EUVD-2025-18161

Malicious code in bioql PyPI...

CVE-2025-35978

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be...

UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

Overview UpdateNavi provided by Fujitsu Client Computing Limited contains the following vulnerability. Improper restriction of communication channel to intended endpoints CWE-923 Shu Yoshikoshi of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

CVE-2025-35978

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be...

CVE-2025-35978

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be...

CVE-2025-35978

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be...

CVE-2025-35978

UpdateNavi V1.4 L10–L33 and UpdateNaviInstallService 1.2.0091–1.2.0125 suffer from improper restriction of the communication channel to intended endpoints (CWE-923). This local vulnerability allows a local authenticated attacker sending malicious data to modify registry values or execute arbitrar...

PT-2025-25282 · Unknown · Updatenaviinstallservice Service +1

Name of the Vulnerable Software and Affected Versions: UpdateNavi versions 1.4 L10 through 1.4 L33 UpdateNaviInstallService Service versions 1.2.0091 through 1.2.0125 Description: The issue exists due to improper restriction of communication channel to intended endpoints. If a local authenticated...

Fujitsu UpdateNavi和UpdateNaviInstallService 安全漏洞

Fujitsu UpdateNavi and UpdateNaviInstallService are both products of Fujitsu Japan.Fujitsu UpdateNavi is an application updater.UpdateNaviInstallService is an application updater. A security vulnerability exists in Fujitsu UpdateNavi V1.4 L10 through L33 and UpdateNaviInstallService versions...

JVN#17860456: UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

UpdateNavi provided by Fujitsu Client Computing Limited contains the following vulnerability. Improper restriction of communication channel to intended endpoints CWE-923 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Bas...