Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/01/12 6:32 a.m.•4 views

AssetView and AssetView PLATINUM contain multiple vulnerabilities

Overview AssetView and AssetView PLATINUM provided by Hammock Corporation contain 2 vulnerabilities listed below. Use of Hard-coded Cryptographic Key CWE-321 - CVE-2017-10866 Improper Input Validation CWE-20 - CVE-2017-10867 Muneaki Nishimura of of Recruit Technologies Co.,Ltd. RED TEAM reported...

8.8CVSS7.5AI score
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/12/22 6:50 a.m.•4 views

The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries

Overview Content Manager Assistant for PlayStation provided by Sony Interactive Entertainment Inc. is a data transfer tool. The installer of Content Manager Assistant for PlayStation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427...

7.8CVSS6.8AI score0.00865EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/12/18 6:17 a.m.•4 views

Multiple vulnerabilities in H2O

Overview H2O is an open source web server software. H2O contains multiple vulnerabilities listed below. A Denial-of-service DoS due to a flaw in processing HTTP/1 header CWE-20 - CVE-2017-10868 Stack-based buffer overflow CWE-121 - CVE-2017-10869 A Denial-of-service DoS due to a flaw in outputtin...

7.5CVSS7.4AI score0.03636EPSS
Exploits0References14
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/12/11 4:40 a.m.•4 views

Qt for Android environment variables alteration

Overview Qt for Android contains an information alteration vulnerability. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may alter environem...

6.8CVSS7.3AI score0.00576EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/12/06 5:42 a.m.•4 views

The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries

Overview The installer of The Public Certification Service for Individuals "The JPKI user's software" provided by Japan Agency for Local Authority Information Systems J-LIS contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that...

9.3CVSS7AI score0.01029EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/14 6:19 a.m.•4 views

Multiple vulnerabilities in BOOK WALKER for Windows/Mac

Overview BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries. Also BOOK WALKER for Windows/Mac contain a vulnerability which may le...

9.3CVSS6.3AI score0.01059EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/09 3:29 a.m.•4 views

Installer of HYPER SBI may insecurely load Dynamic Link Libraries

Overview HYPER SBI provided by SBI SECURITIES Co.,Ltd. is a trading tool. Installer of HYPER SBI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuto Iso of NTT Security Japan KK reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS6.9AI score0.01029EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/06 4:48 a.m.•4 views

I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)

Overview LAN DISK Connect provided by I-O DATA DEVICE, INC. contains a denial-of-service DoS vulnerability CWE-119 due to a flaw in processing certain packets. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

7.5CVSS6.5AI score0.01234EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/10/17 8:1 a.m.•4 views

Information Disclosure Vulnerability in Hitachi Automation Director

Overview An Information Disclosure Vulnerability was found in Hitachi Automation Director. Impact Information might be disclosed. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

3.5CVSS6.4AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/10/11 7:43 a.m.•4 views

Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Overview Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Eili Masami of Tachibana Lab. reported this...

9.3CVSS7AI score0.01008EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/10/03 2:18 a.m.•4 views

Self-Decrypting Confidential Files created by JP1/HIBUN may insecurely load Dynamic Link Libraries

Overview Self-decrypting confidential files created by JP1/HIBUN contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...

7.8CVSS6.9AI score
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/09/29 4:54 a.m.•4 views

Install program and Installer of i-filter 6.0 may insecurely load Dynamic Link Libraries and invoke executable files

Overview i-filter 6.0 provided by Digital Arts Inc. is web filtering and parental control software. The install program is designed to download the installer via the internet and execute it. The i-filter 6.0 install program and installer contain the following vulnerabilities. Eili Masami of...

9.3CVSS7.4AI score0.01781EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/09/26 6:37 a.m.•4 views

jwt-scala fails to verify token signatures

Overview jwt-scala contains a vulnerability where it fails to verify token signatures correctly. jwt-scala is a Scala library to handle JSON Web Token JWT. jwt-scala contains a vulnerability where it fails to verify token signatures correctly due to improper processing of JWT headers. Toshiharu...

5.3CVSS6.9AI score0.00583EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/09/21 6:58 a.m.•4 views

InterScan Web Security Virtual Appliance vulnerable to code injection

Overview InterScan Web Security Virtual Appliance provided by Trend Micro Incorporated contains code injection vulnerability. Impact Arbitrary code may be executed by a user who logged-in to the management screen of the product as an administrator. Solution Apply the Patch Apply the patch accordi...

9CVSS7.2AI score0.03196EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/09/11 6:19 a.m.•4 views

SEIL Series routers vulnerable to denial-of-service (DoS)

Overview The IPsec/IKE function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing certain packets. Internet Initiative Japan Inc. reported this vulnerability to IPA to notify users of its solution through JV...

