5625 matches found
JVN#50850706: Pimax Play and PiTool accept WebSocket connections from unintended endpoints
Pimax Play and PiTool provided by Pimax accept WebSocket connections from unintended endpointsCWE-923. Impact Arbitrary code may be executed by a remote unauthenticated attacker. Solution Update the Software For Pimax Play, update the software to the latest version according to the information...
JVN#83405304: "OfferBox" App uses a hard-coded secret key
"OfferBox" App provided by i-plug inc. uses a hard-coded secret key for JWT CWE-321. Impact The hard-coded secret key for JWT may be retrieved if the application binary is reverse-engineered. Solution The hard-coded secret key has been revoked by the developer on May 8, 2024 therefore this...
JVN#42691027: "direct" Desktop App for macOS fails to restrict access permissions
"direct" Desktop App for macOS provided by L is B Corp. fails to restrict access permissions CWE-284. The access control mechanism provided by macOS "TCC Transparency Consent and Control" may be bypassed. Impact Camrea, microphone, etc. of the device where the product is installed may be used...
JVN#55217369: Rakuten WiFi Pocket vulnerable to improper authentication
Rakuten WiFi Pocket provided by Rakuten Mobile, Inc. is a mobile router. Management Screen of Rakuten WiFi Pocket contains an improper authentication vulnerability CWE-287. Impact An attacker who can access the product may log in to the product's Management Screen. As a result, sensitive...
JVN#97818024: Multiple vulnerabilities in Pleasanter
Pleasanter provided by Implem Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-32607 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:M/Au:S/C:N/I:P/A:N| Base...
JVN#80476232: SR-7100VN vulnerable to privilege escalation
SR-7100VN provided by ICOM INCORPORATED contains a privilege escalation vulnerability CWE-268. Impact A user with an administrator privilege of the product may obtain administrative privileges of the OS Operating System. As a result, an arbitrary OS command may be executed by the user. Solution...
JVN#60263237: The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries
The installers of ELECOM Camera Assistant and QuickFileDealer provided by ELECOM CO.,LTD. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the running application. Solution...
JVN#75437943: Aiphone Video Multi-Tenant System Entrance Stations vulnerable to information disclosure
Video Multi-Tenant System Entrance Stations provided by AIPHONE CO., LTD. contain an information disclosure vulnerability CWE-200. Impact An attacker who can obtain specific information of the product and access the product may obtain sensitive information stored in the device. Solution Use the...
JVN#00845253: Growi vulnerable to improper access control
GROWI provided by WESEEK, Inc. contains an improper access control vulnerability CWE-284. Impact A user who can login to the affected product may download the markdown data from the pages set to private by the other users. Solution Update the software Update the software to the following versions...
JVN#15241647: WordPress plugin "WP Statistics" vulnerable to cross-site scripting
WordPress plugin "WP Statistics" provided by VeronaLabs contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the web site using the product. Solution Update the plugin Update the plugin according to th...
Information Disclosure Vulnerability in RICOH printers
Overview Multiple RICOH printers contain Information Disclosure CWE-200. RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership. Impact A user who ca...
JVN#60879379: Olive Blog vulnerable to cross-site scripting
Olive Blog provided by Olive Design contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing the search parameter. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Olive Blog Olive Blog is no longer being developed or maintained. It...
JVN#89726415: ManageEngine ServiceDesk Plus fails to restrict access permissions
ManageEngine ServiceDesk Plus provided by Zoho Corporation is a help desk software. ManageEngine ServiceDesk Plus fails to restrict access permissions. Impact A user logged in with guest privileges may access functions for which permissions are not granted. Solution Update the software Update to...
JVN#18926672: Zend Framework vulnerable to SQL injection
Zend Framework is an open source web application framework. Zend Framework 1 contains an SQL injection vulnerability CWE-89 due to a flaw in processing parameters in the ORDER BY and GROUP BY clauses. Impact Information stored in the database may be obtained or altered by a remote attacker...
JVN#85213412: Multiple AKABEi SOFT2 LTD. games vulnerable to OS command injection
Multiple games provided by AKABEi SOFT2 LTD. contain an OS command injection vulnerability CWE-78 due to an issue in loading saved data. Impact When specially crafted saved data is loaded, an arbitrary OS command may be executed. Solution Apply a Workaround The following workaround can mitigate t...
