Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/08 8:48 a.m.12 views

Multiple vulnerabilities in GroupSession

Overview GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2025-53523 Stored cross-site scripting CWE-79 - CVE-2025-54407 Reflected cross-site scripting CWE-79 - CVE-2025-57883 Cross-site request forgery...

6.9CVSS5.9AI score0.00186EPSS
Exploits0References17
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/18 12:0 a.m.12 views

JVN#95938761: UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting

UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation contains the following vulnerability. Cross-site scripting CWE-79 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1 CVE-2025-8153 Impact If a...

5.1CVSS6.7AI score0.00311EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/24 12:0 a.m.12 views

JVN#39913189: TP-Link Archer C1200 vulnerable to clickjacking

Archer C1200 provided by TP-Link Systems Inc. contains the following vulnerability. Clickjacking CWE-1021 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3 CVE-2025-6983 Impact If a user views a malicious pag...

5.1CVSS6.3AI score0.00392EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/30 12:0 a.m.12 views

JVN#51394666: Multiple vulnerabilities in wivia 5

wivia 5 provided by UCHIDA YOKO CO., LTD. contains multiple vulnerabilities listed below. OS Command Injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H Base Score 6.7 CVE-2025-41385 Cross-site Scripting CWE-...

7.5CVSS8AI score0.0124EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/01/27 12:0 a.m.12 views

JVN#05508012: EXIF Viewer Classic vulnerable to cross-site scripting

EXIF Viewer Classic provided by Rodrigue former Kakera is a Google Chrome browser extension. The affected versions of the product improperly handle EXIF meta data, resulting in a cross-site scripting vulnerability CWE-79. Versions 2.3.2 and 2.4.0 were reported as vulnerable. The vendor informs us...

6.1CVSS6.2AI score0.00347EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/08/06 12:0 a.m.12 views

JVN#78728294: Firmware update for RICOH JavaTM Platform resets the TLS configuration

JavaTM Platform provided by Ricoh Company, Ltd. is the execution environment for firmware extensions of Ricoh MFPs and printers, providing TLS Transport Layer Security communication mechanism. When the firmware for JavaTM Platform is updated from Ver.12.89 or earlier versions to a newer version,...

7.5CVSS7.6AI score0.0051EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/06/16 5:5 a.m.12 views

Multiple vulnerabilities in Panasonic AiSEG2

Overview Panasonic AiSEG2 contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2023-28726 Improper Authentication CWE-287 - CVE-2023-28727 Taku Toyama of NEC Corporation reported CVE-2023-28726 and CVE-2023-28727 vulnerabilities to Panasonic and coordinated. Panasonic...

9.6CVSS7.9AI score0.00811EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/04/17 12:0 a.m.12 views

JVN#14492006: API server of TONE Family vulnerable to authentication bypass using an alternate path

API server of TONE Family provided by DREAM TRAIN INTERNET INC. contains an authentication bypass vulnerability using an alternate path CWE-288. Impact A remote unauthenticated attacker may login to the management console of the affected service by using E-mail address required when logging into...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/25 5:0 a.m.12 views

MQTT.js issue in handling PUBLISH packets

Overview MQTT.js is a client library for MQTT. MQTT.js contains an issue in handling PUBLISH packets sent from an MQTT Broker. Masataka Sakaguchi, Bintatsu Noda and Hisashi Kojima of Fujitsu Laboratories Ltd.reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

6.5CVSS6.9AI score0.02214EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:50 a.m.12 views

Multiple vulnerabilities in baserCMS

Overview baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2017-10842 Arbitary files may be deleted - CVE-2017-10843 Arbitary PHP code execution - CVE-2017-10844 Shoji Baba reported the vulnerabilities to IPA. JPCERT/CC...

9.8CVSS8.9AI score0.01766EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/12/22 5:26 a.m.12 views

H2O use-after-free vulnerability

Overview H2O is an open source web server software. H2O contains a use-after-free vulnerability CWE-416 due to a flaw in the process of upgrading from HTTP/1 to HTTP/2. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated...

