Lucene search
K
JvnMost viewed

5627 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/01/15 4:57 a.m.•7 views

H2O vulnerable to HTTP header injection

Overview H2O is an open source web server software. H2O contains an HTTP header injection vulnerability. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated under the Information Security Early Warning Partnership. Impact...

4.3CVSS7.1AI score0.01459EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/11/06 3:30 a.m.•7 views

SonicWall TotalSecure TZ 100 Series vulnerable to denial-of-service (DoS)

Overview SonicWall TotalSecure TZ 100 Series is a firewall product provided by Dell Inc. SonicWall TotalSecure TZ 100 Series contains a denial-of-service DoS vulnerability. FFRI,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5CVSS6.5AI score0.02897EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/07 5:48 a.m.•7 views

Cybozu Garoon vulnerable to LDAP injection

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains an issue in processing authentication requests, which may result in an LDAP injection vulnerability. Impact A malicious user authorized to administer uesrs in certain groups may obtain information from the authentication server or may...

7CVSS7.2AI score0.01241EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/01 5:11 a.m.•7 views

Canary Labs Trend Web Server vulnerable to buffer overflow

Overview Trend Web Server provided by Canary Labs is a solution used for data visualization. Trend Web Server contains a buffer overflow CWE-119 vulnerability. Kuang-Chun Hung reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warni...

7.5CVSS8AI score0.02891EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/30 6:4 a.m.•7 views

MATCHA INVOICE vulnerable to code injection

Overview MATCHA INVOICE provided by ICZ Corporation is a web-based billing management software. MATCHA INVOICE contains a code injection CWE-94 vulnerability due to a flaw when configuring the database during installation. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with...

6.8CVSS7.7AI score0.01321EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/09/16 7:58 a.m.•7 views

MEGAPHONE MUSIC vulnerable to URL whitelist bypass

Overview MEGAPHONE MUSIC provided by Newphoria Corporation Inc. is an application for both iOS or Android built using "applican". MEGAPHONE MUSIC contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. Kenta Suefusa and Tomonori Shiomi of Sprou...

6.8CVSS6.6AI score0.01503EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/08/27 6:3 a.m.•7 views

File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted

Overview File encyption software "ED" contains an issue when files of small size are encyrpted, they may become easier to decipher in comparison to when files of a larger size are encrypted. When encrypting small files that are smaller than the block size 128 bits, file encryption software "ED"...

2.6CVSS6.5AI score0.00695EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/29 5:58 a.m.•7 views

yoyaku_v41 vulnerable to OS command injection

Overview yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an OS command injection vulnerability CWE-78. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

7.5CVSS7.6AI score0.01383EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/10/10 5:3 a.m.•7 views

Huawei E5332 vulnerable to denial-of-service (DoS)

Overview Huawei E5332 contains a denial-of-service DoS vulnerability. Huawei E5332 provided by Huawei Technologies is a mobile router. Huawei E5332 contain an issue when processing a URL that is extremely long, which may lead to the device to terminate abnormally. Shuto Imai of Chukyo Univ...

6.8CVSS6.4AI score0.0122EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/06 6:22 a.m.•7 views

GOM Player vulnerable to denial-of-service (DoS)

Overview GOM Player provided by Gretech contains a denial-of-service DoS vulnerability due to an issue in processing an image file. Security Engineering Laboratory, IT Security CenterISEC, IPA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.3CVSS6.5AI score0.01523EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/18 4:50 a.m.•7 views

FuelPHP vulnerable to remote code execution

Overview FuelPHP is a PHP web framework for creating web applications. FuelPHP applications contain an issue in the RequestCurl class, which may result in arbitrary code execution. Masaaki Chida of GREE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.5CVSS7.9AI score0.02718EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/24 3:36 a.m.•7 views

OpenPNE vulnerable to PHP Object Injection

Overview OpenPNE contains an issue in processing Cookie headers, which may result in a PHP Object Injection vulnerability. Egidio Romano of Secunia reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote,...

7.5CVSS7.3AI score0.01527EPSS
Exploits2References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/24 6:2 a.m.•7 views

VMware ESX and ESXi may allow access to arbitrary files

Overview VMware ESX and ESXi contain a vulnerability in the handling of Virtual Machine file descriptors, which may allow access to arbitrary ESX and ESXi files. Shanon Olsson reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warni...