JVN#76653039: CG-WLBARGL vulnerable to command injection
CG-WLBARGL provided by Corega Inc is a wireless LAN router. CG-WLBARGL contains a command injection vulnerability. Impact An arbitrary command may be executed by an authenticated attacker. Solution Do not use CG-WLBARGL As of Jun 22nd, 2016, there are no practical solutions to this issue. It is...
JVN#69278491: Cybozu Office vulnerable to cross-site scripting
Cybozu Office contains a cross-site scripting vulnerability CWE-79 in multiple functions. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected Cyboz...
JVN#25576608: Avast vulnerable to directory traversal
Avast contains an issue in processing archive files, which may result in a directory traversal CWE-22 vulnerability. When an archive file such as zip is detected as containing a virus and the included virus file is being moved or deleted, the operation is done to the file path inside the archive...
JVN#48211537: Party Track SDK for iOS fails to verify server certificates
Party Track SDK for iOS provided by Adways Inc. fails to verify server certificates in encrypted HTTPS communications. According to the developer, in addition to communications by the SDK, communications by the application using NSURLConnection also fail to verify server certificates. Impact A...
JVN#84982142: Pref Shimane CMS vulnerable to SQL injection
Pref Shimane CMS is an open-source Contents Management System CMS. Pref Shimane CMS contains an SQL injection vulnerability. Impact A logged in attacker may execute arbitrary SQL statements. Solution Update the Software Update to the latest version according to the information provided by the...
JVN#27548431: gollum vulnerable to file exposure
gollum is a wiki system that uses git repositories. gollum contains a vulnerability which may allow an attacker to view arbitrary files on the server. Impact A remote attacker may view arbitrary files on the server. Solution Update the Software Update to the latest version according to the...
JVN#65602714: H2O vulnerable to directory traversal
H2O is an open source web server software. H2O contains an issue in processing URL, which may result in a directory traversal CWE-22 vulnerability. Impact A remote attacker may obtain arbitrary files on the server if "file.dir" directive is specified. Solution Update the Software Update to the...
JVN#71815309: Auction Camera vulnerable to URL whitelist bypass
Auction Camera provided by Newphoria Corporation Inc. is an application for both iOS or Android built using "applican". Auction Camera contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. Impact Android version of this app may allow an...
JVN#75851252: "Honda Moto LINC" App for Android fails to verify SSL server certificates
"Honda Moto LINC" App for Android fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the developer. Products...
JVN#41653647: TransmitMail vulnerable to directory traversal
TransmitMail is a PHP based mail form. TransmitMail contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote attacker may view arbitrary files on the server. Solution Update the Software Update to the latest version according to t...
JVN#97099798: eXtplorer vulnerable to cross-site scripting
eXtplorer is a web-based file manager. eXtplorer contains multiple cross-site scripting vulnerabilities. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...
JVN#42768331: Speed Software Root Explorer and Explorer vulnerable to directory traversal
Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application...
JVN#33735535: Fumy News Clipper vulnerable to cross-site scripting
Fumy News Clipper is a weblog system. Fumy News Clipper contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...
JVN#13160869: Chyrp vulnerable to cross-site scripting
Chyrp is a blogging engine. Chyrp contains a cross-site scripting vulnerability. Impact An arbitrary script which may be embedded by an authenticated attacker could be executed on the Admin user's web browser. Solution Update the software Update to the latest version according to the information...
JVN#27702217: Ameba for Android contains an issue where it fails to verify SSL server certificates
Ameba for Android contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the develope...
JVN#32726697: GOM Player vulnerable to denial-of-service (DoS)
GOM Player provided by Gretech contains a denial-of-service DoS vulnerability due to an issue in processing an image file. Impact When processing a specially crafted image file, the player may not be launched. Solution Update the Software Update to the latest version according to the information...
JVN#35376006: Becky! Internet Mail vulnerable to buffer overflow
Becky! Internet Mail contains an issue in processing responses from a POP3 server, which may result in a buffer overflow vulnerability. Impact By receiving a specially crafted response, an arbitrary code may be executed. Solution Update the Software Update to the latest version according to the...
