Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/10/16 12:0 a.m.•30 views

JVN#66285408: Aflax vulnerable to cross-site scripting

Aflax is a JavaScript library that enables developers to use JavaScript to fully utilize all of the features of the Adobe Flash runtime. Aflax contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Aflax According t...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/25 12:0 a.m.•30 views

JVN#48270605: Yahoo! Japan Box for Android issue where it fails to verify SSL server certificates

Yahoo! Japan Box for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version...

5.4CVSS6.2AI score0.00354EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 12:0 a.m.•30 views

JVN#85748534: PerlMailer vulnerable to cross-site scripting

PerlMailer from Homepage Decorator is a mail form CGI which is used to send mail from a form on a web page. PerlMailer CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

4.3CVSS6.1AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/06/04 12:0 a.m.•30 views

JVN#54650130: SOY CMS vulnerable to cross-site scripting

SOY CMS provided by Nippon Institute of Agroinformatics Ltd. is an open source content management system CMS. SOY CMS contains a cross-site scripting vulnerability. Impact If a user views a malicious page while logged in, an arbitrary script may be executed on the user's web browser. Solution App...

4.3CVSS5.9AI score0.00931EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/22 12:0 a.m.•30 views

JVN#17849447: EC-CUBE vulnerable to information alteration

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information alteration vulnerability. Impact User's information may be altered by other user who visits the shopping site. Solution Apply the update or the patch Apply the update or the patch...

6.4CVSS6.3AI score0.01569EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•30 views

JVN#06377589: EC-CUBE vulnerable to cross-site scripting

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the update or the patch Apply the update or the patch according to the...

4.3CVSS6AI score0.01883EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•30 views

JVN#11221613: EC-CUBE vulnerable to cross-site request forgery

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, unintended operations may be conducted. Solution Apply the update or the patch Apply the upda...

6.8CVSS6.3AI score0.01079EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 12:0 a.m.•30 views

JVN#07192063: EC-CUBE vulnerable to cross-site scripting

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN98665228. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the update ...

4.3CVSS5.8AI score0.05932EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/07 12:0 a.m.•30 views

JVN#39218538: Pizza Hut Japan Official Order App for Android. contains an issue where it fails to verify SSL server certificates

Pizza Hut Japan Official Order App for Android. contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the...

5.8CVSS5.9AI score0.00582EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/12 12:0 a.m.•30 views

JVN#02895867: Sleipnir Mobile for Android loads arbitrary Extension API

Sleipnir Mobile for Android has an Extension mechanism to customize browser functions, and this Extension function makes calls to an Extension API. Sleipnir Mobile for Android contains an issue that may allow a specially crafted web page to load an arbitrary Extension API. Impact If a user access...

5.8CVSS6.4AI score0.0088EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/28 12:0 a.m.•30 views

JVN#64756004: dopvCOMET* vulnerable to cross-site scripting

dopvCOMET provided by bayashi.net is a software to analyze web access logs. dopvCOMET contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Modify the JavaScript Modify the JavaScript that enables to log accesses, according t...

4.3CVSS5.8AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/28 12:0 a.m.•30 views

JVN#86318665: jigbrowser+ for Android vulnerable in the WebView class

jigbrowser+ is a web browser for a smartphone. jigbrowser+ for Android contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Update the software Updat...

4.3CVSS6.1AI score0.01191EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 12:0 a.m.•30 views

JVN#59842447: Zenphoto vulnerable to cross-site scripting

Zenphoto is a content management system CMS. Zenphoto contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/01 12:0 a.m.•30 views

JVN#97995841: Segue vulnerable to SQL injection

Segue is a content management system. Segue contains a SQL injection vulnerability. Impact A remote, unauthenticated attacker may bypass authentication and login as an administrator. Solution Do not use Segue Segue services will no longer be available after August 31, 2012. Refer to the informati...

7.5CVSS7.5AI score0.02341EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/23 12:0 a.m.•30 views

JVN#92683325: Movable Type vulnerable to OS command injection

Movable Type contains an OS command injection vulnerability in its file management system. Impact A user with a privilege to upload files may execute an arbitrary OS command. Solution Update the software Update to the latest version of each product according to the information provided by the...

