Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/01/26 12:0 a.m.45 views

JVN#95385972: MODx Evolution vulnerable to directory traversal

MODx provided by the MODx CMS Project is a Content Management System CMS software. MODx contains a directory traversal vulnerability. Impact A remote attacker may access or view arbitrary files on the server. Solution Update the software Update to the latest version according to the information...

5CVSS6.5AI score0.02388EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/01/21 12:0 a.m.45 views

JVN#26605630: Cisco Linksys WRT54GC vulnerable to buffer overflow

Cisco Linksys WRT54GC provided by Cisco Systems is a network router. Cisco Linksys WRT54GC contains a buffer overflow vulnerability. Impact When processing a specially crafted HTTP request, the router may crash resulting in a denial-of-service DoS. Solution Update the software Update to the lates...

7.8CVSS6.8AI score0.02151EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.45 views

JVN#36982346 MiniBBS22 from CGI RESCUE allows unauthorized email transmission

MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send any email to an arbitrary address. Solution Update the software Update to the latest versi...

5CVSS6.4AI score0.01173EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/12/19 12:0 a.m.45 views

JVN#50327700 PHP vulnerable to cross-site scripting

PHP is an open source scripting language that is especially suited for Web development. PHP contains a cross-site scripting vulnerability as it does not properly handle errors. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

2.6CVSS8.9AI score0.01859EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/31 6:53 a.m.44 views

Security information for Hitachi Disk Array Systems

Overview A vulnerability exists in the management software Storage Navigator of Hitachi Disk Array Systems that involves remote code execution vulnerability. CVE-2025-1978 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...

9.8CVSS6.5AI score0.00547EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/10/31 12:0 a.m.44 views

JVN#94132951: Cybozu Remote Service vulnerable to uncontrolled resource consumption

Cybozu Remote Service provided by Cybozu, Inc. is vulnerable to uncontrolled resource consumption CWE-400. Impact Certain operations performed by a logged-in user may lead to huge storage space consumption or significantly delayed communication. Solution Update the Software Update the software to...

6.5CVSS6.4AI score0.00616EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/10/18 12:0 a.m.44 views

JVN#95981460: Improper restriction of XML external entity references (XXE) in Proself

Proself provided by North Grid Corporation improperly restricts XML external entity references XXE CWE-611. The developer states that attacks exploiting this vulnerability have been observed. Impact By processing a specially crafted request containing malformed XML data, arbitrary files on the...

7.5CVSS7.7AI score0.03542EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/03/08 12:0 a.m.45 views

JVN#82424996: Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config

Web Config for printers/network interface provided by SEIKO EPSON CORPORATION contains multiple vulnerabilities listed below. Stored cross-site Scripting CWE-79 - CVE-2023-23572 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.8 CVSS v2|...

6.5CVSS6.5AI score0.00499EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/01/05 12:0 a.m.44 views

JVN#16765254: Multiple code injection vulnerabilities in ruby-git

ruby-git is a Ruby library that can be used to create, read and operate Git repositories. ruby-git contains multiple code injection vulnerabilities CWE-94. Impact If a repository containing a specially crafted filename is loaded to the product, an arbitrary ruby code may be executed. Solution...

8.8CVSS8.1AI score0.0136EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/10/11 12:0 a.m.44 views

JVN#40620121: The installer of Sony Content Transfer may insecurely load Dynamic Link Libraries

The installer of Content Transfer for Windows provided by Sony Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the installer. Solution Do not execute the...

7.8CVSS7.8AI score0.00204EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/17 12:0 a.m.44 views

JVN#00095004: Multiple vulnerabilities in phpUploader

phpUploader provided by Dojin Club MICMNIS contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24435 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N| Base Score: 4.3 SQ...

7.5CVSS7.1AI score0.01664EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/20 12:0 a.m.44 views

JVN#79798166: Multiple vulnerabilities in GroupSession

GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2021-20874 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 7.5 CVSS v2|...

7.5CVSS7AI score0.01296EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/09/16 12:0 a.m.44 views

JVN#23406150: EC-CUBE plugin "Order Status Batch Change Plug-in" vulnerable to cross-site scripting

EC-CUBE plugin "Order Status Batch Change Plug-in" provided by ActiveFusions Co., Ltd. contains a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by conducting a specific operation on the management page of EC-CUBE. Impact If a remote attacker injects a specially...

