Lucene search
K
JvnMost viewed

5627 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2020/02/14 6:34 a.m.•6 views

Security information for Hitachi Disk Array Systems

Overview A cross site scripting vulnerability exists in the SVPStorage Navigator of the Hitachi disk array system. Impact Regerding the impact df the vulnerablilty, please refer to the ventor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and...

6.2AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2020/01/28 6:59 a.m.•6 views

Android App "MyPallete" vulnerable to improper server certificate verification

Overview Android App "MyPallete" developed by NTT Data Corporation is used by several financial institutions as Android applications for their customers. "MyPallete" is vulnerable to improper server certificate verification CWE-295 and to improper host-matching validation CWE-297. Dai Nakamura of...

7.4CVSS6.6AI score0.01175EPSS
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2020/01/10 5:48 a.m.•6 views

Junos OS vulnerable to directory traversal

Overview Junos OS contains a directory traversal vulnerability CWE-22. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Files on the server may be...

8.1CVSS6.6AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/09/19 8:59 a.m.•6 views

Multiple integer overflow vulnerabilities in LINE(Android)

Overview LINEAndroid provided by LINE Corporation contains multiple integer overflow vulnerabilities CWE-190 listed below. Integer overflow vulnerability in processing images using apng-drawable - CVE-2019-6007 Integer overflow vulnerability in processing images - CVE-2019-6010 LINE Corporation...

8.8CVSS7.5AI score0.02028EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/09/02 4:57 a.m.•6 views

Panasonic Video Insight VMS vulnerable to SQL injection

Overview Video Insight VMS provided by Panasonic Corporation is a video management suite for video security system. Vide Insight VMS contains a SQL injection vulnerability CWE-89. Panasonic Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC...

8.8CVSS7.7AI score0.01522EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/02/18 6:16 a.m.•6 views

Installer of Adobe Creative Cloud Desktop Application may insecurely load Dynamic Link Libraries

Overview Installer of Creative Cloud Desktop Application provided by Adobe contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon Marketing Japan Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wit...

7.8CVSS7AI score0.03279EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/25 7:19 a.m.•6 views

WordPress plugin "Google XML Sitemaps" vulnerable to cross-site scripting

Overview The WordPress plugin "Google XML Sitemaps" provided by Arne Brachhold contains a stored cross-site scripting vulnerability CWE-79. takagisan reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact In the ca...

4.8CVSS5.8AI score0.00678EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/21 5:10 a.m.•6 views

PgpoolAdmin fails to restrict access permissions

Overview PgpoolAdmin provided by PgPool Global Development Group fails to restrict access permissions CWE-264. Fotios Rogkotis of DarkMatter reported this vulnerability to PgPool Global Development Group, and PgPool Global Development Group reported this vulnerability to IPA to notify users of it...

9.8CVSS7AI score0.0172EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/19 6:20 a.m.•6 views

Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains multiple vulnerabilities listed below. Improper access control CWE-284 - CVE-2018-16197 Hidden functionality CWE-912 - CVE-2018-16198 Cross-site scripting CWE-79 - CVE-2018-16199 OS command injection CWE-78 -...

8.8CVSS7.2AI score0.00788EPSS
Exploits0References17
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/11/19 6:44 a.m.•6 views

Mizuho Bank Mizuho Direct App for Android fails to verify SSL server certificates

Overview Mizuho Bank Mizuho Direct App for Android fails to verify SSL server certificates. Mizuho Bank Mizuho Direct App for Android provided by Mizuho Bank, Ltd. fails to verify SSL server certificates CWE-295. Reo Yoshida reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the...

5.9CVSS6.6AI score0.00547EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/11/09 7:13 a.m.•6 views

Multiple vulnerabilities in WordPress plugin "LearnPress"

Overview WordPress LMS plugin "LearnPress" contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-16173 Open Redirect CWE-601 - CVE-2018-16174 SQL Injection CWE-89 - CVE-2018-16175 Daiki Sueyoshi of Cryptography Laboratory, Department of Information and Communicati...

