Vulnerability Reports

past 12 months20202019201820172016201520142013201220112010200920082007

2021

2021/04/14 JVN#54025691:
Gurunavi Apps fail to restrict access permissions
2021/04/09 JVN#29739718:
Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP
2021/04/09 JVN#67456944:
Multiple vulnerabilities in multiple Aterm products
2021/04/09 JVNVU#92898656:
D-Link DAP-1880AC contains multiple vulnerabilities
2021/04/01 JVN#73236007:
Archive collectively operation utility vulnerable to directory traversal
2021/03/26 JVN#64869876:
Multiple vulnerabilities in baserCMS
2021/03/25 JVN#68244135:[Unreachable]
rNote vulnerable to cross-site scripting
2021/03/25 JVN#94705238:[Unreachable]
Yomi-Search vulnerable to cross-site scripting
2021/03/25 JVN#83042295:[Unreachable]
Yomi-Search vulnerable to cross-site scripting
2021/03/25 JVN#37179202:[Unreachable]
Yomi-Search vulnerable to cross-site scripting
2021/03/25 JVN#93207949:[Unreachable]
Click Ranker vulnerable to cross-site scripting
2021/03/25 JVN#11438679:[Unreachable]
Kagemai vulnerable to cross-site request forgery
2021/03/25 JVN#42220311:[Unreachable]
Kagemai vulnerable to cross-site scripting
2021/03/25 JVN#12559271:[Unreachable]
Kagemai vulnerable to cross-site scripting
2021/03/25 JVN#97370614:[Unreachable]
MagazinegerZ vulnerable to cross-site scripting
2021/03/22 JVN#12737530:
UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS)
2021/03/19 JVN#37607293:
Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS)
2021/03/17 JVN#08191557:
WordPress plugin "Paid Memberships Pro" vulnerable to SQL injection
2021/03/15 JVN#45797538:
Multiple vulnerabilities in Cybozu Office
2021/03/12 JVN#47497535:
M-System DL8 contains multiple vulnerabilities
2021/03/11 JVN#18056666:
Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries
2021/03/10 JVN#86438134:
Multiple cross-site scripting vulnerabilities in GROWI
2021/03/08 JVNVU#94889258:
Multiple vulnerabilities in GROWI
2021/03/05 JVN#68418039:
The installers of E START products may insecurely load Dynamic Link Libraries
2021/03/05 JVNVU#99545969:
Trend Micro Security (Consumer) vulnerable to code injection
2021/02/24 JVN#66542874:
Multiple cross-site scripting vulnerabilities in Movable Type
2021/02/19 JVN#37417423:
Multiple vulnerabilities in SolarView Compact
2021/02/16 JVN#58774946:[Critical]
FileZen vulnerable to OS command injection
2021/02/15 JVN#87164507:
Calsos CSDJ fails to restrict access permissions
2021/02/10 JVN#80785288:
Wekan vulnerable to cross-site scripting
2021/02/05 JVN#50470170:
WordPress Plugin "Name Directory" vulnerable to cross-site request forgery
2021/02/04 JVN#42252698:
Panasonic Video Insight VMS vulnerable to arbitrary code execution
2021/02/03 JVNVU#98209799:
Trend Micro HouseCall for Home Networks (Windows Edition) may insecurely load Dynamic Link Libraries
2021/02/01 JVNVU#99814910:
Multiple vulnerabilities in the installer of Trend Micro Security 2020 (Consumer)
2021/01/27 JVN#41853173:
OS command injection vulnerability in multiple Infoscience Corporation log management tools
2021/01/26 JVN#96783542:
Multiple vulnerabilities in multiple LOGITEC products
2021/01/26 JVN#98115035:
Android App "ELECOM File Manager" vulnerable to directory traversal
2021/01/26 JVN#47580234:
Multiple vulnerabilities in multiple ELECOM products
2021/01/22 JVN#38248512:
Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
2021/01/22 JVNVU#92444096:
TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection
2021/01/19 JVN#57544707:
GROWI vulnerable to cross-site scripting
2021/01/14 JVNVU#99904867:
Multiple vulnerabilities in Worry-Free Business Security (WFBS)
2021/01/14 JVNVU#92683420:
Multiple vulnerabilities in Trend Micro Apex One and OfficeScan
2021/01/14 JVN#35906450:
Multiple vulnerabilities in acmailer
2021/01/12 JVN#69635538:
The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries
2021/01/05 JVNVU#98351146:
Multiple vulnerabilities in InterScan Web Security Virtual Appliance (IWSVA)
2021/01/04 JVN#38752718:
Multiple NEC Products vulnerable to authentication bypass
2021/01/04 JVN#38784555:
Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series

