Lucene search
K
JvnMost viewed

5627 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.6 views

Ichitaro series buffer overflow vulnerability

Overview The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN29211062 and JVN32981509. The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user ope...

9.3CVSS7.9AI score0.05741EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.6 views

Ichitaro series buffer overflow vulnerability

Overview The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN32981509 and JVN50495547. The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user ope...

9.3CVSS7.9AI score0.05741EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.6 views

WirelessIP5000 has multiple vulnerabilities

Overview WirelessIP5000, a wireless IP phone from Hitachi Cable, contains multiple vulnerabilities; - Illegal access using the port TCP3390 - SNMP access using an arbitrary community name - Access to the HTTP server by an unauthorized user in the factory default configuration - The HTTP server...

7.5CVSS6.9AI score0.01532EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/07/01 5:55 a.m.5 views

Seiko Solutions SkyBridge MB-A100/MB-A110 vulnerable to OS command injection

Overview SkyBridge MB-A100/MB-A110 provided by Seiko Solutions Inc. contains the following vulnerability. OS command injection CWE-78 - CVE-2026-50043 Takeshi Kuramori and Kaori Takashima of National Institute of Information and Communications Technology, Cybersecurity Research Institute reported...

8.6CVSS7.1AI score0.01129EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/06/30 9:7 a.m.5 views

RPG MAKER MV and MZ vulnerable to OS command injection

Overview RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. are game development tools, which provide "save data" facility to create a file to preserve game status and related parameters. A user can save the current game status to a save-file, and later load the file to resume playing the...

8.4CVSS7.1AI score0.00677EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/06/15 6:30 a.m.5 views

Privilege escalation vulnerability in multiple RICOH and KONICA MINOLTA JAPAN printer drivers

Overview Multiple printer drivers provided by RICOH and KONICA MINOLTA JAPAN contain the following vulnerability: Privilege escalation CWE-427 - CVE-2026-50100 Ricoh Company, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Ricoh Company, Ltd...

8.5CVSS7.2AI score0.00131EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/08 3:11 a.m.5 views

Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM

Overview Multiple vulnerabilities have been found in JP1/IT Desktop Management 2 and JP1/NETM/DM. CVE-2025-65115:Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM CVE-2025-65116:Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM Impact...

9.8CVSS5.8AI score0.00613EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/02 5:58 a.m.5 views

Multiple vulnerabilities in FUJI Electric V-SFT (April 2026)

Overview V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below. Stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom CWE-121 - CVE-2026-32925 Out-of-bounds read in VS6ComFile!loadlinkinf CWE-125 - CVE-2026-32926 Out-of-bounds read in...

8.4CVSS6.8AI score0.00209EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/26 8:41 a.m.5 views

Digital Photo Frame GH-WDF10A vulnerable to improper access restriction

Overview Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains the following vulnerability. Active debug code CWE-489 - CVE-2026-33201 Koki Takase reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

7CVSS6.8AI score0.00174EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/25 6:14 a.m.5 views

Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal

Overview Lanscope Endpoint Manager On-Premises provided by MOTEX Inc. contains the following vulnerability. Path traversal CWE-22 - CVE-2026-25785 The following people reported this vulnerability to MOTEX Inc. and coordinated with the vendor. After the coordination was completed, MOTEX Inc...

9.8CVSS6.5AI score0.00566EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/03 5:57 a.m.5 views

Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries

Overview The installer for Roland Cloud Manager provided by Roland Corporation contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-24694 Kazuma Matsumoto of GMO Cybersecurit...

8.4CVSS5.5AI score0.00144EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/03 5:57 a.m.5 views

Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows

Overview Mitsubishi small-capacity UPS shutdown software FREQSHIP-mini for Windows provided by Mitsubishi Electric Corporation contains the following vulnerability. Incorrect default permissions CWE-276 - CVE-2025-10314 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this...

