Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/25 12:0 a.m.•34 views

JVN#47124169: Oracle iPlanet Web Server information disclosure vulnerability

Oracle iPlanet Web Server formerly Sun Java System Web Server is a web server. Oracle iPlanet Web Server contains an information disclosure vulnerability. Impact A remote attacker may obtain source code. Solution Update the software Update to the latest version according to information provided b...

5CVSS5.9AI score0.02521EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/01/11 12:0 a.m.•34 views

JVN#86347943: SGX-SP Final and SGX-SP Final NE vulnerable to cross-site scripting

SGX-SP Final and SGX-SP Final NE are shopping cart software. SGX-SP Final and SGX-SP Final NE are vulnerable to cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provid...

4.3CVSS6.2AI score0.01263EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/17 12:0 a.m.•34 views

JVN#02175694: AttacheCase may insecurely load executable files

AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...

6.9CVSS7.2AI score0.00287EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 12:0 a.m.•34 views

JVN#85599999: Explzh may insecurely load executable files

Explzh is a file compression/extraction software supporting multiple file formats. Explzh loads certain executables .exe when extracting files. Explzh contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privile...

6.9CVSS7.2AI score0.00365EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/15 12:0 a.m.•34 views

JVN#18774708: Lhaplus may insecurely load executable files

Lhaplus is a file compression/extraction software supporting multiple file formats. Lhaplus loads certain executables .exe when extracting files. Lhaplus contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the...

6.9CVSS7.1AI score0.00295EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/02/25 12:0 a.m.•34 views

JVN#73331060 tDiary plugin tb-send.rb vulnerable to cross-site scripting

tDiary is a weblog software. tDiary plugin tb-send.rb contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on some web browsers. Solution Update the Software Update according to the information provided by the developer. Products Affected tDiary 2.2.2full set...

4.3CVSS5.5AI score0.01996EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/28 12:0 a.m.•34 views

JVN#13011682 SEIL/X Series and SEIL/B1 denial of service vulnerability

SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contain an issue in the processing by the NAT function, which may lead to a denial of service DoS vulnerability. Impact When processing a specially crafted packet, a remote attacker may cause a denial of service. Solution Update the...

7.1CVSS6.5AI score0.01684EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/05/11 12:0 a.m.•34 views

JVN#03114223 SQL injection vulnerability in SKIP from SKIP User Group

SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a SQL injection vulnerability. Impact Contents created by SKIP can be altered or information saved by SKIP can be obtained by a user that can login to SKIP. Solution Update the software Update to the...

7.5CVSS7AI score0.01258EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/07/07 12:0 a.m.•34 views

JVN#00945448 Redmine vulnerable to cross-site scripting

Redmine is open source project management software written by Ruby on Rails framework. Redmine contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the developer...

4.3CVSS6AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/06/27 12:0 a.m.•34 views

JVN#18405927 Multiple Cybozu products vulnerable to cross-site request forgery

Multiple Cybozu products contain a cross-site request forgery vulnerability. Impact If a user views a malicious web page while logged onto the Cybozu web interface, the user's schedules and other configuration settings may be altered. Solution Update the Software Apply the latest updates provided...

6.8CVSS6.4AI score0.01044EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2005/09/21 12:0 a.m.•34 views

JVN#62914675 Ruby vulnerability allowing to bypass safe level 4 as a sandbox

Impact An attacker could possibly execute an arbitrary script. Solution Products Affected Ruby 1.8.2 and earlier...

7.5CVSS6.3AI score0.03256EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/09/09 12:0 a.m.•34 views

JVN#81570776: "@cosme" App fails to restrict custom URL schemes properly

"@cosme" App provided by istyle Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to access an...

4.3CVSS4.4AI score0.00277EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/08/05 12:0 a.m.•33 views

JVN#70666401: Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN

ZWX-2000CSW2-HN provided by ZEXELON CO., LTD. is a high-speed coaxial modem with wireless LAN functions. ZWX-2000CSW2-HN contains multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score 4.5 CVE-2024-39838 Incorrect...