2020

2020/12/18 JVN#10100024:
Management software for NEC Storage disk array system vulnerable to improper server certificate verification
2020/12/18 JVN#94244575:
Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
2020/12/15 JVN#94169589:
Multiple vulnerabilities in GROWI
2020/12/11 JVN#55917325:
Multiple vulnerabilities in Aterm SA3500G
2020/12/11 JVN#43969166:
Apache Struts 2 vulnerable to remote code execution (S2-061)
2020/12/10 JVN#12884935:
FileZen vulnerable to directory traversal
2020/12/07 JVN#59779918:
Apache Cordova Plugin camera vulnerable to information exposure
2020/12/07 JVNVU#97704455:
ServerProtect for Linux vulnerable to heap-based buffer overflow
2020/12/03 JVN#24457594:
Multiple vulnerabilities in EC-CUBE
2020/12/03 JVN#42199826:
desknet's NEO vulnerable to cross-site scripting
2020/11/27 JVNVU#98890246:
Multiple vulnerabilities in Trend Micro InterScan Messaging Virtual Appliance (IMSVA)
2020/11/25 JVNTA#94494000:
Malleability attack against executables encrypted by CBC mode with no integrity check
2020/11/25 JVN#56450373:
Multiple vulnerabilities in GROWI
2020/11/24 JVN#27806339:
NETGEAR GS108Ev3 vulnerable to cross-site request forgery
2020/11/24 JVNVU#94694991:
Multiple vulnerabilities in Trend Micro Antivirus for Mac
2020/11/20 JVN#26835001:
The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
2020/11/19 JVN#90729322:
Hibernate ORM vulnerable to SQL injection
2020/11/18 JVNVU#96249940:
Trend Micro Security 2020 (Consumer) is vulnerable to arbitrary file deletion
2020/11/18 JVN#94245475:
Movable Type Premium vulnerable to cross-site scripting
2020/11/17 JVNVU#99880454:
Multiple vulnerabilities in KonaWiki3
2020/11/12 JVN#44764844:
MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption
2020/11/06 JVNVU#92053563:
Multiple vulnerabilities in XOOPS module "XooNIps"
2020/11/05 JVN#00414047:
Studyplus App uses a hard-coded API key for an external service
2020/11/04 JVN#57942454:
Cybozu Garoon vulnerable to improper input validation
2020/10/21 JVN#31425618:
Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"
2020/10/20 JVNVU#99467898:
Local File Inclusion vulnerability in OneThird CMS
2020/10/14 JVN#92404841:
WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery
2020/10/06 JVNVU#95014999:
Trend Micro Antivirus for Mac vulnerable to a privilege escalation
2020/10/05 JVN#82892096:
OS command injection vulnerability in multiple ELECOM LAN routers
2020/09/30 JVN#07426151:
InfoCage SiteShell installs their files with improper access permissions
2020/09/25 JVNVU#93741515:
CMONOS.JP vulnerable to cross-site scripting
2020/09/23 JVNVU#91216654:
ServerProtect for Linux vulnerable to OS command injection
2020/09/23 JVN#60093979:
Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
2020/09/17 JVN#31864411:
Multiple access restriction bypass vulnerabilities in UNIQLO App
2020/09/11 JVN#09166495:
Multiple vulnerabilities in Buffalo AirStation WHR-G54S
2020/09/07 JVN#32396594:
Yodobashi App for Android fails to restrict access permissions
2020/08/31 JVNVU#90813748:
Multiple vulnerabilities in Trend Micro Deep Security Manager and Vulnerability Protection
2020/08/31 JVN#06446084:
CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to XML external entity injection (XXE)
2020/08/31 JVN#42665874:
"Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
