Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/11/11 6:33 a.m.•4 views

Vulnerability in JP1/NETM/DM and Job Management Partner 1/Software Distribution data reproduction functionality

Overview JP1/NETM/DM and Job Management Partner 1/Software Distribution contain a vulnerability that prevents them from disabling writing to built-in USB storage devices. Impact An attacker can exploit this vulnerability to prevent the affected products from disabling writing to built-in type USB...

4.6CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/10/16 4:26 a.m.•4 views

BirdBlog vulnerable to cross-site scripting

Overview BirdBlog is a weblog software. BirdBlog contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

4.3CVSS6.2AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/10/10 5:2 a.m.•4 views

Huawei E5332 vulnerable to denial-of-service (DoS)

Overview Huawei E5332 contains a denial-of-service DoS vulnerability. Huawei E5332 provided by Huawei Technologies is a mobile router. Huawei E5332 contains an issue when processing a GET request that contains an extremely long parameter, which lead to the device rebooting. Shuto Imai of Chukyo...

6.8CVSS6.4AI score0.0122EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/17 6:23 a.m.•4 views

365 Links series vulnerable to cross-site scripting

Overview 365 Links series provided by php365.com are link directory management tools. 365 Links series contain a cross-site scripting vulnerability. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/04 7:36 a.m.•4 views

EmFTP may insecurely load executable files

Overview EmFTP contains a flaw when loading files, where an unitended executable file may be loaded when attempting to open a file without an extension. For example, if a text file named "exmaple" without an extension and an executable "example.exe" are in the same directory, attemtping to open t...

5.1CVSS7.7AI score0.00354EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/15 4:27 a.m.•4 views

Shutter vulnerable to cross-site scripting

Overview Shutter provided by tenfourzero is a web package allowing users to share their photos. Shutter contains a cross-site scripting vulnerability, which can be exploited through the SQL injection vulnerability JVN48039501. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS7.1AI score0.00931EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/15 5:45 a.m.•4 views

Cybozu Garoon 3 API access restriction bypass vulnerability

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability CWE-264 when using Garoon APIs. Impact A remote attacker may cause a denial-of-service DoS or execute arbitrary code. Solution Update the Software Update to the latest...

7.5CVSS7.3AI score0.02643EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/15 5:44 a.m.•4 views

Seasar S2Struts vulnerable to ClassLoader manipulation

Overview Seasar S2Struts provided by The Seasar Foundation is a software framework for creating Java web applications. Seasar S2Struts bundles Apache Struts that is vulnerable to the ClassLoader manipulation CVE-2014-0114. Consequently, Seasar S2Struts contains the same vulnerability. Cybozu, Inc...

7.5CVSS8.8AI score
Exploits5References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/02 6:20 a.m.•4 views

SX-2000WG vulnerable to denial-of-service (DoS)

Overview SX-2000WG provided by silex technology, Inc. is a product that provides wireless connectivity for USB devices such as printers and hard disk drives HDD. SX-2000WG contains an issue in the processing of IP packets, which may cause a denial-of-service DoS. Note that this vulnerability is...

5CVSS6.7AI score0.01218EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/06/20 4:58 a.m.•4 views

Webmin vulnerable to cross-site scripting

Overview Webmin is a web-based system management tool. Webmin contains a cross-site scripting vulnerability when "referrer checking" is turned off. Note that "referrer checking" is enabled by default. hasegawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

2.6CVSS6AI score0.00895EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/06/20 4:56 a.m.•4 views

Usermin vulnerable to cross-site scripting

Overview Usermin is a web-based interface used to manage webmail. Usermin contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS6AI score0.01351EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/06/11 3:22 a.m.•4 views

JustSystems Online Update Program bundled with JustSystems products vulnerable to arbitrary code execution

Overview "JUST Online Update" and "JUST Online Update for J-License and the management tools" that are bundled with multiple JustSystems products contain a flaw that allows the update program to be executed even if the signature of an update module is invalid. Please note that this is a flaw in t...

7.6CVSS7.2AI score0.03592EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/30 6:8 a.m.•4 views

Cybozu Garoon API access restriction bypass vulnerability

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability when using APIs. Impact Users who can log in to the system may delete schedule information that they do not have permission to edit. Solution Update the Software Updat...

6CVSS6.5AI score0.01064EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/25 6:37 a.m.•4 views

Apache Struts vulnerable to ClassLoader manipulation

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a vulnerability where the ClassLoader may be manipulated. NTT-CERT reported this vulnerability to IPA. JPCERT/CC coordinated with the developer unde...