8.8CVSS8.1AI score0.00332EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/05/29 12:0 a.m.•33 views

JVN#15637138: EC-Orange vulnerable to authorization bypass

EC-Orange provided by S-cubism Inc. is an e-commerce website building system package based on an open source software EC-CUBE. EC-Orange contains an authorization bypass vulnerability CWE-639. This is the same issue as JVN51770585 EC-CUBE vulnerable to authorization bypass. Impact A user of the...

9.1CVSS9.1AI score0.02245EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/01/22 12:0 a.m.•33 views

JVN#73587943: Access analysis CGI An-Analyzer vulnerable to open redirect

Access analysis CGI An-Analyzer provided by ANGLERSNET Co,.Ltd. contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Apply the...

6.1CVSS6.2AI score0.00395EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/08/18 12:0 a.m.•33 views

JVN#19661362: Multiple vulnerabilities in Proself

Proself provided by North Grid Corporation is an online storage server software. Proself contains multiple vulnerabilities listed below. Improper authentication CWE-287 - CVE-2023-39415 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 7.5 CVSS...

7.5CVSS8.4AI score0.0087EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/06/13 12:0 a.m.•33 views

JVN#96828492: Chatwork Desktop Application (Mac) vulnerable to code injection

Chatwork Desktop Application Mac provided by Chatwork Co., Ltd. contains a code injection vulnerability CWE-94. Impact A non-administrative user of the Mac on which the product is installed may store and obtain audio and image data with no user-consent from the product. Solution Update the softwa...

4.4CVSS4.8AI score0.00272EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/02/28 12:0 a.m.•33 views

JVN#04785663: Multiple cross-site scripting vulnerabilities in EC-CUBE

EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Contents Management CWE-79 - CVE-2023-22438 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVS...

5.4CVSS6AI score0.00692EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/01/23 12:0 a.m.•33 views

JVN#72418815: Pgpool-II vulnerable to information disclosure

Pgpool-II is cluster management tool. Pgpool-II contains an information disclosure vulnerability CWE-200 in its watchdog function. Note that, only systems that meet all of the following setting requirements are affected by this vulnerability. Watchdog function is enabled usewatchdog = on "query...

6.5CVSS6.4AI score0.00704EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/01/11 12:0 a.m.•33 views

JVN#99957889: Multiple vulnerabilities in MAHO-PBX NetDevancer series

There are multiple vulnerabilities in the Management screen of MAHO-PBX NetDevancer series provided by Mahoroba Kobo, Inc. OS Command Injection CWE-78 - CVE-2023-22279 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2|...

9.8CVSS7.9AI score0.01127EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/10/06 12:0 a.m.•33 views

JVN#15411362: IPFire WebUI vulnerable to cross-site scripting

The web user interface of IPFire provided by IPFire Project contains multiple stored cross-site scripting vulnerabilities CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is using the product. Solution Update the Software Update the Software to the latest...

4.8CVSS5.2AI score0.00681EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/06/09 12:0 a.m.•33 views

JVN#32962443: SHIRASAGI vulnerable to cross-site scripting

SHIRASAGI provided by SHIRASAGI Project contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is using the product. Solution Update the Software Update to the latest version according to the information provided by the...

6.1CVSS6.2AI score0.00963EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/11/12 12:0 a.m.•33 views

JVN#58407606: Unlimited Sitemap Generator vulnerable to cross-site request forgery

Unlimited Sitemap Generator provided by XML-Sitemaps contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the software Update the software to the latest version according to th...

8.8CVSS8.6AI score0.00507EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/09/10 12:0 a.m.•33 views

JVN#81658818: Multiple vulnerabilities in RevoWorks Browser

RevoWorks Browser provided by J’s Communication Co., Ltd. is a virtual browser which enables internet isolation. It provides the function that enables access to drives, folders, files, and registries under the isolated environment from the local environment when running the web browser. RevoWorks...

9.6CVSS9.9AI score0.01222EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/05/25 12:0 a.m.•33 views

JVN#42164352: GroupSession fails to restrict access permissions

GroupSession provided by Japan Total System Co.,Ltd. is open source groupware. GroupSession fails to restrict access permissions. Impact An authenticated attacker may obtain other user's senisitive information such as email. Solution Update the Software Update to the latest version according to t...

