5627 matches found
JVN#88935101: X.Org Foundation X server buffer overflow vulnerability
The X.Org Foundation provides an open source implementation of the X Window System. The X server of this implementation contains a vulnerability in the handling of Portable Compiled Font PCF format fonts that can be exploited to cause a buffer overflow. Impact An attacker with an established,...
JVN#80057925: Cross-site scripting vulnerability in Apache HTTP Server "mod_imap" and "mod_imagemap"
The Apache HTTP Server is open source web server software. The Apache HTTP Server modules modimap and modimagemap provide server-side imagemap processing capability. The Apache HTTP Server modules modimap and modimagemap are vulnerable to cross-site scripting. Impact An arbitrary script can be...
JVN#07100457 Apache Tomcat cross-site scripting vulnerability
Apache Tomcat, provided by the Apache Software Foundation, is an implementation of Java Servlets and JavaServer Pages technologies. Apache Tomcat Web Application Manager contains a cross-site scripting vulnerability. Impact When a user logs into Apache Tomcat Web Application Manager, an arbitrary...
JVN#16420523: SDoP vulnerable to stack-based buffer overflow
SDoP fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability CWE-121. Impact When a user of the affected product is tricked to process a specially crafted XML file, an arbitrary code may be executed on the user's environment...
JVN#65171386: Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR
ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. Path Traversal CWE-36 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Base Score 8.6 CVE-2024-33620 Missing Authentication CWE-306...
JVN#62737544: Multiple vulnerabilities in RoamWiFi R10
RoamWiFi R10 provided by RoamWiFi Technology Co., Ltd. contains multiple vulnerabilities listed below. Active debug code CWE-489 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 8.8 CVE-2024-31406 Insertion of sensitive information into log file CWE-532...
JVN#73283159: Multiple vulnerabilities in baserCMS
baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Reflected cross-site scripting vulnerability in Site search Feature CWE-79 - CVE-2023-44379 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...
JVN#37326856: Improper input validation vulnerability in WordPress Plugin "WordPress Quiz Maker Plugin"
WordPress Plugin "WordPress Quiz Maker Plugin" provided by AYS Pro Plugins contains an improper input validation vulnerability CWE-20. Impact A user of the product may use the product to perform a Denial of Service DoS attack against external services. Solution Update the plugin Update the plugin...
JVN#29195731: EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution
EC-CUBE 3 series and 4 series provided by EC-CUBE CO.,LTD. contain an arbitrary code execution vulnerability CWE-94 due to improper settings of the product's template engine "Twig". Impact Arbitrary code may be executed on the server where the product is running by a user with an administrative...
JVN#14762986: Improper restriction of XML external entity references (XXE) in e-Tax software
e-Tax software provided by National Tax Agency improperly restricts XML external entity references XXE CWE-611 due to the configuration of the embedded XML parser. Impact Processing a specially crafted XML file may lead to exposure of internal files on the system. Solution Update the Software...
JVN#19661362: Multiple vulnerabilities in Proself
Proself provided by North Grid Corporation is an online storage server software. Proself contains multiple vulnerabilities listed below. Improper authentication CWE-287 - CVE-2023-39415 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 7.5 CVSS...
JVN#19243534: ESS REC Agent Server Edition for Linux etc. vulnerable to directory traversal
ESS REC Agent Server Edition for Linux etc. provided by Encourage Technologies Co.,Ltd. contain a directory traversal vulnerability CWE-23. Impact Arbitrary files on the server may be viewed or altered by an attacker. Solution Update the software Update the software to the latest version accordin...
JVN#50862842: EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass
EC-CUBE plugin "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series" provided by NE Inc. contains an authentication bypass vulnerability CWE-287. Impact A remote attacker may alter the information stored in the system. Solution Stop using "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series "...
JVN#37014768: Multiple vulnerabilities in Movable Type
Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Improper Validation of Syntactic Correctness of Input CWE-1286 - CVE-2022-45113 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7 CVSS v2|...
JVN#48120704: Movable Type plugin A-Form vulnerable to cross-site scripting
Movable Type plugin A-Form provided by ARK-Web co., ltd. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who accessed the site using the product. Solution Update the Software Update A-Form to the latest version...
JVN#34205166: SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure
Mailform Pro CGI provided by SYNCK GRAPHICA contains an information disclosure vulnerability CWE-200. Thanks module of this product saves user input data for a certain period of time. The time is set to 30 seconds by default in configs/thanks.cgi file. To exploit this vulnerability, it is require...