JVN#68340046: intra-mart vulnerable to open redirect
intra-mart is a software framework for creating web applications. intra-mart contains an open redirect vulnerability. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Apply t...
JVN#28812735: D-Link DES-3800 Series vulnerable to denial-of-service (DoS)
DES-3800 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in the Web manager function. Impact A remote attacker may cause the product to stop responding. Solution Update the Firmware Update to the latest version of firmware according to the informatio...
JVN#38790987: EC-CUBE vulnerable to cross-site scripting
EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a vulnerability in processing the output of error messages, which may lead to cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the updat...
JVN#98665228: EC-CUBE vulnerable to cross-site scripting
EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN07192063. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the update ...
JVN#00985872: EC-CUBE vulnerable to session fixation
EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a session fixation vulnerability. Impact A remote unauthenticated attacker may impersonate a user. As a result, information may be disclosed or altered. Solution Apply the update or patch Apply...
JVN#61972596: Online Service Gate vulnerable in Office 365 password management
Online Service Gate provided by SoftBank Technology is a solution to manage the use of Office 365 which allows a system administrator to manage Office 365 users' passwords. Office 365 users' passwords are intended to be managed by a system administrator and cannot be obtained by users. OWA Helper...
JVN#65034198: Sleipnir for Windows vulnerable to address bar spoofing
Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed. Impact A user may misinterpret that the website is using the SSL for communications even when the site is not using SSL. Solution Update the...
JVN#80922020: ArtIME Japanese Input vulnerable to information disclosure
ArtIME Japanese Input is a Japanese Input Method Editor IME for Android devices. ArtIME Japanese Input contains an issue in the access permissions for the certain files. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product...
JVN#86040029: Weathernews Touch for Android stores location information in the system log file
Weathernews Touch provided by Weathernews Inc. is a weather forecast application. Weathernews Touch for Android contains a vulnerability that stores location information in the system log file. Impact Android applications with permissions to read system log files may obtain location information...
JVN#42676559: Safari vulnerable to local file content disclosure
Safari contains a vulnerability where a local file may be accessed from remote, which may result in a local file content disclosure. Impact By opening a specially crafted HTML document as a local file, an arbitrary local file may be obtained from remote even though access from other users is...
JVN#97200417: SENCHA SNS vulnerable to session fixation
SENCHA SNS is an open source SNS software. SENCHA SNS contains a session fixation vulnerability. Impact A remote, unauthenticated attacker may impersonate an honest user of the affected product. As a result, information may be altered or obtained. Solution Update the Software Update to the latest...
JVN#20083397: Movable Type vulnerable to session hijacking
Movable Type contains a session hijacking vulnerability in entering comments and community functionality. Impact A remote unauthenticated attacker may impersonate an honest user of the affected product. Solution Update the software Update to the latest version of each product according to the...
JVN#36559450: osCommerce Japanese version vulnerable to cross-site scripting
osCommerce is an open source system for creating shopping websites. osCommerce Japanese version contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's Internet Explorer. Solution Update the software Update to the latest version according to the...
JVN#54779201: Oracle WebLogic Server vulnerable to cross-site scripting
Oracle WebLogic Server contains a cross-site scripting vulnerability on the management console. Impact An arbitrary script may be executed on the browser of the user who is logged into the administration console of Oracle WebLogic Server. Solution Update the Software Apply the latest update...
JVN#03869266: Enkai-kun vulnerable to cross-site scripting
Enkai-kun provided by utage.org contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products Affected Versions prior t...
JVN#09789751: BaserCMS vulnerable to cross-site scripting
BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer...
JVN#77697803: iVIEW Suite vulnerable to SQL injection
iVIEW Suite provided by RADVISION is a software to manage video conference systems in SCOPIA. iVIEW Suite contains a SQL injection vulnerability. Impact A remote attacker may view or alter the information on the system. Solution Update the Software Update to the latest version according to the...
JVN#50505257: Multiple Buffalo routers vulnerable to cross-site request forgery
Multiple routers provided by Buffalo have a management screen that allows users to modify settings. These routers contain a cross-site request forgery vulnerability due to an issue in the management screen. Impact If a user views a malicious page while logged into the management screen, settings...