6.1CVSS6.1AI score0.00748EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/11/12 12:0 a.m.44 views

JVN#44764844: MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption

MELSEC iQ-R series CPU modules provided by Mitsubishi Electric Corporation contain an uncontrolled resource consumption vulnerability CWE-400. According to the developer, in case of "To Use or Not to Use Web Server Settings" in the parameter of CPU modules are set to "Not Use", this issue does no...

7.5CVSS7.5AI score0.08397EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/08/26 12:0 a.m.44 views

JVN#77402327: NITORI App fails to restrict access permissions

NITORI App provided by Nitori Holdings Co., Ltd. implements the function to access a requested URL using Custom URL Scheme. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an request from an arbitrary App and execute the access...

6.1CVSS6.2AI score0.00842EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/02/20 12:0 a.m.44 views

JVN#75453852: LINE for iOS fails to verify SSL server certificates

LINE for iOS provided by LINE Corporation fails to verify SSL server certificates due to the vulnerability existed in the Third Party SDK which is incorporated in the application. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. According to the...

5.9CVSS5.4AI score0.00603EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/17 12:0 a.m.44 views

JVN#71104430: Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege...

9.3CVSS7.6AI score0.01061EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/16 12:0 a.m.44 views

JVN#96165722: WordPress plugin "WP Booking System" vulnerable to cross-site scripting

The WordPress plugin "WP Booking System" provided by WP Booking System contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of a user who logged-in as an administrator. Solution Update the plugin Update the plugin according to...

6.1CVSS6.1AI score0.01379EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/04/19 12:0 a.m.44 views

JVN#86171513: SEIL Series routers vulnerable to denial-of-service (DoS)

The DNS forwarder, the PPP Access Concentrator L2TP and the MeasureiPerf server function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing certain packets. Impact Receiving a specially crafted packet may...

7.5CVSS7.4AI score0.01545EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/04/13 12:0 a.m.44 views

JVN#62392065: WordPress plugin "WP Statistics" vulnerable to cross-site scripting

The WordPress plugin "WP Statistics" provided by WP Statistics contains a stored cross-site scripting vulnerability CWE-79 in multiple pages due to a flaw in processing HTTP Referer headers. Impact An arbitrary script may be executed on the web browser of a user accessing the page generated by th...

6.1CVSS6AI score0.02603EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/09/16 12:0 a.m.44 views

JVN#64800312: Splunk Enterprise and Splunk Light vulnerable to open redirect

Splunk Enterprise and Splunk Light contain an open redirect vulnerability. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update to the latest version...

6.1CVSS6.2AI score0.01432EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/12 12:0 a.m.44 views

JVN#22978346: WN-G300R Series vulnerable to cross-site scripting

WN-G300R Series provided by I-O DATA DEVICE, INC. is a wireless LAN router. WN-G300R Series contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Apply the appropriate firmware update provide...

5.4CVSS5.3AI score0.00802EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/09/04 12:0 a.m.44 views

JVN#88408929: Apache Struts vulnerable to cross-site scripting

Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Apache Struts is vulnerable to cross-site scripting when JSP files can be accessed directly. Impact An arbitrary script may be executed on the user's Internet Explorer when the...

6.1CVSS6.2AI score0.05618EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/07/10 12:0 a.m.44 views

JVN#67540183: Simple Oekaki BBS vulnerable to cross-site scripting

Simple Oekaki BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of oekakis parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version...

4.3CVSS5.9AI score0.01171EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/12/18 12:0 a.m.44 views

JVN#22440986: Multiple Allied Telesis products vulnerable to buffer overflow

AR Router Series and Alliedware switches provided by Allied Telesis Group contain a buffer overflow vulnerability CWE-788 due to a flaw when processing a POST method. Impact Arbitrary code may be executed when processing a specially crafted HTTP request. Solution Update the Firmware Update to the...