4.4CVSS7AI score0.00353EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/22 5:51 a.m.•7 views

D-Link DES-3800 Series vulnerable to denial-of-service (DoS)

Overview DES-3800 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in the Web manager function. Note that this vulnerability is different from JVN65312543. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA...

7.8CVSS6.7AI score0.01772EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/03 1:34 a.m.•7 views

Cybozu Live for Android vulnerable to arbitrary Java method execution

Overview Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc...

6.8CVSS7.1AI score0.02009EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 5:57 a.m.•7 views

Yome Collection for Android issue in management of IMEI

Overview Yome Collection for Android contains an issue which stores the International Mobile Equipment Identity IMEI on a SD card. Applications without the READPHONESTATE permission may obtain the IMEI from the SD card. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University...

5CVSS6.5AI score0.01369EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 3:35 a.m.•7 views

WEB PATIO vulnerable to cross-site scripting

Overview WEB PATIO contains a cross-site scripting vulnerability. WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling cookies, which may result in cross-site scripting. Taketo Ikeuchi of Hitachi Solutions, Ltd. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/17 4:55 a.m.•7 views

Drupal Form API fails to validate the redirect URL

Overview Drupal's Form API fails to validate the redirect URL, which may lead to unintended information disclosure. Drupal is a content management system CMS. Drupal's Form API fails to validate the redirect URL, which may lead to unintended information disclosure. Katsuhiko Nakanishi from NEC...

5.8CVSS6.7AI score0.01378EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/05 7:40 a.m.•7 views

TOSHIBA TEC e-Studio series vulnerable to authentication bypass

Overview Multiple e-Studio series products provided by TOSHIBA TEC CORPORATION contain an authentication bypass vulnerability. e-Studio is a multi-function peripheral MFP. Multiple e-Studio series products contain a vulnerability in web-based management utility, which may result in an...

10CVSS6.9AI score0.04725EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/13 6:58 a.m.•7 views

ALFTP may insecurely load executable files

Overview ALFTP may use unsafe methods for determining how to load executables. ALFTP provided by ESTsoft Corp. is a FTP client software with the built in FTP server. ALFTP contains an issue when loading files. For example, if an user tries to open README a file without extention which exists in t...

9.3CVSS7.5AI score0.02207EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/01/11 6:2 a.m.•7 views

Wibu-Systems CodeMeter Runtime vulnerable to denial-of-service

Overview CodeMeter Runtime provided by Wibu-Systems AG contains a denial-of-service vulnerability. CodeMeter Runtime provided by Wibu-Systems AG contains an issue when processing TCP packets, which may lead to a denial-of-service DoS. Kuang-Chun Hung of Security Research and Service Institute -...

5CVSS6.7AI score0.05107EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/31 9:3 a.m.•7 views

Multiple SKYARC System Co., Ltd. products vulnerable to cross-site request forgery

Overview Multiple products provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability. MTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged...

6.8CVSS6.6AI score0.00586EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/09/30 9:39 a.m.•7 views

BaserCMS vulnerable to cross-site scripting

Overview BaserCMS contains a cross-site scripting vulnerability. BaserCMS is an open-source Contents Management System CMS. BaserCMS contains a cross-site scripting vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.3CVSS6.1AI score0.01542EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/24 10:21 a.m.•7 views

Multiple Cybozu products vulnerable to cross-site scripting

Overview Multiple products provided by Cybozu, Inc. contain a cross-site scripting vulnerability. Multiple groupware provided by Cybozu, Inc. contain a cross-site scripting vulnerability due to an issue when downloading graphic files from the mail system. Sen UENO of Tricorder Co. Ltd. reported...

4.3CVSS6AI score0.01223EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/05/10 11:32 p.m.•7 views

Multiple Yamaha routers vulnerable to denial-of-service (DoS)

Overview Multiple routers provided by Yamaha contain a denial-of-service vulnerability. Multiple routers provided by Yamaha contain a denial-of-service DoS vulnerability due to an issue in processing IP packets. Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IP...