6.5CVSS6.3AI score0.01343EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/05/19 12:0 a.m.•33 views

JVN#85512750: Empirical Project Monitor - eXtended vulnerable to cross-site scripting

Empirical Project Monitor - eXtended provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Empirical Project Monitor - eXtended The...

5.4CVSS5.3AI score0.00891EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/10 12:0 a.m.•33 views

JVN#25598952: ​CS-Cart Japanese Edition fails to restrict access permissions

CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition fails to restrict access permissions CWE-425. Impact An unauthenticated remote attacker may create a request of return an item that a consumer has purchased. Solution Update the Software Update to the latest versi...

5.3CVSS5.3AI score0.01174EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/02/03 12:0 a.m.•33 views

JVN#01014759: LaLa Call App for Android fails to verify SSL server certificates

LaLa Call App for Android provided by K-Opticom Corporation fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provid...

5.9CVSS5.5AI score0.00667EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/01/27 12:0 a.m.•33 views

JVN#81618356: CubeCart vulnerable to directory traversal

CubeCart from CubeCart Limited is an open source system for creating online shopping websites. CubeCart contains a directory traversal vulnerability CWE-22. Impact A local file on the server may be accessed by a remote attacker. Solution Update the Software Update to the latest version according ...

6.5CVSS6.4AI score0.0247EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/01/06 12:0 a.m.•33 views

JVN#12124922: WEB SCHEDULE vulnerable to cross-site scripting

WEB SCHEDULE provided by Olive Design contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing the month parameter. Impact An artbitrary script may be executed on the user's web browser. Solution Do not use WEB SCHEDULE WEB SCHEDULE is no longer being developed or...

6.1CVSS6AI score0.0085EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•33 views

JVN#16200242: Cybozu Garoon vulnerable to directory traversal

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a directory traversal vulnerability CWE-22. Impact A user may obtain arbitrary files managed by the product. Solution Update the Software Update to the latest version according to the information provided by the develope...

6.5CVSS6.7AI score0.02525EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/10/03 12:0 a.m.•33 views

JVN#09736331: Cybozu Office vulnerable to information disclosure

Cybozu Office contains an information disclosure vulnerability in the page where CGI environment variables are displayed. Cookie that contains session information has httponly attribute, and the Cookie value cannot be obtained by JavaScript code. However, Cookie values can be obtained in the page...

6.5CVSS6.3AI score0.02023EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/09/23 12:0 a.m.•33 views

JVN#46087986: Multiple plugins for Geeklog IVYWE edition vulnerable to cross-site scripting

Geeklog is an open source content management system CMS. The Geeklog IVYWE edition plugins Assist, dataBox, and userBox each contain a cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on the web browser of a user who is logged on as an administrator. Solution...

6.1CVSS6.1AI score0.0168EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/06/14 12:0 a.m.•33 views

JVN#96052093: ETX-R vulnerable to denial-of-service (DoS)

ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a denial-of-service DoS vulnerability. Impact A remote unauthenticated attacker may cause the web server on the product to be terminated abnormally. Solution Apply a Workaround The following workarounds may mitigate the...

5.3CVSS5.3AI score0.01599EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/06/02 12:0 a.m.•33 views

JVN#48847535: Trend Micro enterprise products multiple vulnerabilities

Multiple enterprise products provided by Trend Micro Incorporated contain the following vulnerabilities. Directory Traversal - CVE-2016-1223 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 4.3 CVSS v2| AV:A/AC:L/Au:N/C:P/I:N/A:N| Base Score:...

6.1CVSS6.3AI score0.04168EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/02/15 12:0 a.m.•33 views

JVN#71428831: Cybozu Office vulnerable to open redirect

Cybozu Office contains an open redirect vulnerability in network functions. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update to the latest version...

7.4CVSS7.3AI score0.01254EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/01/29 12:0 a.m.•33 views

JVN#12165579: Vine MV vulnerable to cross-site scripting

Vine MV contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected Vine MV prior to commit...