10CVSS7AI score0.06131EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/12/02 12:0 a.m.44 views

JVN#71762315: LG Electronics mobile access routers lack access restrictions

LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface. Impact An attacker that can access the device may bypass authentication and obtain information stored on the device. Solution Apply an Update Apply the update according ...

5CVSS6.4AI score0.01354EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/15 12:0 a.m.44 views

JVN#42024228: Cybozu Garoon CGI vulnerable to remote command execution

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon CGI contains a remote command execution vulnerability. Impact An arbitrary command may be executed on the server where Cybozu Garoon resides. Solution Update the Software Update to the latest version according to the information...

10CVSS6.6AI score0.0324EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/24 12:0 a.m.44 views

JVN#13154935: VMware ESX and ESXi may allow access to arbitrary files

VMware ESX and ESXi contain a vulnerability in the handling of Virtual Machine file descriptors, which may allow access to arbitrary ESX and ESXi files. Impact Users that have privileges to execute "Add New Disk" or "Add Existing Disk" in vCenter Server may obtain read and write access to arbitra...

4.4CVSS6.3AI score0.00353EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/12/17 12:0 a.m.44 views

JVN#53768697: Android OS vulnerable to arbitrary Java method execution

Android OS contains a vulnerability where an arbitrary Java method may be executed. Impact When viewing a specially crafted page using the standard Android browser or an other application that uses the WebView class, Android OS may be rebooted or arbitrary code may be executed without intent from...

9.3CVSS6.4AI score0.42623EPSS
Exploits6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/12/21 12:0 a.m.44 views

JVN#33159152: Loctouch for Android information management vulnerability

Loctouch provided by NHN Japan, is an application that logs location information. Loctouch for Android contains an information management vulnerability. Impact Android applications with permission to read system log files may obtain log information stored by the product that are intended to be...

2.6CVSS6AI score0.00992EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/10/26 12:0 a.m.44 views

JVN#00322303: Tokyo BBS vulnerable to cross-site scripting

Tokyo BBS provided by Come on Girls Interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided by the developer. The developer is no longer distributing...

4.3CVSS5.8AI score0.01808EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/08/30 12:0 a.m.44 views

JVN#51615542: Adobe Reader fails to properly handle signatures

Adobe Reader contains an issue where it may fail to properly verify RSA signatures. Impact An attacker may be able to forge an RSA signature on a PDF document. Solution Update the software Update to the latest version according to the information provided by the developer. Note that this issue wa...

4.3CVSS7AI score0.04894EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/12/09 12:0 a.m.44 views

JVN#94002296: FFFTP may insecurely load executable files

FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest versio...

9.3CVSS7.2AI score0.02192EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/08/10 12:0 a.m.44 views

JVN#80404511: Windows URL Protocol Handler may insecurely load executable files

Windows URL Protocol Handler loads a specified executable for each protocol. Windows URL Protocol Handler contains an issue with the file search path, which may insecurely load executable files. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution...

9.3CVSS6.8AI score0.3434EPSS
Exploits5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/03/04 12:0 a.m.44 views

JVN#26301278: IBM WebSphere Application Server vulnerable to denial-of-service (DoS)

IBM WebSphere Application Server contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer...

5CVSS9.1AI score0.2349EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/09/20 12:0 a.m.44 views

JVN#40940493 Webmin and Usermin authentication bypass vulnerability

Impact A remote attacker could bypass Webmin and Usermin's authentication, and execute an arbitrary command with root privileges. Solution Products Affected Webmin Version 1.200 - 1.220 Usermin Version 1.130 - 1.160...

7.5CVSS6.9AI score0.04127EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/04/15 12:0 a.m.44 views

JVN#58236836: Multiple vulnerabilities in BUFFALO wireless LAN routers

Multiple wireless LAN routers provided by BUFFALO INC. contain multiple vulnerabilities listed below. Plaintext storage of a password CWE-256 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2024-23486 OS Command Injection CWE-78 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base...

9.8CVSS6.7AI score0.00561EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/07/20 12:0 a.m.43 views

JVN#90560760: Multiple vulnerabilities in WordPress Plugin "TS Webfonts for SAKURA"

WordPress Plugin "TS Webfonts for SAKURA" provided by SAKURA internet Inc. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2023-32624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

6.1CVSS5.9AI score0.00482EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/06/20 12:0 a.m.43 views

JVN#70502982: SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)

Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service ReDoS vulnerability CWE-1333. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the Software Update the software to the latest version according to the information...