5.3CVSS6.8AI score0.01524EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/25 5:52 a.m.•4 views

Installer of "Flets Setsuzoku Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Setsuzoku Tool"provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/24 5:3 a.m.•4 views

Multiple vulnerabilities in SEO Panel

Overview SEO Panel provided by SEO Panel contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-10838 SQL injection CWE-89 - CVE-2017-10839 ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...

8.8CVSS7.2AI score0.01071EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/22 3:34 a.m.•4 views

Installer of Photo Collection PC Software provided by NTT DOCOMO, INC. may insecurely load Dynamic Link Libraries and invoke executable files

Overview Photo Collection PC Software provided by NTT DOCOMO, INC. contains an issue with the search paths for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...

9.3CVSS7.2AI score0.0108EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/17 8:29 a.m.•4 views

Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Overview Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability ...

9.3CVSS6.8AI score0.01238EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/17 8:29 a.m.•4 views

Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Overview Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this...

9.3CVSS6.8AI score0.01061EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/08 9:7 a.m.•4 views

WSR-300HP vulnerable to arbitrary code execution

Overview WSR-300HP provided by BUFFALO INC. contains an arbitrary code execution vulnerability. WSR-300HP provided by BUFFALO INC. is a wireless LAN router. WSR-300HP contains an arbitrary code execution vulnerability. Impact By executing a specially crafted request prepared by a remote attacker,...

10CVSS7.7AI score0.99975EPSS
Exploits6References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/03 5:35 a.m.•4 views

Installer of IP Messenger may insecurely load Dynamic Link Libraries

Overview IP Messenger is a LAN Messenger based on TCP/IP. IP Messenger contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

9.3CVSS6.9AI score0.01129EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/08/03 3:28 a.m.•4 views

Installer of Baidu IME may insecurely load Dynamic Link Libraries

Overview Installer of Baidu IME contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9.3CVSS7AI score0.0108EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/27 5:13 a.m.•4 views

I-O DATA WN-G300R31 uses hard-coded credentials

Overview WN-G300R31 provided by I-O DATA DEVICE, INC. is a wireless LAN router. WN-G300R3 uses hard-coded credentials CWE-798. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

8.8CVSS7.5AI score0.00629EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/10 4:57 a.m.•4 views

Self-Extracting Archives created by File Compact may insecurely load Dynamic Link Libraries

Overview File Compact provided by SOURCENEXT CORPORATION is compression/decompression software. It can also create self-extracting archive files. Self-extracting archive files created by File Compact contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link...

9.3CVSS6.8AI score0.0108EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/04 5:43 a.m.•4 views

Installer of Douroshisetu Kihon Data Sakusei System may insecurely load Dynamic Link Libraries

Overview The installer of Douroshisetu Kihon Data Sakusei System provided by National Institute for Land and Infrastructure Management contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this...

7.8CVSS7AI score0.01057EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/04 5:2 a.m.•4 views

WordPress plugin "Responsive Lightbox" vulnerable to cross-site scripting

Overview The WordPress plugin "Responsive Lightbox" provided by dFactory contains a reflected cross-site scripting vulnerability CWE-79. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

6.1CVSS5.9AI score0.0145EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/04 4:59 a.m.•4 views

MFC-J960DWN vulnerable to cross-site request forgery

Overview MFC-J960DWN provided by BROTHER INDUSTRIES, LTD. is a MultiFunction Printer. MFC-J960DWN contains a cross-site request forgery vulnerability CWE-352. Taiga Asano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

8.8CVSS6.5AI score0.00722EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/07/03 6:23 a.m.•4 views

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting in the application menu. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact An arbitrary script may be executed on the logged-in user's web browser. Solution Upda...

4.8CVSS6.1AI score0.00603EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/30 6:56 a.m.•4 views

Cross-site Scripting Vulnerability in multiple Hitachi products

Overview A cross-site scripting vulnerability was found in uCosminexus Portal Framework, Groupmax Collaboration, Hitachi Navigation Platform and JP1/Navigation Platform. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor...

4.7CVSS6.3AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/30 6:55 a.m.•4 views

Multiple Vulnerabilities in Hitachi IT Operations Director and JP1/IT Desktop Management

Overview A cross-site scripting and an XML external entity XXE vulnerability have been found in Hitachi IT Operations Director, JP1/IT Desktop Management - Manager and JP1/IT Desktop Management 2 - Manager. Impact An attacker may conduct a cross-site scripting attack and a XML external entity XXE...

