Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/06/17 12:0 a.m.67 views

JVN#03776901: Hitachi Application Server Help vulnerable cross-site scripting

Hitachi Application Server Help contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the appropriate latest version of the help according to the information provided by the developer. Product...

6.1CVSS6.1AI score0.00754EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/06/11 12:0 a.m.67 views

JVN#70566757: WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a stored cross-site scripting vulnerability CWE-79. Impact If a user views a malicious page while logged in to the affected system with the administrative privilege, an arbitrary script may be executed. Solution Update the...

6.1CVSS6AI score0.01044EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/08/07 12:0 a.m.67 views

JVN#29343839: EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting

EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" provided by IPLOGIC CO.,LTD. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who logs in to the product with the administrative privilege. Solution Update the Plugin Update...

6.1CVSS6.1AI score0.01031EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/04/27 12:0 a.m.67 views

JVN#68345747: The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries

The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest install...

7.8CVSS7.7AI score0.02109EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/04/12 12:0 a.m.67 views

JVN#71255137: Tenable Appliance vulnerable to cross-site scripting

Tenable Appliance provided by Tenable, Inc. contains a stored cross-site scripting vulnerability CWE-79. Impact Arbitrary JavaScript may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Product...

5.4CVSS5.2AI score0.00521EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/24 12:0 a.m.67 views

JVN#24238648: RBB SPEED TEST App fails to verify SSL server certificates

RBB SPEED TEST App provided by IID, Inc. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by the developer...

5.9CVSS5.3AI score0.00632EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/01 12:0 a.m.67 views

JVN#70951878: WordPress plugin "WP Live Chat Support" vulnerable to cross-site scripting

The WordPress plugin "WP Live Chat Support" provided by CODECABIN contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the developer...

6.1CVSS6AI score0.01293EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/13 12:0 a.m.67 views

JVN#44657371: WordPress plugin "Ninja Forms" vulnerable to PHP object injection

WordPress plugin "Ninja Forms" contains a PHP object injection vulnerability due to a flaw where untrusted POST values are unserialized. Impact A remote attacker may execute an arbitrary PHP code. Solution Update the Software Update to a version that addresses the vulnerability according to the...

9.8CVSS9.6AI score0.61612EPSS
Exploits4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/13 12:0 a.m.67 views

JVN#49154900: Spring Framework vulnerable to directory traversal

Spring Framework is a Java framework for developing web applications. Spring Framework contains a directory traversal vulnerability. Impact A remote attacker may be able to access arbitrary files on the server. Solution Update the software Users of 3.x should update to version 3.2.9 or later and...

5CVSS9.3AI score0.06215EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/06 12:0 a.m.67 views

JVN#61247051: OpenSSL improper handling of Change Cipher Spec message

OpenSSL contains a flaw in the implementation of the Change Cipher Spec protocol that allows a MITM man-in-the-middle attacker to force a server and a client to use easily guessable cryptgraphic key material during the initial SSL/TLS handshake CWE-325. Impact SSL/TLS communication between the...

7.4CVSS7.6AI score0.95326EPSS
Exploits9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/04/14 12:0 a.m.66 views

JVN#54025691: Gurunavi Apps fail to restrict access permissions

Gurunavi Apps provided by Gurunavi, Inc. implement the function to access a requested URL using Custom URL Scheme. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an request from an arbitrary App and execute an access. Impact A...

7.5CVSS7.4AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/14 12:0 a.m.66 views

JVN#35496038: ilbo App vulnerable to authentication bypass

ilbo App provided by EXTRUN Ltd. contains an authentication bypass vulnerability CWE-287. Impact A user who can login to ilbo App may view the images which were recorded by the other user's ilbo device. Solution Update the Application Update to the latest version according to the information...

4.3CVSS4.5AI score0.00922EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/01/31 12:0 a.m.66 views

JVN#00014057: AWMS Mobile App vulnerable to improper server certificate verification

AWMS Mobile App is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the developer...

5.9CVSS5.3AI score0.00497EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/12/17 12:0 a.m.66 views

JVN#79854355: Multiple vulnerabilities in Cybozu Office

Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Directory traversal in the "Customapp" function CWE-22 - CVE-2019-6022 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N| Base Score: 7.7 CVSS v2|...

6.5CVSS5.7AI score0.02021EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/24 12:0 a.m.66 views

JVN#13940333: The installer of PlayMemories Home for Windows may insecurely load Dynamic Link Libraries

PlayMemories Home for Windows provided by Sony Corporation is Image Management Software. The installer of PlayMemories Home for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the...

7.8CVSS7.7AI score0.01027EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/13 12:0 a.m.66 views

JVN#22536871: QQQ SYSTEMS vulnerable to arbitrary command injection

QQQ SYSTEMS provided by Gundam Cult QQQ is a perl CGI script to create quiz pages. QQQ SYSTEMS contains an OS command injection vulnerability CWE-78. Impact An attacker may execute an arbitrary OS command with the web server's execution privilege. Solution Consider stop using QQQ SYTEMS 2.24 Sinc...