6.5CVSS7AI score0.02421EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/11 12:0 a.m.•30 views

JVN#80971236: WEB FORUM vulnerable to cross-site scripting

WEB FORUM provided by KENT-WEB is a bulletin-board software. WEB FORUM contains a vulnerability in handling web form entries, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version...

4.3CVSS6AI score0.01403EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/01/07 12:0 a.m.•30 views

JVN#09157962: SquirrelMail vulnerable to cross-site scripting

SquirrelMail from SquirrelMail Project is an open source webmail web-based email. SquirrelMail contains an issue in handling specific character encoding and processing "data:" URL, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser...

4.3CVSS5.6AI score0.0253EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/08/31 12:0 a.m.•30 views

JVN#75101998: moobbs2 vulnerable to cross-site scripting

moobbs2 from Moo is a threaded bulletin board software. moobbs contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/04/08 12:0 a.m.•30 views

JVN#46669729 MODx vulnerable to cross-site scripting

MODx provided by the MODx CMS Project is a Contents Management System CMS software. MODx contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

4.3CVSS5.6AI score0.01645EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/11 12:0 a.m.•30 views

JVN#70858401 Buffer overflow vulnerability in Microsoft Works converters

Microsoft Works converters contain a buffer overflow vulnerability when processing Works .wps files. Impact If a user opens a malicious Works file, an attacker may execute arbitrary code. Solution Update the software Update to latest version according to the information provided by Microsoft...

9.3CVSS6.9AI score0.3562EPSS
Exploits5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/11/06 12:0 a.m.•30 views

JVN#19072922 EC-CUBE vulnerable to SQL injection

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a SQL injection vulnerability. This vulnerability is different from JVN81111541. Impact A remote attacker could obtain the website administrator's privilege which was created using EC-CUBE...

7.5CVSS7.4AI score0.01063EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2007/12/26 12:0 a.m.•30 views

JVN#33044255 GreaseKit and Creammonkey allows execution of userscript functions

GreaseKit and Creammonkey are plugins that enable user scripting to Safari and other Apple Webkit applications, and they provide APIs callable only from userscripts. GreaseKit and Creammonkey are vulnerable in allowing APIs called from a web page. Impact When a user views a specially crafted web...

6.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2007/01/22 12:0 a.m.•30 views

JVN#07274813 phpAdsNew cross-site scripting vulnerability

The products listed below use the same module as phpAdsNew thus they are also affected by the vulnerability. All users of these products are encouraged to update to the latest versions provided by the developer. phpPgAds 2.0.9-pr1 and earlier Max Media Manager v0.1.29-rc and earlier Max Media...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2006/09/13 12:0 a.m.•30 views

JVN#52201480 Microsoft Windows Indexing Service cross-site scripting vulnerability

Impact If the Indexing Service in Internet Information Services IIS provides search capabilities, an arbitrary script could be executed on the user's web browser. Solution Products Affected Windows 2000 Windows XP Windows 2000 Server Windows Server 2003...

4.3CVSS6.2AI score0.33221EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2005/04/19 12:0 a.m.•30 views

JVN#97757029 w3ml cross-site scripting vulnerability

Impact An arbitrary script could be executed on the user's web browser which may allow an attacker to steal cookie information. Solution Products Affected w3ml-0.4-20020625 and earlier...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/01/21 12:0 a.m.•29 views

JVN#83855727: FortiWeb vulnerable to SQL injection

FortiWeb provided by Fortinet, Inc. contains an SQL injection vulnerability CWE-89, CVE-2024-55593. Impact Information in the FortiWeb database may be obtained by a user who can log in to the product. Solution Update the software Update the software to the latest version according to the...

2.7CVSS7.8AI score0.00392EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/05/28 12:0 a.m.•29 views

JVN#71404925: Multiple vulnerabilities in UTAU

UTAU provided by ameya/ayame contains multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Base Score 5.3 CVE-2024-28886 Path Traversal CWE-22 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 3.3 CVE-2024-32944 Impact If a user of...