7.8CVSS6.8AI score0.01633EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/03/02 8:27 a.m.•7 views

Multiple Things CGI products vulnerable to cross-site scripting

Overview Multiple CGI products provided by Things contain a cross-site scripting vulnerability. BBS and BBS Thread provided by Things are bulletin board software. BBS and BBS Thread contain a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS6.1AI score0.01263EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/09/21 5:10 a.m.•7 views

JP1/NETM/Remote Control Agent Authentication Bypass Vulnerability

Overview A vulnerability in the file transfer feature in the JP1/NETM/Remote Control Agent may allow authentication bypass. Impact A remote attacker could manipulate arbitrary files on the system installed with the Remote Control Agent. Solution ease refer to the 'Vendor Information' section for...

6.4CVSS7.2AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/10/30 3:19 a.m.•7 views

BrightStor ARCserve and eTrust Antivirus Arbitrary Code Execution Vulnerability

Overview BrightStor ARCserve Backup and eTrust Antirus r7.1 have a problem in handling RPC requests and are vulnerable to arbitrary code execution. Impact A remote authenticated attacker could execute arbitrary code. Solution Please refer to the 'Vendor Information' section for the official...

9CVSS8AI score0.52274EPSS
Exploits8References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

DeleGate DNS Message Decompression Denial of Service Vulnerability

Overview DNS implementation in DeleGate does not handle a compressed DNS packet properly, which could cause an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. For more information on those systems, please refer to NISCC-589088 JVN a...

5CVSS6.7AI score0.02668EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

Cosminexus Agent Process Crash Vulnerability

Overview Cosminexus Agent process may crash when Cosminexus Agent receives specially crafted data from a process other than Cosminexus Manager. The crash doesn't affect the running applications launched by Cosminexux Agent. Impact An attacker could crash Cosminexus Agent process. Solution Please...

5CVSS6.7AI score0.01226EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

SonicStage CP buffer overflow vulnerability

Overview SonicStage CP is vulnerable to buffer overflow. Sony SonicStage CP is software for music management. SonicStage CP contains a vulnerability that can be exploited to cause a buffer overflow when importing a specially crafted playlist file with the .m3u extension. Impact Importing a...

9.3CVSS8.2AI score0.10919EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

DeleGate Multiple Buffer Overflow Vulnerabilities

Overview DeleGate suffers buffer overflow when scanf, strncpy and other string handling process are set to fail with a long string sent by proxy. Impact An attacker could execute arbitrary code with the privileges of the user running DeleGate. Solution Please refer to the 'Vendor Information'...

7.5CVSS7.9AI score0.02387EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

Adobe JRun cross-site scripting vulnerability

Overview Adobe JRun is an application server based on J2EE Java 2 Platform Enterprise Edition. Adobe JRun contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the browser of the administrator logged into Adobe JRun. In addition, if session information from ...

4.3CVSS6.2AI score0.02786EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

NetCommons cross-site scripting vulnerability

Overview NetCommons is an open source content management system, combining e-learning and groupware functionality. NetCommons is developed and distributed by the NetCommons Project. NetCommons contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's...

6.8CVSS6.2AI score0.01251EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

ColdFusion cross-site scripting vulnerability

Overview ColdFusion, web application development software from Adobe, contains a cross-site scripting vulnerability. According to the statements from the developer, this vulnerability does not arise when the "Enable Global Script Protection" setting is turned on. This vulnerability is different...

4.3CVSS6AI score0.02637EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

Hiki cross-site scripting vulnerability

Overview Hiki, a Wiki clone from the Hiki development team, contains a cross-site scripting vulnerability. Impact A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into t...

4.3CVSS6.2AI score0.01235EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•7 views

IP Messenger for Win Filename Buffer Overflow Vulnerability

Overview IP Messenger for Win suffers buffer overflow when the user saves an attached file with a long name sent with the message. Impact An attacker could execute arbitrary code with the privileges of the user running IP Messenger. Solution Please refer to the 'Vendor Information' section for...

10CVSS8AI score0.05332EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/30 9:7 a.m.•6 views

Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Overview Web Image Monitor provided by Ricoh Company, Ltd. is a web server that is included in and runs on laser printers and MFPs multifunction printers. Web Image Monitor contains the vulnerability listed below. Reflected cross-site scripting CWE-79 - CVE-2026-56809 Tomasz Holeksa of Pentest...

