Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/10 2:16 a.m.•10 views

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Overview Vulnerability has been found in Cosminexus HTTP Server and Hitachi Web Server. CVE-2025-65082 This vulnerability will not occur if CGI is not used. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information'...

6.5CVSS6.7AI score0.00771EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/05/27 6:9 a.m.•10 views

Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint

Overview Vulnerability has been found in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' sectio...

4.6CVSS5.7AI score0.00175EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/05/21 8:22 a.m.•10 views

Android App "RoboForm Password Manager" insufficient validation of Android intents

Overview Android App "RoboForm Password Manager" provided by Siber Systems, Inc. accepts intents from other applications to open relevant web pages e.g., login pages, but without sufficient URL validation, user confirmation nor notification. Insufficient UI Warning of Dangerous Operations CWE-357...

4.6CVSS5.8AI score0.00132EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/21 6:27 a.m.•10 views

Multiple vulnerabilities in silex technology SD-330AC and AMC Manager

Overview SD-330AC and AMC Manager provided by silex technology, Inc. contain multiple vulnerabilities listed below. Stack-based buffer overflow in processing the redirect URLs CWE-121 - CVE-2026-32955 Heap-based buffer overflow in processing the redirect URLs CWE-122 - CVE-2026-32956 Missing...

9.8CVSS6.9AI score0.40002EPSS
Exploits1References27
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/17 11:46 a.m.•10 views

Multiple Vulnerabilities in Cosminexus HTTP Server

Overview Multiple vulnerabilities have been found in Cosminexus HTTP Server. CVE-2025-49630, CVE-2025-53020 These vulnerabilities does not apply if HTTP/2 protocol is disabled. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the...

7.5CVSS5.6AI score0.04409EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/01/29 1:32 a.m.•10 views

Multiple Vulnerabilities in Cosminexus

Overview Multiple vulnerabilities exist in Cosminexus Component Container. CVE-2025-48988, CVE-2025-48976 Affected products and versions are listed below. Please upgrade your version to the appropriate version. These vulnerabilities exist in Cosminexus Component Container which is a component...

7.5CVSS7AI score0.64718EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/10/06 4:52 a.m.•10 views

Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation

Overview Trend Micro Incorporated has released a security update for Trend Micro Antivirus for Mac. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact An unprivileged user may gain root access by exploiting a leftover file after...

6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/05 2:29 a.m.•10 views

Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs

Overview Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. contain the following vulnerability. Out-of-bounds Write CWE-787 - CVE-2025-48499 Jia-Ju Bai, Rui-Nan Hu, Dong Zhang, and Zhen-Yu Guan of School of Cyber Science and Technology of Beihang University...

6.9CVSS6.6AI score0.00297EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/07/07 12:0 a.m.•10 views

JVN#88251376: Multiple vulnerabilities in Nimesa Backup and Recovery

Nimesa Backup and Recovery provided by Nimesa contains multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8 CVE-2025-48501 Server-side request...

9.8CVSS8.7AI score0.01307EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/07/02 12:0 a.m.•10 views

JVN#89505333: Multiple vulnerabilities in Active! mail

Active! mail provided by QUALITIA CO., LTD. contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1 CVE-2025-52462 Cross-site request...

6.1CVSS7.2AI score0.00193EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/06/03 12:0 a.m.•10 views

JVN#05562338: Improper file access permission settings in PC Time Tracer

PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below. Incorrect default permissions CWE-276 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.0 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Base Score 7.3 CVE-2025-46355 Impact Arbitrary...

7.3CVSS6.8AI score0.00139EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/03/18 12:0 a.m.•10 views

JVN#11230428: +F FS010M vulnerable to OS command injection

+F FS010M provided by FUJI SOFT INCORPORATED contains multiple OS command injection vulnerabilities listed below. OS command injection CWE-78 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 7.2 CVE-2025-24306 OS command injection CWE-78 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base...

8.8CVSS7.3AI score0.01011EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/02/19 12:0 a.m.•10 views

JVN#48742353: Multiple cross-site scripting vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2025-22888 Stored cross-si...