8.4CVSS8.8AI score0.00663EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/05/17 12:0 a.m.•29 views

JVN#85380030: WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal

WordPress Plugin "Download Plugins and Themes from Dashboard" provided by WPFactory LLC contains a path traversal vulnerability CWE-22. Impact The user with "switchthemes" privilege may obtain arbitrary files on the server. Solution Update the plugin Update the plugin to the latest version...

6.5CVSS6.7AI score0.00669EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/11/10 12:0 a.m.•29 views

JVN#99177549: HOTELDRUID vulnerable to cross-site scripting

HOTELDRUID provided by DigitalDruid.Net contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the product. Solution Update the software Update the software according to the information provided by the...

6.1CVSS6AI score0.00705EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/10/25 12:0 a.m.•29 views

JVN#39139884: Movable Type vulnerable to cross-site scripting

Movable Type provided by Six Apart Ltd. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the Software Apply the appropriate update according to the information provided by the developer. The develop...

5.4CVSS5.4AI score0.00354EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/08/02 12:0 a.m.•29 views

JVN#61337171: SEIKO EPSON printer Web Config vulnerable to denial-of-service (DoS)

SEIKO EPSON printer Web Config contains a denial-of-service DoS vulnerability due to improper input validation CWE-20. Impact The printer may be turned off by a remote attacker. Solution Apply workarounds The developer strongly recommends users to apply workarounds, as the update firmware for the...

7.5CVSS7.5AI score0.00644EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/06/16 12:0 a.m.•29 views

JVN#19748237: Multiple vulnerabilities in Panasonic AiSEG2

Panasonic AiSEG2 contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2023-28726 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 7.5 CVSS v2| AV:N/AC:H/Au:S/C:C/I:C/A:C| Base Score: 7.1 Improper Authentication...

9.6CVSS9.2AI score0.00811EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/06/01 12:0 a.m.•29 views

JVN#33836375: "Jiyu Kukan Toku-Toku coupon" App vulnerable to improper server certificate verification

"Jiyu Kukan Toku-Toku coupon" App provided by RUNSYSTEM CO.,LTD. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the application Update the application to the...

4.8CVSS4.8AI score0.00281EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2023/01/31 12:0 a.m.•29 views

JVN#84642320: SUSHIRO App for Android outputs sensitive information to the log file

SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file CWE-532. Impact An attacker may obtain a credential information from the log file. Solution Update the Application Update the application to the latest version according to the information...

7.5CVSS7.3AI score0.00784EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/12/19 12:0 a.m.•29 views

JVN#06093462: Zenphoto vulnerable to cross-site scripting

Zenphoto contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is using the product. Solution Update the software Update the software to the latest version according to the information provided by the developer...

6.1CVSS4.9AI score0.00742EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/11/16 12:0 a.m.•29 views

JVN#24659622: RICOH Aficio SP 4210N vulnerable to cross-site scripting

Aficio SP 4210N provided by RICOH COMPANY, LTD. contains a cross-site scripting vulnerability CWE-79 in Web Image Monitor. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege. Solution Update the firmware...

4.8CVSS4.9AI score0.00598EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/06/01 12:0 a.m.•29 views

JVN#04155116: WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting

WordPress Plugin "Modern Events Calendar Lite" provided by Webnus contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the website using the plugin. Solution Update the plugin Update the plugin to t...

5.4CVSS5.2AI score0.00529EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/12/10 12:0 a.m.•29 views

JVN#63047298: Kinza vulnerable to cross-site scripting

Kinza provided by Dayz Inc. contains a cross-site scripting vulnerability CWE-79. Impact If CSP Content Security Policy on the affected product is disabled, an arbitrary script may be executed on the web browser of the user who uses RSS reader. Solution Update the Software Update to the latest...