8.8CVSS6.3AI score0.00148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/02 6:18 a.m.5 views

OS command injection in raspap-webgui

Overview RaspAP raspap-webgui contains the following vulnerability. OS command injection CWE-78 - CVE-2026-24788 Taihei Kusayanagi of NTT Security Japan KK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

8.8CVSS5.8AI score0.0133EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/02 6:18 a.m.5 views

Sonatype Nexus Repository vulnerable to server-side request forgery

Overview Nexus Repository provided by Sonatype contains the following vulnerability. Server-side request forgery CWE-918 - CVE-2026-0600 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Ear...

7.6CVSS5.6AI score0.00284EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/27 9:22 a.m.5 views

beat-access for Windows may insecurely load Dynamic Link Libraries

Overview beat-access for Windows provided by FUJIFILM Business Innovation Corp. contains the following vulnerability which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-21408 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported...

7.3CVSS5.9AI score0.00144EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/20 11:0 a.m.5 views

ETERNUS SF vulnerable to insertion of sensitive information into maintenance data

Overview ETERNUS SF provided by Fsas Technologies Inc. contains the following vulnerability. Insertion of sensitive information into maintenance data CWE-532 - CVE-2025-68919 Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact...

5.6CVSS5.6AI score0.00099EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/01/07 1:46 a.m.5 views

Authentication bypass vulnerability in OpenBlocks series

Overview OpenBlocks series provided by Plat'Home Co.,Ltd. contains the following vulnerability. Authentication bypass CWE-288 - CVE-2026-21411 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An attacker could bypass...

8.8CVSS8.8AI score0.00279EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/24 2:10 a.m.5 views

Media Player MP-01 vulnerable to Missing Authentication for Critical Function

Overview NEC branded Media Player MP-01 manufactured by Sharp Display Solutions, Ltd. contains the following vulnerability. Missing Authentication for Critical Function CWE-306 - CVE-2025-12049 Souvik Kandar of MicroSec microsec.io discovered and reported the vulnerability to the developer and...

9.8CVSS6.7AI score0.00286EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/08 5:6 a.m.5 views

GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths

Overview FULLBACK Manager Pro provided by GS Yuasa International Ltd. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-66461 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

8.4CVSS7AI score0.00135EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/25 8:17 a.m.5 views

Multiple vulnerabilities in Security Point (Windows) of MaLion

Overview Security Point Windows of MaLion provided by Intercom, Inc. contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2025-59485 Stack-based buffer overflow in processing HTTP headers CWE-121 - CVE-2025-62691 Heap-based buffer overflow in processing...

9.8CVSS8.6AI score0.00593EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/25 5:59 a.m.5 views

Multiple vulnerabilities in SNC-CX600W

Overview SNC-CX600W provided by Sony Corporation contains multiple vulnerabilities listed below. Cross-site request forgery CWE-352 - CVE-2025-62497 Cross-site scripting CWE-79 - CVE-2025-64730 The following people reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer...

6.5CVSS4.9AI score0.00174EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/25 5:15 a.m.5 views

"FOD" App uses hard-coded cryptographic keys

Overview "FOD" App provided by Fuji Television Network, Inc. uses hard-coded cryptographic keys Use of hard-coded cryptographic key CWE-321 - CVE-2025-64304 The keys are used in the processing of JWT data. Impact The cryptographic keys may be retrieved. The developer considers that the impact is...

5.1CVSS4.7AI score0.0011EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/21 7:27 a.m.5 views

Multiple vulnerabilities in LogStare Collector

Overview LogStare Collector provided by LogStare Inc. contains multiple vulnerabilities listed below. Incorrect default permissions for the installation directory CWE-276 - CVE-2025-58097 Stored cross-site scripting vulnerability in UserManagement CWE-79 - CVE-2025-61949 Incorrect authorization i...

8.4CVSS6.2AI score0.00231EPSS
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/21 6:31 a.m.5 views

EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts

Overview EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products provided by SEIKO EPSON CORPORATION contain the following vulnerability. Improper restriction of excessive authentication attempts CWE-307 - CVE-2025-64310 Vladislav Khegay and Aigerim Alibek of Astana IT University...

