5625 matches found
JVN#87655507: CREATE SD official App for Android fails to restrict access permissions
CREATE SD official App for Android provided by CREATE S・D CO., LTD. implements the function to access a requested URL using an Intent. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an Intent from an arbitrary App and to access...
JVN#58362455: MemoCGI vulnerable to directory traversal
MemoCGI provided by ChamaNet contains a directory traversal vulnerability CWE-22. Impact A remote attacker may view files on the server. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected MemoCGI v2.1800 to v2.2200...
JVN#13076220: RFNTPS vulnerable to OS command injection
RFNTPS provided by NIPPON ANTENNA Co.,Ltd. is a terrestrial reception type NTP server. RFNTPS contains an OS command injection vulnerability CWE-78. Impact A user on the same LAN who can access the product may execute an arbitrary OS command with root privilege. Solution Update the Firmware Updat...
JVN#48981892: WordPress Plugin "WordPress Ultra Simple Paypal Shopping Cart" vulnerable to cross-site request forgery
WordPress Plugin "WordPress Ultra Simple Paypal Shopping Cart" provided by Mike Castro Demaria contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin Update the plugin...
JVN#55263945: Multiple vulnerabilities in RICOH Interactive Whiteboard
RICOH Interactive Whiteboard provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Command injection CWE-94 - CVE-2018-16184 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2| AV:N/AC:L/AU:N/C:C/I:C/A:C| Bas...
JVN#11708203: Multiple buffer overflow vulnerabilities in multiple Ricoh printers and Multifunction Printers (MFPs)
Multiple printers and Multifunction Printers MFPs provided by RICOH COMPANY, LTD. contain multiple buffer overflows vulnerabilities listed below. Buffer overflow in parsing HTTP cookie header CWE-119 - CVE-2019-14300 Version| Vector| Score ---|---|--- CVSS v3|...
JVN#94245475: Movable Type Premium vulnerable to cross-site scripting
Movable Type Premium provided by Six Apart Ltd. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the software Update the software to the latest version according to the information provided by the...
JVN#74699196: SHIRASAGI vulnerable to open redirect
SHIRASAGI provided by SHIRASAGI Project contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update to the...
JVN#71877187: Cybozu Garoon vulnerable to SQL injection
Cybozu Garoon provided by Cybozu, Inc. contains an SQL injection vulnerability CWE-89 in the processing of Todo portlet. Impact A user who can login to the product may obtain or alter information stored in the database. Solution Apply the Patch Apply the patch according to the information provide...
JVN#56542712: Multiple vulnerabilities in Nablarch
Nablarch provided by TIS Inc. contains multiple vulnerabilities listed below. The vulnerability in the function of generic formatter by XXE attacks CWE-611 - CVE-2019-5918 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H| Base Score: 8.2 CVSS v2|...
JVN#88862608: Joyful Note vulnerability in handling files
Joyful Note from KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. Joyful Note contains a vulnerability in handling files. Impact A remote attacker may create arbitrary files or delete existing files on the server. As a result, arbitrary code may ...
JVN#39383894: apng-drawable vulnerable to integer overflow
apng-drawable provided by LINE Corporation contains an integer overflow vulnerability CWE-190. Impact An attacker may cause a denial of service DoS condition or execute arbitrary code. Solution Update the Software The developer released apng-drawable that contains a fix for this vulnerability...
JVN#33652328: WordPress plugin "WP Open Graph" vulnerable to cross-site request forgery
WordPress plugin "WP Open Graph" provided by Custom4Web contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin Update the plugin according to the information provided ...
JVN#50810870: Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries
Installer of Creative Cloud Desktop Application provided by Adobe contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...
JVN#12969207: HPE Agentless Management registers unquoted service paths
HP Agentless Management provided by Hewlett Packard Enterprise registers some Windows services with unquoted file paths CWE-428. Impact When a registered Windows service path contains spaces and is unquoted, and a malicious executable is placed on a certain path, the executable may be executed wi...
JVN#41646618: Huawei EchoLife HG8045Q vulnerable to OS command injection
EchoLife HT8045Q provided by Huawei is an ONT Optical Network Terminal device. It is equipped with the command line interface for network operators' maintenance purpose, which is disabled by default. When the command line interface is enabled, operators can interact with a certain restricted set ...
JVN#79543573: The installer of Microsoft Teams may insecurely load Dynamic Link Libraries
The installer of Microsoft Teams contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Microsoft states that the root cause of this vulnerability is "Application Directory App Dir DLL planting" , thus there is no plan to release any...