2020/08/28 JVN#29903998:
Multiple NETGEAR switching hubs vulnerable to cross-site request forgery
2020/08/27 JVN#40725650:
Multiple vulnerabilities in XOOPS module "XooNIps"
2020/08/26 JVN#77402327:
NITORI App fails to restrict access permissions
2020/08/25 JVNVU#98542645:
Multiple vulnerabilities in InterScan Web Security Virtual Appliance (IWSVA)
2020/08/25 JVN#50890770:
Apache Struts 2 vulnerable to denial-of-service (DoS)
2020/08/21 JVN#88315581:
Multiple cross-site scripting vulnerabilities in Exment
2020/08/11 JVN#46258789:
Multiple vulnerabilities in CyberMail
2020/08/06 JVNVU#98423028:
Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries
2020/08/06 JVNVU#94105662:
Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read
2020/08/05 JVNVU#99160193:
Trend Micro anti-rootkit driver improperly validates inputs
2020/08/03 JVN#25422698:[Critical]
SKYSEA Client View vulnerable to privilege escalation
2020/08/03 JVNTA#96129397:
Falsification and eavesdropping of contents across multiple websites via Web Rehosting services
2020/07/31 JVN#73169744:
Multiple vulnerabilities in multiple PHP Factory products
2020/07/31 JVN#84959128:
FANUC i Series CNC vulnerable to denial-of-service (DoS)
2020/07/29 JVN#40400577:
TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow
2020/07/28 JVN#48194211:
Multiple vulnerabilities in KonaWiki2 and KonaWiki3
2020/07/28 JVN#62161191:
JavaFX WebEngine does not properly restrict Java method execution
2020/07/22 JVN#05502028:
WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery
2020/07/09 JVN#55657988:
SHIRASAGI vulnerable to open redirect
2020/07/08 JVN#93167107:
Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of Java object
2020/07/03 JVNVU#95413676:
Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series
2020/06/30 JVNVU#90307594:
Multiple vulnerabilities in Mitsubishi Electoric FA Engineering Software
2020/06/29 JVN#55497111:
Multiple vulnerabilities in Cybozu Garoon
2020/06/24 JVN#40039627:
Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution
2020/06/23 JVNVU#91424496:
Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information
2020/06/18 JVN#77458946:
EC-CUBE vulnerable to directory traversal
2020/06/11 JVN#32252648:
Multiple vulnerabilities in Zenphoto
2020/06/09 JVN#67447798:
Multiple SONY Wireless Headphones allow improper Bluetooth pairing
2020/06/05 JVN#40208370:
XACK DNS vulnerable to denial-of-service (DoS)
2020/05/29 JVN#78745667:
Multiples security updates for multiple Cybozu products
2020/05/25 JVN#59552136:
Cybozu Desktop for Windows vulenerable to arbitrary code execution
2020/05/19 JVN#20248858:
WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection
2020/05/19 JVN#96646182:
Panasonic Video Insight VMS vulnerable to arbitrary code execution
2020/05/13 JVN#41035278:
BookStack vulnerable to cross-site scripting
2020/05/13 JVN#28806943:
Multiple vulnerabilities in Movable Type
2020/05/11 JVN#61849442:
PALLET CONTROL vulnerable to arbitrary code execution
2020/04/28 JVN#47668991:
Sales Force Assistant vulnerable to cross-site scripting
2020/04/27 JVN#35649781:
Multiple vulnerabilities in Cybozu Garoon
2020/04/23 JVN#93064451:
Multiple SHARP Android devices vulnerable to information disclosure
2020/04/20 JVN#13467854:
Toshiba Electronic Devices & Storage software registers unquoted service paths