9.1CVSS6.9AI score0.02184EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/02/12 12:0 a.m.12 views

JVN#77012922: Microsoft Producer for Microsoft Office PowerPoint vulnerable to cross-site scripting

Microsoft Producer for Microsoft Office PowerPoint may create a web page which contains a DOM-based cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Microsoft Producer for Microsoft Office PowerPoint Microsoft...

6.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/05/31 12:0 a.m.12 views

JVN#24560784: Adobe Reader X vulnerable to sandbox bypass

Adobe Reader X contains a vulnerability which may allow the sandbox to be bypassed. Impact Arbitrary process using arbitrary arguments may be executed with the privileges of the user. Solution Update the software and apply MS13-005 Update to the latest version of Adobe Reader X and make sure that...

7.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/12/15 12:0 a.m.12 views

JVN#15549168: Safari for iOS vulnerable to denial-of-service

Safari for iOS contains a denial-of-service DoS vulnerability. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the software Update to the latest version of iOS according to the information provided by the developer. Products Affected Safari contained in iOS...

6.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/06/15 12:0 a.m.12 views

JVN#73643130: Microsoft MSXML vulnerability in HTTP request processing

MSXML provided by Microsoft contains a vulnerability where HTTP requests for XMLHTTP objects are not processed properly. As a result, when going through a proxy server, information may be sent to another server. Impact When going through a proxy server, information such as authentication...

7.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2011/06/15 12:0 a.m.12 views

JVN#26408023: Internet Explorer vulnerable to cross-site scripting

Internet Explorer contains a cross-site scripting vulnerability due to the processing of malformed file names. Impact An arbitrary script may be executed on the user's web browser when the setting for "Use folder view for FTP sites" is turned off. Note that this setting is turned on by default...

6.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/09/11 12:0 a.m.12 views

JVN#05857667 Webservice-DIC yoyaku_v41 vulnerable to command injection

yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. This vulnerability is different from JVN80436657. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution...

7.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/02/10 12:0 a.m.12 views

JVN#45184501 FAST ESP cross-site scripting vulnerability

FAST ESP from Microsoft is a software that enables users to consolidate information for searching purposes. FAST ESP's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software An update i...

6.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/03/27 12:0 a.m.12 views

JVN#76669770 PerlMailer cross-site scripting vulnerability

PerlMailer is a mail form CGI provided by "Homepage Decorator". It is used to send mail from a form on a web page. A cross-site scripting vulnerabiltiy exists in PerlMailer. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

6.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/02/29 12:0 a.m.12 views

JVN#53757727 Nagios cross-site scripting vulnerability

Nagios from Nagios.org is software that monitors network services, hosts, and other resources. Nagios contains a cross-site scripting vulnerability. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Update the software to the latest version accordi...

6.5AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/12/18 12:0 a.m.12 views

JVN#75130343 Google Web Toolkit vulnerable to cross-site scripting

Google Web Toolkit GWT is an open source software development framework that allows web developers to create Ajax applications in Java. The benchmark reporting system in GWT is vulnerable to cross-site scripting. Impact An arbitrary script can be executed on the user's web browser. Solution Updat...

6.5AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/12/11 12:0 a.m.12 views

JVN#77414947 Cybozu Office denial of service (DoS) vulnerability

Cybozu Office, web-based groupware, is vulnerable to a denial of service DoS attack because it fails to properly handle specially crafted HTTP requests. Impact A remote attacker can cause a denial of service DoS against the server. Solution Update the Software For more information, refer to the...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/11/19 12:0 a.m.12 views

JVN#33820033 RoundCube Webmail cross-site request forgery vulnerability

RoundCube Webmail is an open source webmail client from the RoundCube Project. RoundCube Webmail contains a cross-site request forgery vulnerability that may allow disclosure of information such as email subject lines. Impact Information such as email subject lines may be disclosed on the web...

6.7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/11/07 12:0 a.m.12 views

JVN#84565055 Lotus Domino cross-site scripting vulnerability

IBM Lotus Domino is server software for Lotus Notes, groupware from IBM. Lotus Domino contains a cross-site scripting vulnerability. Impact An attacker could execute an arbitrary script on the web browser of a user who accesses a Lotus Domino server. Solution Update the Software For Lotus Domino...