JVN#40288903: Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting
Dradis Community Edition and Dradis Professional Edition provided by Security Roots Ltd contain a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest version of software according to the...
JVN#30962312: TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
TERASOLUNA Server Framework for JavaWeb provided by NTT DATA Corporation is a software framework for creating Java web applications. TERASOLUNA Server Framework for JavaWeb bundles Apache Struts 1.2.9, which contains a vulnerability where the ClassLoader may be manipulated CVE-2014-0114. Therefor...
JVN#96783542: Multiple vulnerabilities in multiple LOGITEC products
Multiple products provided by LOGITEC CORPORATION contain multiple vulnerabilities listed below. Improper restriction of excessive authentication attempts CWE-307 - CVE-2021-20635 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 4.3 CVSS v2|...
JVN#14776551: Multiple vulnerabilities in WordPress Plugin "wpDataTables Lite"
WordPress Plugin "wpDataTables Lite" provided by TMS-Plugins contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2019-6011 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N|...
JVN#20248858: WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection
WordPress Plugin "Paid Memberships Pro" contains an SQL injection vulnerability CWE-89. Impact An attacker who can access the administrative page of Paid Membership Pro may obtain and/or alter the information stored in the database. Solution Update the plugin Update the plugin according to the...
JVN#11622218: iChain Insurance Wallet App for iOS vulnerable to directory traversal
iChain Insurance Wallet App for iOS provided by iChain, Inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability CWE-22, CVE-2018-16202. Impact A remote attacker may obtain an arbitrary file such as a file related to an application on iOS device...
JVN#59436681: Multiple vulnerabilities in EC-CUBE module "REMISE Payment module (2.11, 2.12 and 2.13)"
EC-CUBE module "REMISE Payment module 2.11, 2.12 and 2.13" provided by REMISE Corporation contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2019-6016 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...
JVN#40439414: A vulnerability in V20 PRO L-01J that may cause a crash
V20 PRO L-01J provided by NTT DOCOMO, INC. is an Android smartphone. V20 PRO L-01J contains a flaw in processing connection using Wi-Fi CERTIFIED Passpoint which may result in the device to crash when Poasspoint is enabled. Impact If an attacker sets up a specially crafted Passpoint applied acces...
JVN#34634458: PowerCMS vulnerable to open redirect
PowerCMS provided by Alfasado Inc. contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update the software t...
JVN#01119243: API server used by JR East Japan train operation information push notification App for Android fails to restrict access permissions
JR East Japan train operation information push notification App for Android provided by East Japan Railway Company fails to restrict access permissions CWE-284. The application is no longer available/supported, and its service was ended in 2019 march 23. Impact A remote attacker may obtain or alt...
JVN#83655695: Multiple Dahua Technology products vulnerable to authentication bypass
Multiple products provided by Dahua Technology contain an authentication bypass vulnerability CWE-287. Impact The product's identity verification may be bypassed if a remote attacker sends specially crafted data packets. Solution Update the software Update the software to the latest version...
JVN#74530672: NetCommons3 vulnerable to cross-site scripting
NetCommons3 provided by The NetCommons Project contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products...
JVN#25359688: EC-CUBE vulnerable to open redirect
EC-CUBE provided by LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted page, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a...
JVN#62161191: JavaFX WebEngine does not properly restrict Java method execution
JavaFX, GUI library for Java applications, is provided with OracleJDK 7 through 10. Since OracleJDK 11, JavaFX is separately maintained and developed by OpenJFX project under OpenJDK community. JavaFX WebEngine component is capable of web content rendering, and possible to be configured to allow...
JVN#78745667: Multiples security updates for multiple Cybozu products
Cybozu, Inc. has released multiple security updates for multiple Cybozu products. CyVDB-2465 Credential Disclosure Vulnerability - CVE-2020-5572 CyVDB-2484 Credential Disclosure Vulnerability - CVE-2020-5573 Impact A user who can login to the product may obtain sensitive information registered in...
JVN#10377257: Multiple vulnerabilities in a-blog cms
a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2019-6033 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N| Base Score: 4.3...
JVN#13199224: PgpoolAdmin fails to restrict access permissions
PgpoolAdmin provided by PgPool Global Development Group fails to restrict access permissions CWE-264. Impact A remote attacker may bypass the login authentication and obtain the administrative privilege of the PostgreSQL database. Solution Update the Software Update to the latest version accordin...
JVN#95875796: Multiple OS command injection vulnerabilities in DBA-1510P
DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score...