JVN#46241173: EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery
EC-CUBE plugin "Easy Blog for EC-CUBE4" provided by COREMOBILE Co. Ltd. contains a cross-site request forgery vulnerability CWE-352. Impact If a site administrator who is logging in to the management screen of EC-CUBE on which the plug-in is installed accesses a specially crafted page, a blog...
JVN#54857505: Hammock AssetView missing authentication for critical functions
AssetView provided by Hammock Corporation misses authentication for some critical functions CWE-306 on the managing server. Impact With some knowledge on the system configuration, a remote attacker may upload a crafted configuration file to the managing server, which results in the managed client...
JVN#93562098: WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery
WordPress Plugin "Browser and Operating System Finder" provided by Aftab Muni contains a cross-site request forgery vulnerability CWE-352. Impact If a user with an administrative privilege views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin...
JVN#77458946: EC-CUBE vulnerable to directory traversal
EC-CUBE provided by EC-CUBE CO.,LTD. contains a directory traversal vulnerability CWE-22. Impact A user who can login to the management screen of the product may delete arbitrary files and/or directories on the server. Solution Update the Software The update for EC-CUBE 4 is available. Update the...
MQTT.js issue in handling PUBLISH packets
Overview MQTT.js is a client library for MQTT. MQTT.js contains an issue in handling PUBLISH packets sent from an MQTT Broker. Masataka Sakaguchi, Bintatsu Noda and Hisashi Kojima of Fujitsu Laboratories Ltd.reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#08020381: Installer of SaAT Personal may insecurely load Dynamic Link Libraries
The installer of SaAT Personal provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...
JVN#44566208: H2O use-after-free vulnerability
H2O is an open source web server software. H2O contains a use-after-free vulnerability CWE-416 due to a flaw in the process of upgrading from HTTP/1 to HTTP/2. Impact An unauthenticated remote attacker may cause a denial-of-service DoS condition or obtain arbitrary information which may include t...
JVN#08868688: The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries
The installers of multiple Japan Pension Service software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact This vulnerability can be exploited when the following condition is met. If this vulnerability is exploited, an arbitrary code m...
JVN#14567604: Multiple vulnerabilities in WordPress plugin WP-OliveCart
WP-OliveCart provided by Olive Design is a WordPress plugin to construct a shopping site. WP-OliveCart contains the following vulnerabilities. Cross-site scripting CWE-79 - CVE-2016-4903 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...
JVN#45034304: Multiple Hikari Denwa routers vulnerable to cross-site request forgery
Multiple Hikari Denwa routers contain a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Firmware Apply the appropriate firmware update provided by the developer. Products Affecte...
JVN#41875357: ActiveX control for EVA Animator vulnerable to buffer overflow
ActiveX control for EVA Animator provided by Sharp Corporation contains a buffer overflow vulnerability. Impact If a user views a malicious page, arbitrary code may be executed. Solution Remove ActiveX control for EVA Animator The EVA Animator service ended and the related website for its service...
JVN#47296923: Cybozu Office vulnerable to information disclosure
Cybozu Office contains an information disclosure vulnerability. Impact If a user views a malicious page while logged in, token used for cross-site request forgery CSRF protection may be disclosed. As a result, an attacker who obtains the CSRF token can perform further attacks. Solution Update the...
JVN#58615092: Enisys Gw vulnerable to SQL injection
Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains an SQL injection vulnerability CWE-89. Impact Information stored in the database may be obtained or altered by a remote unauthenticated attacker. Solution Update the Software Update to the latest versio...
JVN#07676450: Canary Labs Trend Web Server vulnerable to buffer overflow
Trend Web Server provided by Canary Labs is a solution used for data visualization. Trend Web Server contains a buffer overflow CWE-119 vulnerability. Impact A remote attacker may cause a denial-of-service DoS or execute arbitrary code when sending a specially crafted TCP packet. Solution Stop...
JVN#24517322: Koritore vulnerable to URL whitelist bypass
Koritore provided by Newphoria Corporation Inc. is an application for both iOS or Android built using "applican". Koritore contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. Impact Android version of this app may allow an applican API to b...
JVN#17964918: Multiple I-O DATA LAN routers vulnerable in UPnP functionality
A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that the suppo...
JVN#50447904: Multiple Buffalo wireless LAN routers vulnerable to OS command injection
Multiple wireless LAN routers provided by BUFFALO INC. contain an OS command injection vulnerability. Impact An authenticated attacker may be able to execute arbitrary OS commands. Solution Update the Firmware Apply the appropriate firmware update provided by the developer. Products Affected...