10CVSS9.8AI score0.02703EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/13 12:0 a.m.66 views

JVN#56764650: ViX may insecurely load Dynamic Link Libraries

ViX provided by K_OKADA is a Graphics Viewer Software for Windows. ViX contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries contained in the same directory as an image file CWE-427. Impact Arbitrary code may be executed with the privileges of the...

7.8CVSS7.7AI score0.00961EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/01/19 12:0 a.m.66 views

JVN#26200083: GroupSession vulnerable to open redirect

GroupSession provided by Japan Total System Co.,Ltd. is an open source groupware. GroupSession contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted page, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishi...

6.1CVSS6.2AI score0.00769EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/21 12:0 a.m.66 views

JVN#08517069: The installer of Media Go and Music Center for PC may insecurely load Dynamic Link Libraries

Media Go and Music Center for PC provided by Sony Group are file management tools. The installer of Media Go and Music Center for PC contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the...

9.3CVSS7.6AI score0.01029EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/21 12:0 a.m.66 views

JVN#63564682: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Denial-of-service DoS vulnerability in the application menu's edit function CWE-20 - CVE-2017-2254 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H| Base Score: 5.5 CVSS...

6.1CVSS5.5AI score0.01326EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/03/02 12:0 a.m.66 views

JVN#46830433: Multiple I-O DATA network camera products multiple vulnerabilities

Multiple network camera products provided by I-O DATA DEVICE, INC. contain multiple vulnerabilities listed below. HTTP header injection CWE-113 - CVE-2017-2111 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7 CVSS v2|...

8.8CVSS8.5AI score0.01664EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/20 12:0 a.m.66 views

JVN#07710476: Apache Struts 2 vulnerable to remote code execution

Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating Java web applications. Web applications that are developed using Apache Struts 2 REST Plugin contain a remote code execution vulnerability. Note that the exploit code for this vulnerability is publicly...

9.8CVSS9.8AI score0.17171EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/02/12 12:0 a.m.66 views

JVN#09470767 Apache Tomcat fails to properly handle cookie value

Apache Tomcat from the Apache Software Foundation is a web container that implements both Java Servlets and JavaServer Pages. Apache Tomcat from the Apache Software Foundation contains a vulnerability that could allow a remote attacker to coerce a crafted cookie to a user's web browser. The...

5CVSS4.8AI score0.62575EPSS
Exploits5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/11/14 12:0 a.m.65 views

JVN#54728399: TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation

The past versions of TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java Rich are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability. According to the developer, this vulnerability is caused by ...

7.8CVSS7.8AI score0.00407EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/05/10 12:0 a.m.65 views

JVN#97554111: EC-CUBE vulnerable to cross-site scripting

EC-CUBE provided by EC-CUBE CO.,LTD. contains a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by executing a specific operation on the management page of EC-CUBE. As of 2021 May 10, an attack exploting this vulnerability has been observed in the wild. Impact If a...

6.1CVSS6AI score0.02308EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/07/28 12:0 a.m.65 views

JVN#48194211: Multiple vulnerabilities in KonaWiki2 and KonaWiki3

KonaWiki2 and KonaWiki3 are lightweight wiki clones that support Japanese wiki notation. KonaWiki2 and KonaWiki3 contain multiple vulnerabilities listed below. KonaWiki2 Cross-site Scripting CWE-79 - CVE-2020-5612 Version| Vector| Score ---|---|--- CVSS v3|...

6.1CVSS6.1AI score0.02212EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/11 12:0 a.m.65 views

JVN#27137002: IIJ SmartKey App for Android vulnerable to authentication bypass

IIJ SmartKey App for Android provided by Internet Initiative Japan Inc. is an application that enables two-step authentication two-factor authentication for a website from an Android device. IIJ SmartKey App for Android contains an authentication bypass vulnerability CWE-287. Impact An attacker m...

7.5CVSS7.6AI score0.01622EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/13 12:0 a.m.65 views

JVN#92259864: TinyFTP Daemon vulnerable to buffer overflow

TinyFTP Daemon provided by Hisayuki Nomura is a FTP File Transfer Protocol server. TinyFTP Daemon contains a buffer overflow vulnerability CWE-121. Impact An attacker may be able to cause a denial-of-service DoS condition or execute arbitrary code. Solution Consider stop using Tiny FTP Daemon...

10CVSS9.6AI score0.0323EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/13 12:0 a.m.65 views

JVN#29602086: CS-Cart Japanese Edition vulnerable to cross-site scripting

CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition contains a cross-site scripting vulnerabulity CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

5.4CVSS5.4AI score0.00538EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/06 12:0 a.m.65 views

JVN#87886530: I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)

LAN DISK Connect provided by I-O DATA DEVICE, INC. contains a denial-of-service DoS vulnerability CWE-119 due to a flaw in processing certain packets. Impact Receiving a specially crafted packet may result in a denial-of-service DoS condition. Solution Update the Firmware Apply the latest firmwar...