9.8CVSS6.7AI score0.00422EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/17 5:9 a.m.5 views

"Dejira" App for iOS vulnerable to improper server certificate verification

Overview "Dejira" App for iOS provided by KDDI CORPORATION contains the following vulnerability. Improper server certificate verification CWE-295 Tsuyoshi Ogawa of SIE Co.,Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.8CVSS4.9AI score0.00121EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/24 6:11 a.m.5 views

Multiple stored cross-site scripting vulnerabilities in Pleasanter

Overview Pleasanter provided by Implem Inc. contains multiple stored cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in Preview for Attachments CWE-79 - CVE-2025-58070 Stored cross-site scripting vulnerability in Body, Description and Comments CWE-79 -...

6.1CVSS5.8AI score0.00184EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/22 6:44 a.m.5 views

GROWI vulnerable to cross-site scripting

Overview GROWI provided by GROWI, Inc. contains the following vulnerability. Cross-site scripting in the page alert function CWE-79 - CVE-2025-54806 GROWI, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and GROWI, Inc. coordinated under the...

6.1CVSS6.3AI score0.00184EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/22 6:4 a.m.5 views

Multiple I-O DATA NAS management applications register Windows services with unquoted file paths

Overview Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. Multiple NAS management applications provided by I-O DATA DEVICE, INC. contain the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-61865...

8.4CVSS7.4AI score0.00184EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/15 6:55 a.m.5 views

Multiple RSUPPORT products may insecurely load Dynamic Link Libraries

Overview Multiple RSUPPORT products contain multiple vulnerabilities listed below. RemoteView PC Application Console vulnerable to uncontrolled search path element CWE-427 - CVE-2025-26859 RemoteCall Remote Support Program for Operator vulnerable to uncontrolled search path element CWE-427 -...

8.5CVSS7.8AI score0.0016EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/15 6:54 a.m.5 views

Phoenix Contact CHARX SEC-3xxx vulnerable to code injection

Overview CHARX SEC-3xxx provided by Phoenix Contact contains the following vulnerability. Code injection CWE-94 - CVE-2025-41699 Ryo Kato of Panasonic Holdings Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

8.8CVSS7.5AI score0.00869EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/29 5:44 a.m.5 views

DataSpider Servista improper restriction of XML external entity references

Overview DataSpider Servista provided by Saison Technology Co.,Ltd. is a data integration software. DataSpider Servista contains the following vulnerability. Improper restriction of XML external entity reference CWE-611 - CVE-2025-48006 Shigeaki Tsunoda of Cyber Defense Institute, Inc. reported...

9.1CVSS6.7AI score0.00496EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/19 5:58 a.m.5 views

Multiple vulnerabilities in I-O DATA wireless LAN routers

Overview Wireless LAN routers provided by I-O DATA DEVICE, INC. contains multiple vulnerabilities listed below. Hidden functionality CWE-912 - CVE-2025-55075 OS command injection CWE-78 - CVE-2025-58116 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinat...

8.6CVSS7.7AI score0.01149EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/12 4:57 a.m.5 views

WTW-EAGLE App vulnerable to improper server certificate validation

Overview WTW-EAGLE App provided by Wireless Tsukamoto Co., Ltd. contains the following vulnerability. Improper server certificate validation CWE-295 - CVE-2025-58781 Shogo Iyota of GMO Cybersecurity by Ierae reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

6.3CVSS6.5AI score0.00132EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/05 7:20 a.m.5 views

RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path

Overview RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-58400 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

8.4CVSS7.5AI score0.00161EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/03 12:0 a.m.5 views

JVN#65839588: Web Caster V130 vulnerable to cross-site request forgery

Web Caster V130 provided by NTT EAST, Inc. and NTT WEST, Inc. is a 050IP telephony-enabled broadband router. Web Caster V130 contains the following vulnerability. Cross-site request forgery CWE-352 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N Base Score 2.0...

3.7CVSS6.4AI score0.00119EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/09/01 12:0 a.m.5 views

JVN#22016482: Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection

SkyBridge BASIC MB-A130 provided by Seiko Solutions Inc. contains the following vulnerability. OS command injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8 CVE-2025-54857 Impact A remote...

9.8CVSS8.1AI score0.03214EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/27 12:0 a.m.5 views

JVN#55678602: Improper file access permission settings in multiple i-フィルター products

Multiple i-フィルター products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2025-57846 Impact A...