8.1CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/30 6:55 a.m.•4 views

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Overview A vulnerability CVE-2016-8743 exists in Cosminexus HTTP Server and Hitachi Web Server. Impact An attacker may have unspecified impact. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

7.5CVSS9.4AI score0.13252EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/30 5:19 a.m.•4 views

Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice may insecurely load Dynamic Link Libraries

Overview Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Takashi Yoshikawa of Mitsui Bussan Secure Directions, Inc., Yuji Tounai of NTT Communications...

9.3CVSS7AI score0.0108EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/28 1:28 a.m.•4 views

Non-documented developer's screen in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains non-documented developer's screen. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9.8CVSS6.8AI score0.01786EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/28 1:28 a.m.•4 views

OS command injection vulnerability in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains OS command injection. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...

10CVSS7.2AI score0.01979EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/28 1:28 a.m.•4 views

Cross-site request forgery vulnerability in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains cross-site request forgery. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

8.8CVSS6.8AI score0.00769EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/28 1:23 a.m.•4 views

Improper access control vulnerability in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains improper access control. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

9.8CVSS6.9AI score0.01483EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/21 4:44 a.m.•4 views

HOME SPOT CUBE2 vulnerable to buffer overflow in WebUI

Overview HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains buffer overflow in WebUI. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

8.8CVSS7.4AI score0.01087EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/21 4:44 a.m.•4 views

HOME SPOT CUBE2 vulnerable to OS command injection in clock settings

Overview HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains OS command injection in clock settings. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

8CVSS7.5AI score0.00849EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/13 5:50 a.m.•4 views

Source code security studying tool iCodeChecker vulnerable to cross-site scripting

Overview Source code security studying tool iCodeChecker provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains a cross-site scripting vulnerability CWE-79. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with...

6.1CVSS6.4AI score0.00713EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/09 4:49 a.m.•4 views

Installer of CASL II simulator(self-extract format) may insecurely load Dynamic Link Libraries

Overview Installer of CASL II simulatorself-extract format provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this...

7.8CVSS7.1AI score0.00911EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/08 6:31 a.m.•4 views

The installer of PatchJGD(Hyoko) provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries

Overview The installer of PatchJGDHyoko PatchJGDh101.EXE provided by Geospatial Information Authority of Japan GSI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...

9.3CVSS7.2AI score0.01059EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/07 5:54 a.m.•4 views

AppCheck may insecurely invoke an executable file

Overview AppCheck provided by JIRANSOFT JAPAN, INC. is an anti-ransomware software. AppCheck and its installer contains an issue with the search path for executable files, which may lead to insecurely invoke an executable file CWE-427. Takashi Yoshikawa of Mitsui Bussan Secure Directions, Inc...

9.3CVSS6.9AI score0.01651EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/02 5:0 a.m.•4 views

Installer of SaAT Netizen may insecurely load Dynamic Link Libraries

Overview The installer of SaAT Netizen provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. DigiGnome reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

8.8CVSS7AI score0.01636EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/01 7:25 a.m.•4 views

RW-4040 driver installer may insecurely load Dynamic Link Libraries

Overview RW-4040 driver installer for IC Card Reader/Writer devices provided by Sharp Corporation contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and BlackWingCat of PinkFlyingWhale reporte...

9.3CVSS6.9AI score0.01147EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/14 5:9 a.m.•4 views

Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries

Overview Multiple installers of Toshiba memory card related software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the...

9.3CVSS7AI score0.0299EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/13 4:49 a.m.•4 views

WordPress plugin "WP Statistics" vulnerable to cross-site scripting

Overview The WordPress plugin "WP Statistics" provided by WP Statistics contains a stored cross-site scripting vulnerability CWE-79. Note that this vulnerability is different from JVN62392065. Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

6.1CVSS5.8AI score0.01278EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/11 7:5 a.m.•4 views

Cybozu Office fails to restrict access permission in the file export function in "customapp"

Overview Cybozu Office contains an access restriction flaw in the file export function in "customapp". Cybozu, Inc. reported this vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning...

4.3CVSS6.7AI score0.01041EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/04/10 4:40 a.m.•4 views

WN-G300R3 vulnerable to stack based buffer overflow

Overview WN-G300R3 provided by I-O DATA DEVICE, INC. contain a stack based buffer overflow vulnerability. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

10CVSS7.6AI score0.03076EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/03/30 6:1 a.m.•4 views

Vulnerability in JP1/Cm2/Network Node Manager i

Overview A vulnerability CVE-2016-4397 exists in JP1/Cm2/Network Node Manager i. Impact An attacker may have unspecified impact. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

7.8CVSS7AI score0.01041EPSS
Exploits0References4
Total number of security vulnerabilities5000