7.5CVSS7.4AI score0.01253EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/11/25 12:0 a.m.43 views

JVN#87895771: Cybozu Remote Service vulnerable to Uncontrolled Resource Consumption

Cybozu Remote Service provided by Cybozu, Inc. is vulnerable to uncontrolled resource consumption CWE-400. Impact A logged-in user may consume huge storage space, resulting to a denial-of-service DoS condition. Solution Update the Software Update to the latest version according to the information...

7.5CVSS7.5AI score0.00854EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/05/11 12:0 a.m.43 views

JVN#60037444: Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries

Installer of Trend Micro Password Manager provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use...

7.8CVSS7.7AI score0.00279EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/07 12:0 a.m.43 views

JVN#95898697: Multiple ESET products for macOS vulnerable to improper server certificate verification

Multiple ESET products for macOS are vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to alter the data received by the affected products. Solution Update the software Update the software to the latest version according to the...

5.9CVSS5.4AI score0.0166EPSS
Exploits4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/01/13 12:0 a.m.43 views

JVN#19826500: PASSWORD MANAGER "MIRUPASS" PW10 / PW20 missing encryption

PASSWORD MANAGER "MIRUPASS" PW10 / PW20 provided by KING JIM CO.,LTD. contain a missing encryption vulnerability CWE-311. Impact A user who can physically access the products may obtain the stored passwords. Solution Stop using the products The developer states that the products are no longer...

4.6CVSS4.6AI score0.00107EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/12/02 12:0 a.m.43 views

JVN#09136401: Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields"

WordPress Plugin "Advanced Custom Fields" provided by Delicious Brains contains multiple missing authorization vulnerabilities listed below. Missing authorization related to database browsing CWE-862 - CVE-2021-20865 Version| Vector| Score ---|---|--- CVSS v3|...

7.5CVSS6.9AI score0.02462EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/08/27 12:0 a.m.43 views

JVN#40725650: Multiple vulnerabilities in XOOPS module "XooNIps"

XOOPS module "XooNIps" contains multiple vulnerabilities listed below. SQL injectionCWE-89 - CVE-2020-5624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 7.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5 Cross-site Scripting CWE-79 -...

9.8CVSS7.2AI score0.01405EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/07/09 12:0 a.m.43 views

JVN#55657988: SHIRASAGI vulnerable to open redirect

SHIRASAGI provided by SHIRASAGI Project contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update to the...

6.1CVSS6.1AI score0.01204EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/09 12:0 a.m.43 views

JVN#33901663: RT-AC87U vulnerable to cross-site scripting

RT-AC87U provided by ASUS Japan Inc. is a wireless LAN router. RT-AC87U contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Apply the firmware update according to the information provided by the...

6.1CVSS6.1AI score0.00899EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/02/13 12:0 a.m.43 views

JVN#04564808: Installer of ”FLET'S Azukeru Backup Tool” may insecurely load Dynamic Link Libraries

"FLET'S Azukeru Backup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is software to automatically back up files in the user's computer to "FLET'S Azukeru" service. Installer of "FLET'S Azukeru Backup Tool" contains an issue with the DLL search path, which may lead to insecurel...

7.8CVSS7.7AI score0.00928EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/16 12:0 a.m.43 views

JVN#81820501: FlashAir do not set credential information in PhotoShare

FlashAirTM by Toshiba Corporation is an SDHC memory card which provides wireless LAN access functions. FlashAirTM PhotoShare function enables to share the image data in a certain folder with other users as it switches the original wireless LAN connection set by FlashAirTM default to the wireless...

4.3CVSS4.6AI score0.00608EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/04/20 12:0 a.m.43 views

JVN#54268888: Multiple JustSystems products including Hanako may insecurely load Dynamic Link Libraries

Hanako and multiple software suites containing Hanako provided by JustSystems Corporation contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privileges of the user running the application. Solution...

7.8CVSS7.7AI score0.01173EPSS
Exploits0
Total number of security vulnerabilities5000