6.1CVSS6.1AI score0.00781EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/06/13 12:0 a.m.•29 views

JVN#33124193: Local File Inclusion vulnerability in Zenphoto

Zenphoto is a content management system CMS. Zenphoto contains a Local File Inclusion vulnerability. Impact Sensitive information may be obtained or arbitrary code may be executed by a remote administrative user. Solution Update the Software Update to the latest version according to the informati...

7.2CVSS7.2AI score0.01846EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/03/07 12:0 a.m.•29 views

JVN#13003724: OneThird CMS vulnerable to cross-site scripting

OneThird CMS provided by SpiQe Software contains a cross-site scripting vulnerability CWE-79 due to an issue in processing the inquiry form. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the Software Update to the latest version according to the...

6.1CVSS6AI score0.01146EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/01/24 12:0 a.m.•29 views

JVN#09460804: Knowledge vulnerable to cross-site request forgery

Knowledge provided by support-project.org is an open-source knowledge base platform. Knowledge contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Update to the...

8.8CVSS8.6AI score0.00741EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/11 12:0 a.m.•29 views

JVN#34103586: Multiple I-O DATA network camera products vulnerable to information disclosure

Multiple network camera products provided by I-O DATA DEVICE, INC. contain an information disclosure vulnerability CWE-200. Impact Information such as authentication credentials may be disclosed by an attacker who can access the product. Solution Update the Firmware Apply the appropriate firmware...

7.5CVSS7.5AI score0.02663EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/10/19 12:0 a.m.•30 views

JVN#03251132: Installer of Evernote for Windows may insecurely load Dynamic Link Libraries

The installer of Evernote for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the Latest Installer Use the latest installer...

7.8CVSS7.6AI score0.01534EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/08/25 12:0 a.m.•29 views

JVN#05924524: LINE for Windows fails to properly verify downloaded files

The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified. Impact A successful man-in-the-middle attack may result in a specially crafted file prepared by an attacker being downloaded and executed. Solution...

8.1CVSS7.9AI score0.02201EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/03/30 12:0 a.m.•29 views

JVN#07818796: Aterm WF800HP vulnerable to cross-site request forgery

Aterm WF800HP provided by NEC Corporation contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Firmware Update to the latest firmware version according to the information...

8.8CVSS8.7AI score0.00629EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/03/24 12:0 a.m.•29 views

JVN#86517621: WordPress plugin "WP Favorite Posts" vulnerable to cross-site scripting

"WP Favorite Posts" is a plugin for WordPress. WP Favorite Posts contains a cross-site scripting vulnerability. Note that this vulnerability cannot be exploited on the default settings. Impact An arbitrary script may be executed on the user's web browser. Solution Update the plugin Update to the...

6.1CVSS6AI score0.01491EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/02/15 12:0 a.m.•29 views

JVN#64209269: Cybozu Office vulnerable to cross-site request forgery

Cybozu Office contains a cross-site request forgery vulnerability CWE-352 in multiple functions. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Update to the latest version according to the information provided by the...

8.8CVSS8.3AI score0.00629EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/12/25 12:0 a.m.•29 views

JVN#50775659: CG-WLBARAGM may behave as an open proxy

CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains an issue where it may behave as an open proxy. Impact The device may be leveraged as a proxy server to conduct cyber attacks. Solution Apply a Workaround The following workaround may mitigate the affects of this...

5.8CVSS5.5AI score0.01599EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/12/09 12:0 a.m.•29 views

JVN#34489380: WL-330NUL vulnerable to remote command execution

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a remote command execution vulnerability. Impact An attacker that can access the product may execute an arbitrary command with administrative privileges. Solution Update the Firmware Update the firmware to...

7.3CVSS7.4AI score0.0223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/16 12:0 a.m.•29 views

JVN#37825153: AirDroid for Android vulnerable in handling of implicit intents

AirDroid for Android provided by SAND STUDIO contains a vulnerability in the handling of implicit intents. Impact Information in AirDroid may be leaked to a third party through a malicious Android application. Solution Update the Software Update to the latest version according to the information...

4.3CVSS6.2AI score0.00893EPSS
Exploits0
Total number of security vulnerabilities5000