7.5CVSS7.3AI score0.99614EPSS
Exploits7References32
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/16 6:6 a.m.•4 views

Redmine vulnerable to open redirect

Overview Redmine is a project management software. Redmine contains an open redirect vulnerability due to insufficient checking of the URL parameter. Minoru Sakai of SCSK Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5.8CVSS6.8AI score0.02716EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/03/17 4:43 a.m.•4 views

Demaecan for Android. contains an issue where it fails to verify SSL server certificates

Overview Demaecan for Android. contains an issue where it fails to verify SSL server certificates. kurisu and matt reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-minddle attack may allow an...

5.8CVSS6.5AI score0.00587EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/02/21 5:16 a.m.•4 views

AutoCAD vulnerable to arbitrary VBScript execution

Overview AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD loads specific FAS files when opening files. AutoCAD contains an issue with the FAS file search path, which may lead to arbitrary VBScript code execution. kaito834 reported this vulnerability to...

7.5CVSS7.4AI score0.02493EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/28 5:48 a.m.•4 views

Sanshiro Series vulnerable to arbitrary code execution

Overview The "Sanshiro" series software provided by JustSystems Corporation is a spreadsheet software. The "Sanshiro" series contains a vulnerability that may allow arbitrary code execution. Impact When a user opens a specially crafted file, arbitrary code may be executed. Solution Update the...

9.3CVSS7.5AI score0.03498EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/22 6:27 a.m.•4 views

EC-CUBE vulnerable to information alteration

Overview EC-CUBE contains an information alteration vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information alteration vulnerability. aratana inc. reported this vulnerability to the developer. JPCERT/CC coordinated with...

6.4CVSS6.6AI score0.01569EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/10 5:41 a.m.•4 views

tetra filer vulnerable to directory traversal

Overview tetra filer provided by Yuichiro Okuyama contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5.8CVSS6.9AI score0.01249EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/26 3:32 a.m.•4 views

HP Autonomy Ultraseek vulnerable to cross-site scripting

Overview HP Autonomy Ultraseek provided by Hewlett-Packard Development Company, L.P. contains an issue in handling specific character encoding, which may result in cross-site scripting. NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

3.5CVSS6.3AI score0.01826EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/25 3:22 a.m.•4 views

Cybozu Garoon Keitai vulnerable to authentication bypass

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon Keitai contains an authentication bypass vulnerability. Impact When an attacker sends a specially crafted request that includes a user ID for a user that has the Keitai function enabled, authentication using Keitai may b...

5.8CVSS6.8AI score0.01986EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/25 3:21 a.m.•4 views

Cybozu Garoon vulnerable to SQL injection

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in processing input through API, which may result in SQL injection. Impact A user who can log in to the system may alter information stored in the database. Solution Apply the Patch Apply the appropria...

6.5CVSS7.2AI score0.01554EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/13 3:23 a.m.•4 views

Juniper ScreenOS vulnerable to denial-of-service (DoS)

Overview ScreenOS provided by Juniper Networks contains a denial-of-service DoS vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When processing a malicious packe...

7.8CVSS6.6AI score0.01881EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/22 5:51 a.m.•4 views

D-Link DES-3800 Series vulnerable to denial-of-service (DoS)

Overview DES-3800 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in the Web manager function. Note that this vulnerability is different from JVN65312543. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA...

7.8CVSS6.7AI score0.01772EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 6:34 a.m.•4 views

EC-CUBE vulnerable to cross-site scripting

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a vulnerability in processing the output of error messages, which may lead to cross-site scripting. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

4.3CVSS6.2AI score0.01207EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 6:12 a.m.•4 views

D-Link DES-3810 Series vulnerable to denial-of-service (DoS)

Overview DES-3810 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.8CVSS6.6AI score0.01054EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/06 5:12 a.m.•4 views

Apache Struts vulnerable to remote command execution

Overview Apache Struts contains a remote command execution vulnerability. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a remote command execution vulnerability. This issue is the same issue that the...

9.8CVSS7.2AI score0.99998EPSS
Exploits18References18
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/17 4:45 a.m.•4 views

Oracle Outside In vulnerable to buffer overflow

Overview Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a buffer overflow vulnerability. Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.5CVSS7.5AI score0.01385EPSS
Exploits0References18
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 5:35 a.m.•4 views

CLIP-MAIL vulnerable to cross-site scripting

Overview CLIP-MAIL provided by KENT-WEB contains an issue in the webpage output of strings entered in the form, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version...

4.3CVSS6.2AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 5:29 a.m.•4 views

EC-CUBE vulnerable to code injection

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a code injection vulnerability. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

7.5CVSS7.3AI score0.04285EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/18 6:20 a.m.•4 views

Cybozu Live for Android vulnerable in the WebView class

Overview Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains a vulnerability in the WebView class. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN77393797. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported...

6.8CVSS6.5AI score0.01085EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/18 6:19 a.m.•4 views

Cybozu Live for Android vulnerable to arbitrary Java method execution

Overview Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN23009798. Gaku Mochizuki of Mitsui Bussan Secure Directions,...