6.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/11/05 12:0 a.m.12 views

JVN#79295963 NetCommons cross-site scripting vulnerability

NetCommons from the NetCommons Project is an open source content management system which provides e-learning and groupware functions. NetCommons contains a cross-site scripting vulnerability. This vulnerability is different from JVN51301450. Impact An attacker could execute an arbitrary script on...

6.7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/10/12 12:0 a.m.12 views

JVN#63304072 MouseoverDictionary vulnerable to arbitrary script execution

MouseoverDictionary, an add-on mouseover English-Japanese dictionary for Mozilla Firefox, contains a vulnerability that allows an attacker to execute an arbitrary script on the user's web browser as it does not handle the sidebar HTML page properly. Impact An attacker could execute an arbitrary...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/08/27 12:0 a.m.12 views

JVN#82276964 Tuigwaa cross-site scripting vulnerability

Tuigwaa from the Tuigwaa Project is open source software to develop web applications. Tuigwaa contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the developer. For mo...

6.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/04/17 12:0 a.m.12 views

JVN#91305178 InfoBarrier4 self-decrypted file vulnerability

Impact The third party could view the contents of self-decrypted files or obtain the passwords used for self-decryption. Solution Products Affected InfoBarrier4 Standard Plus: V4.0L10, V4.0L20...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/01/25 12:0 a.m.12 views

JVN#82258242 Shopping Basket Professional vulnerable to OS command injection

Impact A remote attacker could execute an arbitrary OS command on the server where Shopping Basket Professional v7 is installed. Solution Products Affected Shopping Basket Professional v7.50 and earlier For more information, refer to the vendor's website...

7.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/11/30 12:0 a.m.12 views

JVN#08494205 Chama Cargo cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. Solution Products Affected Chama Cargo v4.36 and earlier For more information, refer to the vendor's website...

7.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/09/26 12:0 a.m.12 views

JVN#30144870 SugarCRM cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected SugarCRM 4.2.1b and earlier SugarCRM 4.0.1g and earlier SugarCRM 3.5.1h and earlier...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/08/10 12:0 a.m.12 views

JVN#62171179 Kiri directory traversal vulnerability

Impact If the email analysis command processes an email with an attachment with a particular file name, the attachment may be written to an unintended location. Solution Products Affected Kiri ver9-2006 Kiri ver9-2005 Kiri ver9-2004...

7.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/07/28 12:0 a.m.12 views

JVN#27794427 Dokeos cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. In particular, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected Dokeos version 1.6.4 Patch 1 and earlier...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/06/02 12:0 a.m.12 views

JVN#28513736 Mozilla Firefox HTTP 1.0 response smuggling vulnerability

Impact If a user views malicious web pages, an attacker could inject a script into the responses from a server in other domains. Solution Products Affected Mozilla Firefox 1.5.0.3 and earlier...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/11/16 12:0 a.m.12 views

JVN#30451602 HTTPD-User-Manage cross-site scripting vulnerability

Impact A malicious script may be executed on the web browser of the user who can access HTTPD-User-Manage. Solution Products Affected HTTPD-User-Manage 1.62 and earlier...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/09/29 12:0 a.m.12 views

JVN#31226748 Vulnerability in multiple web browsers allowing request spoofing attacks

Impact Authentication information or cookie information could be leaked. Solution Products Affected For more information, refer to the vendors' websites...

6.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/08/25 12:0 a.m.12 views

JVN#23727054 Pochy denial-of-service (DoS) vulnerability

Impact A remote attacker could exploit this vulnerability to cause a denial-of-service DoS attack by sending a specially crafted email to a Pochy user. Solution Products Affected Pochy 0.2.1a...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/04/15 12:0 a.m.12 views

JVN#55023557 Buffalo router configuration management interface vulnerable to remote access and password leakage

Impact Configurations could be changed by the remote attacker. As the save configuration stores user's account and password information of ISPs in plain-text format, a remote attacker could steal such information and impersonate a user to gain illegal access. Solution Products Affected BUFFALO...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/06/03 8:8 a.m.11 views

TP-Link Archer BE450 and BE7200 vulnerable to OS command injection

Overview Archer BE450 and BE7200 provided by TP-Link contain the following vulnerability. OS command injection CWE-78 - CVE-2026-5509 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An arbitrary OS command may be executed...