6.1CVSS6.4AI score0.00187EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/30 9:7 a.m.•6 views

DGM3103SCT vulnerable to OS command injection

Overview DGM3103SCT provided by AVTECH Security Corporation contains the following vulnerability. OS command injection CWE-78 - CVE-2026-56808 Tomoya KITAGAWA, Satoki TSUJI, Seiya NAKATA, and Yudai FUJIWARA of Ricerca Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

8.6CVSS7AI score0.0155EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/26 5:25 a.m.•6 views

ExpressUpdate Agent for Windows improper access restriction on its named pipe

Overview ExpressUpdate Agent for Windows provided by NEC Corporation is the software module for NEC server products, to support remote management of installed software. ExpressUpdate Agent for Windows configures its named pipe with an improper access restriction. Exposed IOCTL with Insufficient...

8.5CVSS6.2AI score0.00122EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/17 5:8 a.m.•6 views

Multiple vulnerabilities in Canon EOS Network Setting Tool

Overview FTP/FTPS/SFTP Communication Testing features of PC Software EOS Network Setting Tool provided by Canon Inc. contain multiple vulnerabilities listed below. Improper validation of SSH host key CWE-295 - CVE-2026-9258 Improper validation of server certificate CWE-295 - CVE-2026-9259 Use of...

9.8CVSS5.8AI score0.00267EPSS
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/14 9:13 a.m.•6 views

Stack-based buffer overflow vulnerability in Dynabook Bluetooth ACPI Drivers

Overview Bluetooth ACPI Drivers provided by Dynabook Inc. contain the following vulnerability. Stack-based buffer overflow CWE-121 - CVE-2026-35553 Andrea Monzani, Antonio Parata, and Davide Netti of University of Milan reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the...

8.4CVSS6.4AI score0.00147EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/26 8:41 a.m.•6 views

Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows

Overview The installer of RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. contains multiple vulnerabilities listed below. Uncontrolled search path element CWE-427 - CVE-2026-28760 Incorrect default permissions CWE-276 - CVE-2026-32680 Kazuma Matsumoto of GMO Cybersecurit...

8.5CVSS7.3AI score0.00175EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/25 9:13 a.m.•6 views

Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries

Overview OM Workspace provided by OM Digital Solutions Corporation is image editing software. Installer of OM Workspace Windows Edition contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element...

8.4CVSS7AI score0.00144EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/17 7:42 a.m.•6 views

Vulnerability in Hitachi Command Suite

Overview VulnerabilityCVE-2025-48976 has been found in Hitachi Command Suite. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

7.5CVSS6.8AI score0.64718EPSS
Exploits1References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/17 5:57 a.m.•6 views

Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries

Overview The installer for IBM Trusteer Rapport provided by IBM contains the following vulnerability. Uncontrolled search path element CWE-427 - CVE-2026-2713 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.8CVSS5.9AI score0.00147EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/16 8:18 a.m.•6 views

Missing authorization in the OpenAI thread/message API endpoints of GROWI

Overview GROWI provided by GROWI, Inc. contains the following vulnerability. Missing authorization in the OpenAI thread/message API endpoints CWE-862 - CVE-2026-25083 This can be exploited only when an attacker knows a shared AI assistant's identifier Sho Odagiri of GMO Cybersecurity by Ierae, In...

8.7CVSS7.2AI score0.0033EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/04 3:20 a.m.•6 views

Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC)

Overview UPS Multi-UPS Management Console MUMC provided by Dell Inc. contains multiple vulnerabilities listed below. Unquoted search path or element CWE-428 - CVE-2026-26033 Incorrect default permissions CWE-276 - CVE-2026-26034 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported these...

8.5CVSS7.1AI score0.0018EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/27 6:41 a.m.•6 views

IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization

Overview IM-LogicDesigner module of intra-mart Accel Platform provided by NTT DATA INTRAMART Corporation contains the following vulnerability. Untrusted data deserialization CWE-502 - CVE-2026-27776 This can be exploited only when IM-LogicDesigner is deployed Masataka Sagami reported this...

8.8CVSS7.1AI score0.00367EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/27 6:41 a.m.•6 views

Improper file access permission settings in the installers for multiple Soliton Systems products

Overview The installers for multiple products provided by Soliton Systems K.K. contain the following vulnerability. Incorrect default permissions CWE-276 - CVE-2026-27653 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

6.7CVSS6AI score0.00088EPSS
Exploits0References5
Total number of security vulnerabilities5000