6.1CVSS6.8AI score0.00238EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/12/16 12:0 a.m.•10 views

JVN#61635834: Multiple vulnerabilities in SHARP routers

SHARP routers contain multiple vulnerabilities listed below. OS command injection vulnerability in the HOST name configuration screen CWE-78 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 7.2 CVE-2024-45721 The hidden debug function is enabled CWE-489...

9.8CVSS8.4AI score0.01187EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/12/16 12:0 a.m.•10 views

JVN#08430039: "Shonen Jump+" App for Android fails to restrict custom URL schemes properly

"Shonen Jump+" App for Android provided by SHUEISHA INC. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a use...

3.3CVSS7AI score0.00161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/10/28 12:0 a.m.•10 views

JVN#78335885: Chatwork Desktop Application (Windows) uses a potentially dangerous function

Chatwork Desktop Application Windows provided by kubell Co., Ltd. contains an issue with use of potentially dangerous function CWE-676, which allows a user to access an external website via a link in the application. Impact If a user clicks a specially crafted link in the application, an arbitrar...

5.5CVSS7AI score0.00251EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/09/18 12:0 a.m.•10 views

JVN#19766555: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"

WordPress plugin "Welcart e-Commerce" provided by Welcart Inc. contains multiple vulnerabilities listed below. SQL injection CWE-89 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.8 CVE-2024-42404 Cross-site scripting CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score 6.1...

8.8CVSS8.9AI score0.00482EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/03/25 8:28 a.m.•10 views

Multiple vulnerabilities in home gateway HGW BL1500HM

Overview Home gateway HGW BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. Use of weak credentials CWE-1391 - CVE-2024-21865, CVE-2024-29071 Command injection CWE-77 - CVE-2024-28041 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC...

8.8CVSS7.9AI score0.0062EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/03/11 5:53 a.m.•10 views

Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries

Overview Installer of MagicConnect Client program provided by NTT TechnoCross Corporation contains a vulnerability which may lead to insecurely loading Dynamic Link Libraries CWE-427 when a terminal is connected remotely using Remote desktop. Yuji Tounai of Mitsui Bussan Secure Directions, Inc...

7.8CVSS7AI score0.00915EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/03/05 8:3 a.m.•10 views

The installers of E START products may insecurely load Dynamic Link Libraries

Overview The installers of E START products by GMO INSIGHT Inc. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the folder specified by the TEMP environment variable or where the installer resides CWE-427, CVE-2015-9267, and CVE-2015-9268...

9.3CVSS7.1AI score0.01525EPSS
Exploits2References11
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/14 5:53 a.m.•10 views

Multiple vulnerabilities in Aterm WF1200CR and Aterm WG1200CR

Overview Aterm WF1200CR and Aterm WG1200CR provided by NEC Corporation contain multiple vulnerabilities listed below. Information disclosure CWE-200 - CVE-2018-16192 Stored cross-site scripting CWE-79 - CVE-2018-16193 OS command injection CWE-78 - CVE-2018-16194 OS command injection in SOAP...

9CVSS6.6AI score0.01399EPSS
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/06 4:41 a.m.•10 views

WordPress plugin "Shortcodes Ultimate" vulnerable to directory traversal

Overview The WordPress plugin "Shortcodes Ultimate" contains a directory traversal vulnerability CWE-22 in the Examples page. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Arbitrary local files o...

5CVSS6.3AI score0.02571EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/03/01 6:53 a.m.•10 views

PrimeDrive Desktop Application Installer may insecurely load Dynamic Link Libraries

Overview PrimeDrive Desktop Application is the client application for PrimeDrive online storage service provided by SoftBank Corp. The installer of PrimeDrive Desktop Application is vulnerable to load specific Dynamic Link Libraries in the same directory CWE-427 . Eiji James Yoshida of Security...

7.8CVSS6.9AI score0.00739EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/01/20 12:0 a.m.•10 views

JVN#92395431: Java (OGNL) code execution in Apache Struts 2 when devMode is enabled

Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating Java web applications. There is a known risk that arbitrary Java OGNL code may be executed in Apache Struts 2 when devMode is enabled in production environment. It is confirmed that proof-of-concept co...

7.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/05 5:33 a.m.•10 views

Multiple SONY network cameras vulnerable to sensitive information disclosure

Overview Multiple SONY network cameras contain a sensitive information disclosure vulnerability. SEC Consult reported this vulnerability to Sony, and Sony reported this vulnerability to JPCERT/CC to notify the solution to users through JVN. JPCERT/CC and Sony coordinated for the publication of th...