8.5CVSS5.6AI score0.02458EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/22 6:45 a.m.11 views

Ziostation2 vulnerable to path traversal

Overview Ziostation2 provided by Ziosoft, Inc. contains the following vulnerability. Path traversal CWE-22 - CVE-2026-40062 Yuta Miura of Five Drive Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

8.7CVSS7.3AI score0.00619EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/03 6:9 a.m.11 views

Multiple vulnerabilities in NEC Aterm series (NV26-001)

Overview Aterm series products provided by NEC Corporation contain multiple vulnerabilities listed below. Missing authorization CWE-862 - CVE-2026-4309 Path traversal CWE-22 - CVE-2026-4619 OS command injection CWE-78 - CVE-2026-4620, CVE-2026-4622 Hidden functionality CWE-912 - CVE-2026-4621 The...

9.8CVSS5.9AI score0.00996EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/25 9:41 a.m.11 views

SHARP routers missing authentication for some web APIs

Overview SHARP routers do not perform authentication for some web APIs. Those web APIs provide device information, and the initial administrative password is based on a part of the device information. Missing authentication for critical function CWE-306 - CVE-2026-32326 Shota Zaizen reported this...

6.9CVSS6.1AI score0.00278EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/09 5:57 a.m.11 views

Improper file access permission settings in multiple Digital Arts products

Overview Multiple products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 - CVE-2026-28267 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.8CVSS6AI score0.00105EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/30 5:17 a.m.11 views

Apache Jena Fuseki vulnerable to path traversal

Overview Jena Fuseki provided by The Apache Software Foundation contains the following vulnerability. Path traversal CWE-22 - CVE-2025-49656 Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to the developer and IPA. After the coordination between the reporter and the...

7.5CVSS6.8AI score0.01401EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/26 12:0 a.m.11 views

JVN#09924566: Denial-of-service (DoS) vulnerabilities in multiple Apache products

Multiple Apache products provided by The Apache Software Foundation contain vulnerabilities listed below. Allocation of resources without limits or throttling CWE-770 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Base...

7.5CVSS7.1AI score0.64718EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/24 12:0 a.m.11 views

JVN#21624250: Inefficient regular expressions in GROWI

GROWI provided by GROWI, Inc. contains the following vulnerability. Inefficient regular expression complexity CWE-1333 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Base Score 4.3 CVE-2025-43880 Impact A logged-in user...

5.3CVSS6.9AI score0.00271EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/11/26 12:0 a.m.11 views

JVN#87182660: WordPress Plugin "WP Admin UI Customize" vulnerable to cross-site scripting

WordPress Plugin "WP Admin UI Customize" provided by gqevu6bsiz contains a stored cross-site scripting vulnerability CWE-79. Impact If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are...

4.8CVSS6.1AI score0.00369EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/11/20 12:0 a.m.11 views

JVN#16114985: "Kura Sushi Official App Produced by EPARK" for Android uses a hard-coded cryptographic key

"Kura Sushi Official App Produced by EPARK" for Android provided by EPARK, Inc. uses a hard-coded cryptographic key CWE-321. Impact An attacker may obtain the login ID and password for the affected product. Solution Update the application Update the application to the latest version according to...

4CVSS7AI score0.00152EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/09/27 12:0 a.m.11 views

JVN#21176842: MF Teacher Performance Management System vulnerable to cross-site scripting

MF Teacher Performance Management System provided by Media Fusion Co.,Ltd. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who accessed the website using the product. Solution Apply the Patch The developer has release...

6.1CVSS6.4AI score0.00243EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/09/09 12:0 a.m.11 views

JVN#67456481: Pgpool-II vulnerable to information disclosure

Pgpool-II is a cluster management tool. Pgpool-II contains an information disclosure vulnerability CWE-213 in its query cache function. Impact If a database user access a query cache, table data unauthorized for the user may be retrieved. Solution Update the Software Apply the appropriate updates...

7.5CVSS7.2AI score0.00528EPSS
Exploits0
Total number of security vulnerabilities5000