7.2CVSS7.8AI score0.01306EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/10/24 7:7 a.m.•6 views

SecureCore Standard Edition vulnerable to authentication bypass

Overview SecureCore Standard Edition provided by Feitian Japan Co., Ltd. contains an authentication bypass vulnerability CWE-287. Daisuke Ota of BizReach, inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

7.8CVSS6.7AI score0.00334EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/10/15 6:26 a.m.•6 views

Multiple vulnerabilities in FileZen

Overview FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface. FileZen contains multiple vulnerabilities listed below. Directory traversal CWE-22 - CVE-2018-0693 OS command injection CWE-78 - CVE-2018-0694 Soliton Systems K.K...

10CVSS8AI score0.02374EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/09/27 7:52 a.m.•6 views

+Message App fails to verify SSL server certificates

Overview +Message App fails to verify SSL server certificates. ma.la of LINE Corporation reported this vulnerability to the developer, and also to IPA in order to notify users of its solution through JVN. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...

5.9CVSS6.5AI score0.00667EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/20 6:41 a.m.•6 views

DLL planting vulnerability in multiple Yayoi 17 Series products

Overview Multiple Yayoi 17 Series products provided by Yayoi Co., Ltd. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eiji James Yoshida of Security Professionals Network Inc. reported this vulnerability to IPA. JPCERT/CC coordinate...

7.8CVSS7AI score0.0119EPSS
Exploits4References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/13 5:47 a.m.•6 views

Explzh vulnerable to directory traversal

Overview Explzh is a file compression/extraction software supporting multiple file formats. Explzh contains a directory traversal vulnerability CWE-22. Explzh is not vulnerable to relative path traversal but to absolute path traversal. Therefore, an attacker may create new files or overwrite...

7.8CVSS6.8AI score0.01951EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/06/12 5:44 a.m.•6 views

LINE for Windows may insecurely load Dynamic Link Libraries

Overview LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software. If a user launches LINE for Windows by clicking the specially crafted link prepared by a remote attacker, it may result in insecurely loading Dynamic Link Libraries CWE-427. LINE...

7.8CVSS6.9AI score0.00796EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/04/05 1:22 a.m.•6 views

DoS Vulnerability in JP1/ServerConductor/Deployment Manager and Hitachi Compute Systems Manager

Overview A DoS Vulnerability was found in JP1/ServerConductor/Deployment Manager and Hitachi Compute Systems Manager Deployment Manager Plug-in. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the...

7.8CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/03/13 7:43 a.m.•6 views

QQQ SYSTEMS vulnerable to cross-site scripting

Overview QQQ SYSTEMS provided by Gundam Cult QQQ is a CGI script to create quiz pages. quiz.cgi of QQQ SYSTEMS contains a cross-site scripting vulnerability CWE-79. When a user accesses a malicious page and is redirected to a page created with the product, an arbitrary script may be executed on t...

6.1CVSS5.9AI score0.00746EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/01/22 5:17 a.m.•6 views

The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely load Dynamic Link Libraries

Overview The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Librarie...

9.3CVSS6.8AI score0.00912EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/01/19 5:19 a.m.•6 views

GroupSession vulnerable to open redirect

Overview GroupSession provided by Japan Total System Co.,Ltd. is an open source groupware. GroupSession contains an open redirect vulnerability CWE-601. Norihiko Hirukawa of FiveDrive Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

6.1CVSS6.7AI score0.00769EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/12/22 6:50 a.m.•6 views

The installer of Music Center for PC may insecurely load Dynamic Link Libraries

Overview Music Center for PC provided by Sony Video & Sound Products Inc. is a file management tool. The installer of Music Center for PC contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that this vulnerability is different from...

9.3CVSS6.9AI score0.01944EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/12/01 7:17 a.m.•6 views

Multiple vulnerabilities in multiple Buffalo broadband routers

Overview BBR-4HG and BBR-4MG provided by BUFFALO INC. are wireless LAN routers. BBR-4HG and BBR-4MG contain multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2017-10896 Improper Input Validation CWE-20 - CVE-2017-10897 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions,...