6.1CVSS6AI score0.01417EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/12/17 12:0 a.m.•33 views

JVN#43344629: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin. Welcart contains an SQL injection vulnerability CWE-89 due to a flaw in the processing of searchcolumn and switch parameter in admin.php. Impact An unauthenticated attacker may obtain or alter information stored in the database. Solution Appl...

6.5CVSS6.6AI score0.01579EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/11/20 12:0 a.m.•33 views

JVN#51046809: ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting

ArcSight Management Center and ArcSight Logger from Hewlett-Packard Development Company L.P. contain a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS5.6AI score0.01942EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/26 12:0 a.m.•33 views

JVN#97278546: EC-CUBE vulnerable to cross-site request forgery

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page, arbitrary PHP code may be executed on the server. Solution Update or apply the patch Update to the...

5.1CVSS6.8AI score0.00646EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/30 12:0 a.m.•33 views

JVN#08535069: MATCHA SNS vulnerable to code injection

MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains a code injection CWE-94 vulnerability due to a flaw when configuring the database during installation. Impact An unauthenticated attacker who can execute the installer may execute arbitrary PHP code on the server where...

6.8CVSS7.4AI score0.01321EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/16 12:0 a.m.•33 views

JVN#19948778: Photon vulnerable to URL whitelist bypass

Photon provided by Newphoria Corporation Inc. is an application for Android built using "applican". Photon contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. Impact Android version of this app may allow an applican API to be executed if th...

6.8CVSS6.4AI score0.01093EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/11 12:0 a.m.•33 views

JVN#41048401: Japan Connected-free Wi-Fi vulnerable to script injection

Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. is vulnerable to script injection when displaying malformed strings contained in SSID. Impact When the device running the app connects to an access point and its SSID contains malicious script, the script may be executed. Solutio...

4.3CVSS6.2AI score0.01184EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/01 12:0 a.m.•33 views

JVN#09283606: desknet's NEO vulnerable to directory traversal

desknet's NEO provided by NEOJAPAN Inc. contains a directory traversal CWE-22 vulnerability where it fails to verify html parameter in zhtml.cgi. Impact An authenticated attacker may view arbitrary files on the server. Solution Update the Software Update to the latest version according to the...

4CVSS6.2AI score0.01557EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/01 12:0 a.m.•33 views

JVN#81207766: Rakuten card App for iOS fails to verify SSL server certificates

Rakuten card App for iOS provided by Rakuten Card Co., Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided ...

7.4CVSS7AI score0.01026EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/24 12:0 a.m.•33 views

JVN#92828286: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a SQL injection CWE-89 vulnerability due to the processing of changeSort parameter in admin.php. Impact An attacker that can log in to WordPress with this plugin enabled may obtain or alter...

7.5CVSS6.7AI score0.02334EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/06/05 12:0 a.m.•33 views

JVN#98447310: NetFlow Analyzer vulnerable to cross-site scripting

NetFlow Analyzer provided by Zoho Corporation is a traffic analysis tool. NetFlow Analyzer contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software build and apply the patch Update the software to build 10250...

4.3CVSS5.9AI score0.02106EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/04/09 12:0 a.m.•33 views

JVN#12329472: Lhaplus vulnerable to remote code execution

Lhaplus is a file compression/decompression software. Lhaplus contains a remote code execution vulnerability. Impact Decompressing a specially crafted file name may result in an arbitrary code execution. Solution Update the Software Update to the latest version according to the information provid...

6.8CVSS7.5AI score0.02758EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/12/18 12:0 a.m.•33 views

JVN#97384696: TSUTAYA App for Android vulnerable to arbitrary Java method execution

TSUTAYA App for Android contains a vulnerability where an arbitrary Java method may be executed. Impact When viewing a specially crafted web page, an arbitrary Java method may be executed. Solution Update the software Update to the latest version according to the information provided by the...

6.8CVSS6.5AI score0.02016EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 12:0 a.m.•33 views

JVN#09717399: Piwigo vulnerable to cross-site scripting

Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided by the developer. According to t...

4.3CVSS6.7AI score0.01792EPSS
Exploits0
Total number of security vulnerabilities5000