JVN#30832515: All In One WP Security & Firewall vulnerable to SQL injection
All In One WP Security & Firewall is WordPress plugin that provides security functionality. All In One WP Security & Firewall contains a SQL injection vulnerability CWE-89. Impact If an administrator views a malicious page while logged in, an arbitrary SQL command may be executed. Solution Update...
JVN#77718330: Vulnerability in the jBCrypt key stretching process
jBCrypt is a Java implementation to compute password hashes. jBCrypt contains an integer overflow vulnerability in the key stretching process. An integer overflow occurs when the parameter for the repetition count is set to the maximum value allowed, 31. Impact When the hash value for a password ...
JVN#30135729: SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution
Mailform Pro CGI provided by SYNCK GRAPHICA contains a flaw in the process of sending emails, which may result in an arbitrary code execution. Impact Arbitrary code may be executed on the server. Solution Update the Software Update to the latest version according to the information provided by th...
JVN#44544694: Zen Cart Japanese version vulnerable to cross-site scripting
Zen Cart is an open source system for creating shopping websites. Zen Cart Japanese version contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of a user who is logged on as an administrator. Solution For Zen Cart v1.5 ja variants: Update t...
JVN#21907573: SEIL Series routers vulnerable to denial-of-service (DoS)
SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to an issue in processing NTP requests. Impact By receiving a large volume of NTP request in a short time, the device might continue sending response packets. As a result, the device's...
JVN#87373393: BirdBlog vulnerable to cross-site scripting
BirdBlog is a weblog software. BirdBlog contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use BirdBlog BirdBlog is no longer being developed or maintained, therefore it is recommended to stop using BirdBlog. Produc...
JVN#16485017: SLFileManager for Android vulnerable to directory traversal
SLFileManager provided by S-Link, Inc. contains a flaw in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has privileges ...
JVN#04560253: Yuko Yuko App for Android fails to verify SSL server certificates
Yuko Yuko App for Android provided by Yuko Yuko Corporation fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. As a result, an attacker may obtain information entered into web forms. Solution Update the...
JVN#42511610: acmailer contains a cross-site request forgery vulnerability
Several cgi programs in acmailer contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, information registered in the product may be altered or deleted, or in some cases, the authorization privilege can be stolen. Solution Update the Software...
JVN#41028866: Multifunctional MailForm Free vulnerable to cross-site scripting
Multifunctional MailForm Free contains an issue in processing HTTP Referer headers, which may cause cross-site scripting. Impact By opening a specially crafted HTML document, an arbitrary sctipt may be executed. Solution Update the software Update to the latest version according to the informatio...
JVN#94838679: Cybozu Garoon vulnerable to cross-site scritping
Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the function "Messages", which may result in a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of a user that is logged on. Solution Update the Softwa...
JVN#00058727: Cybozu Remote Service Manager vulnerable to session fixation
Remote Service Manager provided by Cybozu,Inc. is a software to access on-premise systems such as Cybozu products via "Cybozu Remote Service". Remote Service Manager contains a session fixation vulnerability. Impact A remote, unauthenticated attacker may impersonate a registered user. As a result...
JVN#43254599: AutoCAD may insecurely load dynamic libraries
AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact Arbitrary code may be executed with the privileges of the running application. Solution Upgrade t...
JVN#50943964: phpMyFAQ vulnerable to cross-site request forgery
phpMyFAQ is an open source FAQ software. phpMyFAQ contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, settings may be changed unintentionally. Solution Apply an Update Update to the latest version according to the information provided by t...
JVN#30050348: phpMyFAQ vulnerable to cross-site scripting
phpMyFAQ is an open source FAQ software. phpMyFAQ contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's Internet Explorer when using an older version of the browser. Solution Apply an Update Apply the appropriate update for the version of the...
JVN#94245330: Cybozu Garoon vulnerable to denial-of-service (DoS)
Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains a denial-of-service DoS vulnerability. Impact A denial-of-service DoS attack via Garoon 3 Keitai may cause high CPU usage on the server. Solution Update the Software Update to the latest version according to the...
JVN#43886811: EC-CUBE vulnerable to directory traversal
EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a directory traversal vulnerability. Note that this vulnerability is different from JVN04161229. Impact A remote attacker may obtain arbitrary image files on the server. Solution Apply the updat...