8.8CVSS6.3AI score0.03901EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/25 5:44 a.m.•10 views

Arbitrary program execution vulnerability in TrendLink ActiveX control

Overview TrendLink provided by Canary Labs is a tool to help visualize data for analysis. The SaveToFile method provided in the ActiveX control in TrendLink contains a vulnerability where file creation is not properly restricted. Security Research and Service Institute - Information and...

8.5CVSS7.2AI score0.0129EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/22 8:39 a.m.•10 views

KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates

Overview KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates. Yamano Yasuaki of NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-mindd...

5.8CVSS6.6AI score0.00582EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/20 6:4 a.m.•10 views

Opera Mini / Opera Mobile for Android vulnerable in the WebView class

Overview Opera Mini and Opera Mobile for Android contain a vulnerability in the WebView class. Opera Mini and Opera Mobile are web browsers for mobile devices. Opera Mini and Opera Mobile for Android contain a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions,...

4.3CVSS6.5AI score0.00893EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/10/22 8:49 a.m.•10 views

MyNETS cross-site scripting vulnerability

Overview MyNETS, an open source SNS software, contains a cross-site scripting vulnerability. MyNETS from Usagi Project is an open source SNS Social Networking Service software. MyNETS contains a cross-site scripting vulnerability. Impact If a user views a specially crafted web page, an arbitrary...

4.3CVSS6.1AI score0.01223EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•10 views

RWiki arbitrary Ruby script execution vulnerability

Overview RWiki, one of Wiki clones, contains a vulnerability allowing execution of arbitrary Ruby scripts on its edit mode page. Impact A remote attacker could execute an arbitrary Ruby script on the server where RWiki is installed, with the privilege running RWiki. Solution...

7.5CVSS7.1AI score0.01555EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2007/12/12 12:0 a.m.•10 views

JVN#23120863 Rainboard cross-site scripting vulnerability

The Rainboard bulletin board software provided by UDON is vulnerable to cross-site scripting. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the developer. Products Affected Rainboard 2.02 and earlier...

6.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2007/08/10 12:0 a.m.•10 views

JVN#66303599 WebCart cross-site scripting vulnerability

WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version provided by the vendor. For more...

6.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2006/12/28 12:0 a.m.•10 views

JVN#45006961 Joomla! cross-site scripting vulnerability

Impact An arbitrary script may be executed on the user's web browser. If session information in a cookie is leaked, an attacker could possibly conduct session hijacking. Solution Products Affected Joomla! 1.0.11 and earlier...

7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2006/10/18 12:0 a.m.•10 views

JVN#90815371 Ichitaro buffer overflow vulnerability

Impact Arbitrary code could be executed on the Ichitaro user's PC, if the user opens a specially crafted Ichitaro file sent by a remote attacker. Solution Products Affected Ichitaro 2006 Ichitaro 2006 demo version Ichitaro Government 2006 For more information, refer to the vendor's web site...

7.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/09 5:7 a.m.•9 views

CamView installer insecurely loads Dynamic Link Libraries

Overview CamView installer provided by ARUCOM Inc. insecurely loads Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2015-9268 The CVSS evaluation above assume that a victim user is directed to download and place a specially crafted DLL file with the affected installer and t...

9.3CVSS7.7AI score0.01525EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/01 8:37 a.m.•9 views

Link following vulnerability in Canon My Image Garden for macOS and CUPS Printer Driver for macOS

Overview My Image Garden for MacOS and CUPS Printer Driver for macOS provided by Canon Inc. contain the following vulnerability. Improper link resolution before file access 'Link following' CWE-59 - CVE-2026-6891, CVE-2026-6892 Canon Inc. reported this vulnerability to JPCERT/CC to notify users o...

5.1CVSS5.4AI score0.00123EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/23 7:57 a.m.•9 views

Multiple vulnerabilities in LogonTracer

Overview LogonTracer provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC is a tool to investigate malicious Windows logons by visualizing and analyzing Windows event logs. LogonTracer contains multiple vulnerabilities listed below. OS command injection CWE-78 -...

