN#40907489:: "Hulu / フールー" App for Android uses a hard-coded API key for an external service

2022/07/25 JVN#77850327:: WordPress Plugin "Newsletter" vulnerable to cross-site scripting

2022/07/25 JVN#30454777:: Multiple vulnerabilities in untangle

2022/07/22 JVN#75063798:: Booked vulnerable to open redirect

2022/07/20 JVN#20573662:: Multiple vulnerabilities in Cybozu Office

2022/07/12 JVN#12610194:: Django Extract and Trunc functions vulnerable to SQL injection

2022/07/12 JVNVU#97846460:: U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow

2022/07/08 JVN#23766146:: Passage Drive vulnerable to insufficient data verification

2022/07/04 JVN#14077132:: Multiple vulnerabilities in Cybozu Garoon

2022/07/04 JVN#32625020:: LiteCart vulnerable to cross-site scripting

2022/07/01 JVNVU#97050784:: Multiple vulnerabilities in OMRON products

2022/06/29 JVN#41017328:: HOME SPOT CUBE2 vulnerable to OS command injection

2022/06/24 JVN#51464799:: L2Blocker Sensor setup screen vulnerable to authentication bypass

2022/06/23 JVN#02158640:: web2py vulnerable to open redirect

2022/06/17 JVN#93667442:: Gitlab vulnerable to server-side request forgery

2022/06/15 JVN#20930118:: FreeBSD vulnerable to denial-of-service (DoS)

2022/06/14 JVN#94363766:: Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting

2022/06/14 JVNVU#96438711:: Growi vulnerable to weak password requirements

2022/06/09 JVN#32962443:: SHIRASAGI vulnerable to cross-site scripting

2022/06/02 JVNVU#90675050:: Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

2022/06/01 JVN#28659051:: T&D Data Server and THERMO RECORDER DATA SERVER vulnerable to directory traversal

2022/06/01 JVN#04155116:: WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting

2022/05/27 JVN#27256219:: RevoWorks incomplete filtering of MS Office v4 macros

2022/05/27 JVN#13878856:: Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification

2022/05/26 JVNVU#93134398:: Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite

2022/05/26 JVNVU#99188133:: Multiple vulnerabilities in Fuji Electric V-SFT

2022/05/26 JVNVU#92327282:: Multiple vulnerabilities in CONTEC SolarView Compact

2022/05/24 JVN#15241647:: WordPress plugin "WP Statistics" vulnerable to cross-site scripting

2022/05/23 JVNVU#92641706:: Trend Micro Password Manager vulnerable to privilege escalation

2022/05/20 JVN#15317878:: Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)

2022/05/19 JVN#46892984:: Multiple vulnerabilities in Rakuten Casa

2022/05/16 JVN#73897863:: Multiple vulnerabilities in Cybozu Garoon

2022/05/13 JVN#44550983:: Strapi vulnerable to cross-site scripting

2022/05/13 JVN#46241173:: EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery

2022/05/12 JVNVU#93434935:: Installer of Trend Micro HouseCall for Home Networks may insecurely load Dynamic Link Libraries

2022/05/11 JVN#60037444:: Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries

2022/05/11 JVNVU#95992089:: Command injection vulnerability in QNAP VioStar series NVR

2022/05/10 JVN#60801132:: GENEREX RCCMD vulnerable to directory traversal

2022/05/09 JVN#96561229:[Critical]: Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM

2022/05/09 JVN#50337155:: KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass

2022/05/09 JVN#58266015:: Multiple vulnerabilities in multiple MEIKYO ELECTRIC products

2022/04/22 JVN#54857505:: Hammock AssetView missing authentication for critical functions

2022/04/15 JVN#31606885:: WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" vulnerable to cross-site request forgery

2022/04/06 JVNVU#97833256:: Trend Micro Antivirus for Mac vulnerable to privilege escalation

2022/03/30 JVN#59576930:: Zero-channel BBS Plus vulnerable to cross-site scripting

2022/03/30 JVN#42543427:: WordPress Plugin "Advanced Custom Fields" vulnerable to missing authorization

2022/03/30 JVN#10140834:: AttacheCase may insecurely load Dynamic Link Libraries

2022/03/30 JVNVU#99107357:[Critical]: Trend Micro Apex Central and Trend Micro Apex Central as a Service vulnerable to improper check for file contents

2022/03/22 JVNVU#94900322:: Netcommunity OG410X and OG810X VoIP gateway/Hikari VoIP adapter for business offices vulnerable to OS command injection