JVN#69181574: Windows 7 may insecurely load Dynamic Link Libraries
In standard DLL files provided by Windows 7, there are some DLL files read from the same directory where the program resides when executing the program CWE-427. Microsoft states that the root cause of this vulnerability is "Application Directory App Dir DLL planting" , thus there is no plan to...
JVN#05875753: azure-umqtt-c vulnerable to denial-of-service (DoS)
azure-umqtt-c contains a denial-of-service DoS vulnerability CWE-400. Impact An attacker may be able to cause a denial-of-service DoS. Solution Apply the update Update azure-umqtt-c according to the information provided by the developer. Products Affected azure-umqtt-c that was available through...
JVN#41119755: Movable Type XMLRPC API vulnerable to OS command injection
Movable Type XMLRPC API provided by Six Apart Ltd. contains an OS command injection vulnerability CWE-78. Sending a specially crafted message by POST method to Movavle Type XMLRPC API may allow arbitrary OS command execution. 【Updated on 2021 November 10】 As of 2021 November 10, a Proof-of-Concep...
JVN#42031953: FileCapsule Deluxe Portable and Encrypted Files in Self-Decryption Format created by FileCapsule Deluxe Portable may insecurely load Dynamic Link Libraries
FileCapsule Deluxe Portable is a file encryption software. FileCapsule Deluxe Portable contains the following vulnerabilities. FileCapsule Deluxe Portable insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2265, CVE-2017-2267, CVE-2017-2269 Version| Vector| Score ---|---|--- CVSS v3|...
JVN#38248512: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2
Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 provided by NEC Corporation contain multiple vulnerabilities listed below. Aterm WF800HP: Cross-site Scripting CWE-79 - CVE-2021-20620 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...
JVN#87535892: Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR
Aterm WF1200CR and Aterm WG1200CR provided by NEC Corporation contain multiple vulnerabilities listed below. Information disclosure CWE-200 - CVE-2018-16192 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 4.3 CVSS v2|...
JVN#40208370: XACK DNS vulnerable to denial-of-service (DoS)
XACK DNS is DNS server software provided by XACK, Inc. XACK DNS contains a denial-of-service DoS vulnerability due to an issue commonly referred to as NXNSAttack. Impact A remote attacker may be able to cause denial-of-service DoS conditions listed below. The performance of the recursive resolver...
JVN#05340005: WCR-1166DS vulnerable to OS command injection
WCR-1166DS provided by BUFFALO INC.is a wireless LAN router. WCR-1166DS contains an OS command injection vulnerability CWE-78. Impact A user who can access the administrative console of the device may execute an arbitrary OS command. Solution Update the Firmware Apply the firmware update accordin...
JVN#87164507: Calsos CSDJ fails to restrict access permissions
Calsos CSDJ provided by NEC Platforms, Ltd. fails to restrict access permissions CWE-264, which may lead to an unauthorized user being able to view the historical data without access privileges. Impact A user who can login to the product may obtain unauthorized historical data without access...
JVN#43193964: OpenAM (Open Source Edition) vulnerable to open redirect
OpenAM Open Source Edition contains an open redirect vulnerability. Impact When accessing a specially crafted page, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Apply the Patch Patch for this vulnerability has been...
JVN#35649781: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Authentication bypass in the API used to specify the fields CWE-287 - CVE-2020-5563 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2|...
JVN#75617741: Intel Dual Band Wireless-AC 8260 vulnerable to denial-of-service (DoS)
Intel Dual Band Wireless-AC 8260 contains a denial-of-service DoS vulnerability CWE-400. Impact An attacker may be able to cause a denial-of-service DoS. Solution Update the device driver Apply the appropriate device driver update according to the information provided by the developer. Products...
JVN#63981842: PowerAct Pro Master Agent for Windows fails to restrict acess permissions
PowerAct Pro Master Agent for Windows provided by OMRON SOCIAL SOLUTIONS Co.,Ltd. fails to restrict access permissions. Impact A user with an Windows general user acccount may alter or edit a file which the user does not have a permission to access. Solution Update the Software Update the softwar...
JVN#45797538: Multiple vulnerabilities in Cybozu Office
Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1657 Operational restrictions bypass vulnerability in Scheduler CWE-264 - CVE-2021-20624 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N| Base Score: 4.3 CVSS v2|...
JVN#78422300: The installer of MARKET SPEED may insecurely load Dynamic Link Libraries
The installer of MARKET SPEED provided by Rakuten Securities, Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...