8.8CVSS5.7AI score0.01213EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/22 6:45 a.m.•9 views

Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries

Overview LiveOn Meet provided by Japan Media Systems Corporation is a web conferencing system. The installer of LiveOn Meet Client for Windows and the installer of Canon Network Camera Plugin insecurely load Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-32679 This...

8.4CVSS7.5AI score0.0016EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/17 4:32 a.m.•9 views

Multiple vulnerabilities in CubeCart

Overview CubeCart provided by CubeCart Limited contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2026-21719 SQL injection CWE-89 - CVE-2026-34018 Path traversal CWE-22 - CVE-2026-35496 Gen Sato of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities...

9.8CVSS6.7AI score0.01203EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/15 8:21 a.m.•9 views

GROWI vulnerable to stored cross-site scripting

Overview GROWI provided by GROWI, Inc. contains the following vulnerability. Stored cross-site scripting CWE-79 - CVE-2026-26291 Norihide Saito reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

5.4CVSS6AI score0.00183EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/10 4:38 a.m.•9 views

EmoCheck loads Dynamic Link Libraries insecurely

Overview EmoCheck is a tool for detecting infections by "Emotet" malware, provided by Japan Computer Emergency Response Team Coordination Center JPCERT/CC. EmoCheck loads Dynamic Link Libraries insecurely. Uncontrolled search path element CWE-427 - CVE-2026-28704 ryo shimada of Powder Keg...

8.4CVSS7.1AI score0.0016EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/31 6:53 a.m.•9 views

Security information for Hitachi Disk Array Systems

Overview A vulnerability exists in the management gui maintenance utility of Hitachi Disk Array Systems that involves OS command injection. CVE-2025-9661 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' sectio...

9.8CVSS5.9AI score0.009EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/27 9:17 a.m.•9 views

Open Redirect Vulnerability in Hitachi Ops Center Administrator

Overview Open Redirect Vulnerability exists in Hitachi Ops Center Administrator. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.3CVSS5.9AI score0.00178EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/27 8:34 a.m.•9 views

WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting

Overview WordPress Plugin "OpenStreetMap" provided by MiKa contains the following vulnerability. Cross-site scripting CWE-79 - CVE-2026-33559 Naoya Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact O...

5.4CVSS5.9AI score0.00177EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/05 3:36 a.m.•9 views

EC-CUBE vulnerable to multi-factor authentication bypass

Overview EC-CUBE provided by EC-CUBE CO.,LTD. contains the following vulnerability. Authentication bypass using an alternate path or channel CWE-288 - CVE-2026-30777 EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LT...

6.9CVSS5.8AI score0.00339EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/02 2:46 a.m.•9 views

Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys)

Overview Fujitsu BIOS Driver fbiosdrv.sys provided by Fujitsu Limited contains the following vulnerability. Out-of-bounds Write CWE-787 - CVE-2025-65001 Fujitsu Limited reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Receiving a specially crafted reque...

8.2CVSS6.3AI score0.00145EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/17 11:46 a.m.•9 views

Multiple Vulnerabilities in Cosminexus

Overview Cosminexus Developer's Kit for JavaTM and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to...

7.5CVSS5.5AI score0.00864EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/17 11:46 a.m.•9 views

Multiple Vulnerabilities in JP1

Overview Multiple vulnerabilities have been found in JP1. CVE-2024-38473, CVE-2024-38477 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

8.1CVSS7.8AI score0.25878EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/13 7:51 a.m.•9 views

FileZen vulnerable to OS command injection

Overview FileZen provided by Soliton Systems K.K. contains the following vulnerability. OS command injection CWE-78 - CVE-2026-25108 This vulnerability can be exploited when FileZen Antivirus Check Option is enabled The developer states that attacks exploiting the vulnerability has been observed...

8.8CVSS5.7AI score0.04974EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/03 5:57 a.m.•9 views

Multiple vulnerabilities in ELECOM wireless LAN products

Overview Wireless LAN products provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site request forgery CWE-352 - CVE-2026-20704 OS command injection CWE-78 - CVE-2026-22550 Use of weak credentials CWE-1391 - CVE-2026-24449 Stack-based buffer overflow CWE-121 -...

9.8CVSS6.3AI score0.01664EPSS
Exploits0References10
Total number of security vulnerabilities5000