6.1CVSS6.5AI score0.00713EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/29 5:54 a.m.•6 views

StreamRelay.net.exe and sDNSProxy.exe vulnerable to denial-of-service (DoS)

Overview StreamRelay.net.exe and sDNSProxy.exe fail to properly process ICMP Port Unreachable message CWE-703. Tomoki Sanaki reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Tomoki Sanaki coordinated under the Information Security Early Warning...

7.5CVSS6.7AI score0.015EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/28 2:26 a.m.•6 views

QND Advance/Standard vulnerable to directory traversal

Overview QND Advance/Standard provided by QualitySoft Corporation contains a directory traversal vulnerability. QND Advance/Standard provided by QualitySoft Corporation contains a directory traversal vulnerability CWE-22 in an administrative server due to the issue in processing input from an age...

9.4CVSS7AI score0.02323EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/22 4:51 a.m.•6 views

PWR-Q200 vulnerable to DNS cache poisoning attacks

Overview PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Toshifumi Sakaguchi reported this vulnerability to IPA. JPCERT/CC coordinated with...

7.5CVSS6.6AI score0.01323EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/10/11 7:43 a.m.•6 views

Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Overview Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Eili Masami of Tachibana Lab. reported this...

9.3CVSS7AI score0.01008EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/09/08 5:14 a.m.•6 views

Multiple vulnerabilities in CG-WLR300NM

Overview CG-WLR300NM provided by Corega Inc. is a wireless LAN router. CG-WLR300NM contains multiple vulnerabilities listed below. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

7.7CVSS7.8AI score0.00823EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/18 4:41 a.m.•6 views

Installer and self-extracting archive containing the installer of TDB CA TypeA use software may insecurely load Dynamic Link Libraries

Overview TDB CA TypeA use software provided by Teikoku Databank, Ltd. is a software which provides environment for using system and management function of TDB electronic authentication service TypeA. The installer and the self-extracting archive containing the installer of TDB CA TypeA use softwa...

9.3CVSS7.1AI score0.00912EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/08 9:6 a.m.•6 views

WCR-1166DS vulnerable to OS command injection

Overview WCR-1166DS provided by BUFFALO INC.is a wireless LAN router. WCR-1166DS contains an OS command injection vulnerability CWE-78. Masashi Shiraishi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

7.7CVSS7.5AI score0.00732EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/20 5:12 a.m.•6 views

Multiple Buffalo wireless LAN access point devices do not properly perform authentication

Overview WAPM-1166D and WAPM-APG600H provided by BUFFALO INC. are wireless LAN access point devices. WAPM-1166D and WAPM-APG600H do not properly perform authentication CWE-287. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

10CVSS6.8AI score0.0402EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/19 6:7 a.m.•6 views

SONY Portable Wireless Server WG-C10 fails to restrict access permissions

Overview Portable Wireless Server WG-C10 provided by Sony Corporation fails to restrict access permissions CWE-284. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9.1CVSS6.3AI score0.01075EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/14 4:38 a.m.•6 views

Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries

Overview AttacheCase is an open source file encryption software provided by HiBARA Software. It can also create self-extracting encrypted files. Self-extracting encrypted files created by AttacheCase contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link...

9.3CVSS6.8AI score0.0108EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/12 5:42 a.m.•6 views

Installer of Yahoo! Toolbar (for Internet explorer) may insecurely load Dynamic Link Libraries

Overview Installer of Yahoo! Toolbar for Internet explorer contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

9.3CVSS7.1AI score0.0108EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/07 5:18 a.m.•6 views

Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries

Overview Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Self-extracting archive files created by Lhaz or Lhaz+ insecurely load Dynamic Link Libraries CWE-427 ...

