Vulnerability Reports VU

2025

2025/07/03 JVNVU#91134474:

Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)

2025/07/01 JVNVU#92266386:

Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)

2025/06/30 JVNVU#93850661:

Pass-Back Attack vulnerability in Konica Minorta bizhub series

2025/06/30 JVNVU#95470660:

Multiple vulnerabilities in Web Connection of Konica Minolta MFPs

2025/06/27 JVNVU#93396297:

Multiple vulnerabilities in TB-eye network recorders and AHD recorders

2025/06/25 JVNVU#91819309:

Multiple Brother driver installers for Windows vulnerable to privilege escalation

2025/06/25 JVNVU#90043828:

Multiple vulnerabilities in multiple BROTHER products

2025/06/23 JVNVU#99381846:

Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)

2025/05/21 JVNVU#99563104:

Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers

2025/05/14 JVNVU#90760614:

Multiple vulnerabilities in a-blog cms

2025/05/14 JVNVU#91726405:

Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series'

2025/05/14 JVNVU#97228144:

Multiple vulnerabilities in V-SFT

2025/05/13 JVNVU#94857368:

Panasonic IR Control Hub vulnerable to Unauthorised firmware loading

2025/05/09 JVNVU#93247159:

Multiple vulnerabilities in GL-MT2500 and GL-MT2500A

2025/04/28 JVNVU#90649144:

Improper access permission settings in multiple SEIKO EPSON printer drivers for Windows OS

2025/04/25 JVNVU#97907980:

Security Update for Trend Micro Trend Vision One (April 2025)

2025/04/10 JVNVU#94912671:

TP-Link Deco BE65 Pro vulnerable to OS command injection

2025/04/08 JVNVU#98349623:

Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (April 2025)

2025/04/04 JVNVU#93925742:

Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT 'AC-WPS-11ac series'

2025/04/01 JVNVU#93701955:

Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

2025/03/28 JVNVU#92821536:

Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers

2025/03/25 JVNVU#91154745:

Multiple vulnerabilities in CHOCO TEI WATCHER mini

2025/02/28 JVNVU#96398949:

Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine)

2025/02/17 JVNVU#92320053:

Out-of-bounds read vulnerability in OMRON CX-Programmer

2025/02/17 JVNVU#96297631:

Out-of-bounds write vulnerability in FUJIFILM Business Innovation Corp. MFPs

2025/02/17 JVNVU#97639704:

ASUSTeK COMPUTER Lyra mini vulnerable to improper authentication

2025/02/17 JVNVU#92071645:

"RoboForm Password Manager" App for Android vulnerable to authentication bypass using an alternate path or channel

2025/02/14 JVNVU#92227620:

Out-of-bounds read vulnerability in Cente middleware

2025/01/28 JVNVU#93455283:

Multiple out-of-bounds write vulnerabilities in Canon Office/Small Office Multifunction Printers and Laser Printers

2025/01/15 JVNVU#92217718:

Linux Ratfor vulnerable to stack-based buffer overflow

2025/01/14 JVNVU#99653331:

Multiple vulnerabilities in STEALTHONE D220/D340/D440

2025/01/14 JVNVU#98734299:

Improper restriction of XML external entity reference (XXE) vulnerability in OMRON NB-Designer

2025/01/14 JVNVU#96335720:

OMRON NJ/NX series vulnerable to path traversal

2025/01/08 JVNVU#99901190:

Multiple vulnerabilities in FUJIFILM Business Innovation Xerox FreeFlow Core

2024

2024/12/24 JVNVU#92980681:

Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element

2024/12/20 JVNVU#95720792:

Multiple security updates for Trend Micro Apex One and Apex One as a Service (December 2024)

2024/12/13 JVNVU#91084137:

Multiple vulnerabilities in FXC AE1021 and AE1021PE

2024/12/13 JVNVU#90748215:

WordPress Plugin "My WP Customize Admin/Frontend" vulnerable to cross-site scripting

2024/12/05 JVNVU#93693807:

Trend Micro Deep Security Agent for Windows and Deep Security Notifier on DSVA vulnerable to OS command injection

2024/11/28 JVNVU#97531313:

Multiple vulnerabilities in FUJI ELECTRIC products

2024/11/21 JVNVU#92857077:

Multiple vulnerabilities in Edgecross Basic Software for Windows

2024/11/20 JVNVU#99607268:

Vulnerabilities in multiple Dahua Technology products (DHCC-SA-202407-001)

2024/11/18 JVNVU#90667116:

Multiple vulnerabilities in Rakuten Turbo 5G

2024/11/12 JVNVU#90676195:

Multiple vulnerabilities in SoftBank Mesh Wi-Fi router RP562B

2024/11/05 JVNVU#96058081:

Trend Micro Deep Security 20 Agent for Windows vulnerable to improper access control

2024/11/01 JVNVU#95685374:

Incorrect authorization vulnerability in OMRON Sysmac Studio

2024/10/31 JVNVU#95001899:

REST-APIs unintentionally enabled in Century Systems FutureNet NXR series routers

2024/10/31 JVNVU#94153896:

Command injection vulnerability in Trend Micro Cloud Edge

2024/10/25 JVNVU#95063136:

Multiple vulnerabilities in Sharp and Toshiba Tec MFPs

2024/10/21 JVNVU#93072012:

Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector

2024/10/02 JVNVU#92808077:

Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

2024/09/30 JVNVU#95133448:

Insecure initial password configuration issue in SEIKO EPSON Web Config

2024/09/27 JVNVU#91077448:

SNMP service is enabled by default in Sharp NEC Display Solutions projectors

2024/09/18 JVNVU#90142679:

Multiple vulnerabilities in TAKENAKA ENGINEERING digital video recorders

2024/08/30 JVNVU#96959731:

Multiple vulnerabilities in IDEC products

2024/08/30 JVNVU#99905584:

Panasonic Control FPWIN Pro7 vulnerable to stack-based buffer overflow

2024/08/29 JVNVU#96242582:

Multiple vulnerabilities in IDEC Operator Interfaces products

2024/08/28 JVNVU#96498690:

xfpt vulnerable to stack-based buffer overflow

2024/07/23 JVNVU#98330908:

Multiple products from Check Point Software Technologies vulnerable to information disclosure

2024/07/16 JVNVU#96424864:

Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series