6.8CVSS7.1AI score0.01986EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/12 3:41 a.m.•4 views

Sleipnir Mobile for Android loads arbitrary Extension API

Overview Sleipnir Mobile for Android has an Extension mechanism to customize browser functions, and this Extension function makes calls to an Extension API. Sleipnir Mobile for Android contains an issue that may allow a specially crafted web page to load an arbitrary Extension API. Keita Haga of...

5.8CVSS6.6AI score0.0088EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/11 5:14 a.m.•4 views

Sleipnir for Windows vulnerable to address bar spoofing

Overview Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

5CVSS6.5AI score0.01034EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/04 5:43 a.m.•4 views

Active! mail vulnerable to information disclosure

Overview Active! mail contains an information disclosure vulnerability. Active! mail provided by TransWARE is a webmail software. Active! mail contains an information disclosure vulnerability. Mitsuru Ogino of Sugiyama Jogakuen reported this vulnerability to IPA. JPCERT/CC coordinated with the...

2.1CVSS6.3AI score0.00304EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:43 a.m.•4 views

VxWorks Web Server vulnerable to denial-of-service (DoS)

Overview The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service DoS vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5CVSS6.5AI score0.02374EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:38 a.m.•4 views

VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in the processing authentication requests. Hisashi Kojima and Masahiro Nakada of...

10CVSS7.2AI score0.06353EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/28 4:37 a.m.•4 views

dopvCOMET* vulnerable to cross-site scripting

Overview dopvCOMET provided by bayashi.net is a software to analyze web access logs. dopvCOMET contains a cross-site scripting vulnerability. Masahiro YAMADA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

4.3CVSS6AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/21 4:54 a.m.•4 views

NEC Universal RAID Utility fails to restrict access permissions

Overview NEC Universal RAID Utility contains an issue where access permissions are not restricted. NEC Universal RAID Utility is a software to manage a RAID controller. NEC Universal RAID Utility contains an issue where access permissions are not restricted. SAKURA Internet Inc. reported this...

9CVSS6.9AI score0.01751EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/08 4:53 a.m.•4 views

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon contains a cross-site scripting vulnerability. Cybozu Garoon provided by Cybozu is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/01/18 4:39 a.m.•4 views

Documents Pro (formerly Files HD) vulnerable to directory traversal

Overview Documents Pro provided by Olive Toast Software Ltd. contains a directory traversal vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a directory traversal vulnerability. Keigo Yamazaki of LAC Co., Ltd reported...

7.5CVSS6.7AI score0.01839EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/21 3:41 a.m.•4 views

concrete5 vulnerable to cross-site scripting

Overview concrete5 contains a cross-site scripting vulnerability. concrete5 is an open source content management system CMS. concrete5 contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS6AI score0.0143EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/21 3:37 a.m.•4 views

Loctouch for Android information management vulnerability

Overview Loctouch for Android contains an information management vulnerability. Loctouch provided by NHN Japan, is an application that logs location information. Loctouch for Android contains an information management vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported...

2.6CVSS6.3AI score0.00992EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/17 3:23 a.m.•4 views

WikkaWiki vulnerable to cross-site scripting

Overview WikkaWiki contains a cross-site scripting vulnerability. WikkaWiki is an open source wiki written in PHP. WikkaWiki contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

4.3CVSS6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/14 3:50 a.m.•4 views

Welcart vulnerable to cross-site scripting

Overview Welcart contains a cross-site scripting vulnerability. Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting vulnerability. Yoshinori Matsumoto of Kobe Digital Lab., Inc. reported this vulnerability to IPA. JPCERT/CC...

5CVSS6AI score0.01948EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/29 6:23 a.m.•4 views

Denial of Service (DoS) Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2

Overview JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 contain a vulnerability that could allow a remote attacker to cause a denial of service DoS condition. Impact A remote attacker could cause a denial of service DoS condition. Solution Please refer to the...

5CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/29 5:48 a.m.•4 views

Hitachi Device Manager Software Denial of Service (DoS) Vulnerability

Overview Hitachi Device Manager Software HDvM contains a denial of service abend vulnerability when receiving a large amount of data at once. If HDvM exits abnormally, users will be able to resume using the software by restarting the HDvM service or daemon. Impact A remote attacker could cause a...

5CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/21 5:34 a.m.•4 views

BIGACE vulnerable to session fixation

Overview BIGACE contains a session fixation vulnerability. BIGACE is a content management system CMS. BIGACE contains a session fixation vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.8CVSS6.5AI score0.01309EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/07 7:1 a.m.•4 views

BeZIP vulnerable to directory traversal

Overview BeZIP contains a directory traversal vulnerability. BeZIP provided by Be Graph Co.,Ltd. is a file compression/extraction software supporting ZIP and LZH formats. BeZIP contains a directory traversal vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this...

5CVSS6.7AI score0.01943EPSS
Exploits0References5
Total number of security vulnerabilities5000