9.3CVSS7.1AI score0.01059EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/21 4:45 a.m.•6 views

HOME SPOT CUBE2 vulnerable to OS command injection in WebUI

Overview HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains OS command injection in WebUI. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

8.8CVSS7.5AI score0.00909EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/09 6:59 a.m.•6 views

Installer of "Setup file of advance preparation" may insecurely load Dinamic Link Libraries

Overview "Setup file of advance preparation" provided by National Tax Agency is software to setup the environment which is required to use "filing assistance on the NTA website". "Setup file of advance preparation"contains an issue with the DLL search path, which may lead to insecurely loading...

7.8CVSS6.9AI score0.01128EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/08 6:31 a.m.•6 views

The installer of TKY2JGD provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries

Overview The installer of TKY2JGD TKY2JGD1379.EXE provided by Geospatial Information Authority of Japan GSI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS7.2AI score0.01059EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/01 7:47 a.m.•6 views

RW-5100 tool to verify execution environment may insecurely load Dynamic Link Libraries

Overview RW-5100 tool to verify execution environment for IC Card Reader/Writer devices provided by Sharp Corporation contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and BlackWingCat of...

9.3CVSS7AI score0.01644EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/01 7:44 a.m.•6 views

RW-5100 driver installer may insecurely load Dynamic Link Libraries

Overview RW-5100 driver installer for IC Card Reader/Writer devices provided by Sharp Corporation contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and BlackWingCat of PinkFlyingWhale reporte...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/05/25 5:14 a.m.•6 views

Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely load Dynamic Link Libraries

Overview Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...

8.8CVSS7.2AI score0.01749EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/20 5:48 a.m.•6 views

Hoozin Viewer vulnerable to buffer overflow

Overview Hoozin Viewer provided by ICON CORPORATION contains a buffer overflow vulnerability CWE-121. Touma Hatano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a user views a malicious page, arbitrary...

8.8CVSS7.5AI score0.02547EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/14 5:9 a.m.•6 views

Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries

Overview Multiple installers of Toshiba memory card related software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the...

9.3CVSS7AI score0.0299EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/14 4:55 a.m.•6 views

WN-AC1167GR vulnerable to cross-site scripting

Overview WN-AC1167GR provided by I-O DATA DEVICE, INC. is a wireless LAN router. WN-AC1167GR contains a stored cross-site scripting vulnerability CWE-79. Satoshi Ogawa of Mitsui Bussan Secure Directions,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5.4CVSS5.9AI score0.00891EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/10 4:47 a.m.•6 views

CS-Cart Japanese Edition fails to restrict access permissions

Overview CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition fails to restrict access permissions CWE-425. Note that this vulnerability is different from JVN14396697. Hirota Kazuki of Mitsui Bussan Secure Directions,Inc. reported this vulnerability to IPA. JPCERT/C...

5.3CVSS6.8AI score0.01174EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/03/13 4:42 a.m.•6 views

Cybozu KUNAI for Android information management vulnerability

Overview Cybozu KUNAI for Android is a mobile client software for using Cybozu from an Android device. Cybozu KUNAI for Android provides a function to output log information when synchronizing data with Cybozu, however the function is disabled by default. Cybozu KUNAI for Android contains an issu...

2.6CVSS6.5AI score0.01052EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/02/20 6:38 a.m.•6 views

Cybozu Garoon fails to restrict access permission in the Phone Messages function

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in the Phone Messages function Yuji Tounai reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC...

4.3CVSS6.5AI score0.01206EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/22 5:26 a.m.•6 views

SKYSEA Client View vulnerable to arbitrary code execution

Overview SKYSEA Client View provided by Sky Co., LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View agent program contains an issue in processing authentication on the TCP communication with the management console program, which allows an attacker to execute an arbitrary code on t...

10CVSS7.8AI score0.1938EPSS
Exploits1References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 5:32 a.m.•6 views

Cybozu Garoon fails to restrict access permission in MultiReport filters

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in MultiReport filters. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information...

4.3CVSS6.5AI score0.01056EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/07 5:44 a.m.•6 views

Sleipnir for Mac vulnerable to URL spoofing

Overview Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.1CVSS6.5AI score0.00831EPSS
Exploits0References6
Total number of security vulnerabilities5000