8.5CVSS7.5AI score0.00138EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/22 4:37 a.m.5 views

Western Digital Kitfox registers a Windows service with an unquoted file path

Overview Western Digital Kitfox for Windows provided by Western Digital Corporation contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-57699 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with th...

8.4CVSS7.5AI score0.00155EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/21 5:3 a.m.5 views

Multiple vulnerabilities in Group-Office

Overview Group-Office provided by Intermesh BV contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2025-53504 Path traversal CWE-22 - CVE-2025-53505 Rikuto Tauchi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5.4CVSS6.5AI score0.00308EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/21 2:49 a.m.5 views

FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation

Overview Synapse Mobility provided by FUJIFILM Healthcare Americas Corporation is vulnerable to privilege escalation. Privilege escalation vulnerability through external control of Web parameter CWE-472 - CVE-2025-54551 Christopher Alejandro Moroco reported this vulnerability to CISA ICS...

5.3CVSS7.1AI score0.0023EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/20 6:30 a.m.5 views

Multiple vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Use of less trusted source CWE-348 - CVE-2025-53522 Open redirect CWE-601 - CVE-2025-55706 Six Apart Ltd. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN...

6.9CVSS7.4AI score0.0019EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/14 3:32 a.m.5 views

Seagate Toolkit registers a Windows service with an unquoted file path

Overview Seagate Toolkit provided by Seagate Technology contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-9043 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to the developer and IPA. JPCERT/CC coordinated with the developer...

6.7CVSS7.5AI score0.00135EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/01 3:5 a.m.5 views

Multiple vulnerabilities in PowerCMS

Overview PowerCMS provided by Alfasado Inc. contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2025-36563 Stored cross-site scripting CWE-79 - CVE-2025-41391 Path traversal in file uploading CWE-22 - CVE-2025-41396 Path traversal in backup restore CWE-22 -...

8.6CVSS6.5AI score0.00578EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/28 8:53 a.m.5 views

TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection

Overview VIGI NVR1104H-4P and VIGI NVR2016H-16MP provided by TP-Link Systems Inc. contain multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2025-7723, CVE-2025-7724 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the...

8.8CVSS7.5AI score0.00894EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/24 5:16 a.m.5 views

TP-Link Archer C1200 vulnerable to clickjacking

Overview Archer C1200 provided by TP-Link Systems Inc. contains the following vulnerability. Clickjacking CWE-1021 - CVE-2025-6983 Daimon Kawashima reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a user...

5.1CVSS6.6AI score0.00392EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/17 8:3 a.m.5 views

Security updates for Trend Micro products (June 2025)

Overview Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. Impact Key memory-mapped files may be overwritten due to an insecure access control...

9.8CVSS7.1AI score0.01944EPSS
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/14 8:22 a.m.5 views

Firebox T15 contains an issue with hidden functionality

Overview Firebox T15 provided by WatchGuard Technologies contains the following vulnerability. Hidden functionality CWE-912 - CVE-2025-4106 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An attacker may log...

8.9CVSS6.8AI score0.00293EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/07 6:26 a.m.5 views

Multiple vulnerabilities in Nimesa Backup and Recovery

Overview Nimesa Backup and Recovery provided by Nimesa contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2025-48501 Server-side request forgery CWE-918 - CVE-2025-53473 Kentaro Kawane of GMO Cybersecurity by Ierae reported this vulnerability to IPA. JPCERT/CC...

9.8CVSS7.7AI score0.01307EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/04 4:28 a.m.5 views

Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)

Overview Trend Micro Incorporated has released a security update for Trend Micro Password Manager for Windows. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Arbitrary files may be deleted during the product installation d...

7.8CVSS7AI score0.00182EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/26 9:15 a.m.5 views

Multiple vulnerabilities in multiple BROTHER products

Overview Multiple BROTHER products provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. Exposure of sensitive system information to an unauthorized control sphere CWE-497 - CVE-2024-51977 Use of weak credentials CWE-1391 - CVE-2024-51978 Stack-based buffer overflow...

9.8CVSS7.6AI score0.7656EPSS
Exploits0References25
Total number of security vulnerabilities5000