7.5CVSS7.4AI score0.01234EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/11 12:0 a.m.65 views

JVN#57205588: Installer of FENCE-Explorer may insecurely load Dynamic Link Libraries and invoke executable files

FENCE-Explorer provided by FUJITSU BROAD SOLUTION & CONSULTING Inc. is a tool to view and edit a file in "FENCE Briefcase" which is created by FENCE-Pro and other FENCE series software. Installer of FENCE-Explorer contains an issue with the search path for DLL/executable files, which may lead to...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/24 12:0 a.m.65 views

JVN#74247807: Multiple cross-site scripting vulnerabilities in ScreenOS

ScreenOS provided by Juniper Networks contains multiple cross-site scripting vulnerabilities. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...

9.6CVSS6.2AI score0.01194EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/08/20 12:0 a.m.65 views

JVN#17611367: Apache Tapestry deserializes untrusted data

Apache Tapestry is a framework for creating Java web applications. Apache Tapestry contains an interface where client side serialized data sent to the server is deserialized after it is received by the server. This data serialization / deserialization process does not contain data validation...

7.8CVSS6.8AI score0.09598EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/05/11 12:0 a.m.64 views

JVN#83671755: KINEPASS App fails to verify SSL server certificates

KINEPASS App provided by T・JOY CO.,LTD fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by the developer...

5.9CVSS5.3AI score0.00873EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/04/17 12:0 a.m.64 views

JVN#52695336: EC-CUBE vulnerable to session fixation

EC-CUBE provided by LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a session fixation vulnerability CWE-384. Impact A remote attacker impersonating a logged in user may perform an unintended operation with the user's privilege. Solution Update the Softwa...

8.1CVSS8AI score0.01525EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/29 12:0 a.m.64 views

JVN#93397125: Multiple vulnerabilities in WZR-1750DHP2

WZR-1750DHP2 provided by BUFFALO INC. is a wireless LAN router. WXR-1900DHP2 contains multiple vulnerabilities listed below. Missing Authentication for Critical Function CWE-306 - CVE-2018-0554 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score:...

9.3CVSS9.1AI score0.01585EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/27 12:0 a.m.64 views

JVN#43382653: iRemoconWiFi App for Android fails to verify SSL server certificates

iRemoconWiFi App for Android provided by Glamo Inc. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by th...

7.4CVSS7.2AI score0.00536EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/01/30 12:0 a.m.64 views

JVN#30636823: WordPress plugin "WP Retina 2x" vulnerable to cross-site scripting

The WordPress plugin "WP Retina 2x" contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the developer. Products Affected ...

6.1CVSS6AI score0.00918EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/01/19 12:0 a.m.64 views

JVN#10103841: Nootka App for Android vulnerable to OS command injection

Nootka App for Android provided by SeeLook contains an OS command injection vulnerability CWE-78. Impact A remote attacker may execute an arbitrary OS command. Solution Update the Application Update to the latest version according to the information provided by the developer. Products Affected...

10CVSS9.6AI score0.02277EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/12 12:0 a.m.64 views

JVN#68922465: Backdoor access issue in Wi-Fi STATION L-02F

Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. contains a backdoor access issue. Impact An unauthenticated remote attacker may access the device with the administrative privilege and perform an unintended operation. The reporter has conducted a test and confirmed that an attacker can log in to...

10CVSS9.8AI score0.02846EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.64 views

JVN#87540575: Installer of Optimal Guard may insecurely load Dynamic Link Libraries

Installer of Optimal Guard provided by OPTiM Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest installer...

9.3CVSS7.6AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/24 12:0 a.m.64 views

JVN#23340457: Multiple vulnerabilities in WebCalendar

WebCalendar provided by k5n.us contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-10840 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Directory...

6.1CVSS6.1AI score0.02353EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/24 12:0 a.m.64 views

JVN#92921024: WordPress plugin "Popup Maker" vulnerable to cross-site scripting

The WordPress plugin "Popup Maker" provided by Popup Maker contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the...

6.1CVSS6AI score0.01634EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/04/18 12:0 a.m.64 views

JVN#08740778: NETGEAR ProSAFE Plus Configuration Utility vulnerable to improper access control

ProSAFE Plus Configuration Utility provided by NETGEAR is a Windows application to configure and manage NETGEAR's ProSAFE Plus and Click Switches. An operator uses the utility to login and configure NETGEAR switches. When the utility is invoked, it starts listening on a certain port for SOAP...

4.3CVSS4.1AI score0.01261EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/04/07 12:0 a.m.64 views

JVN#64451600: Tablacus Explorer vulnerable to script injection

Tablacus Explorer is a tabbled file manager. Tablacus Explorer contains a script injection vulnerability due to improper handling of directory names. Impact When a user accesses a crafted directory, an arbitrary script may be executed on Tablacus Explorer. As a result, an arbitrary OS command may...

8.8CVSS8.8AI score0.0137EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2013/09/06 12:0 a.m.64 views

JVN#33504150: Apache Struts vulnerable to remote command execution

Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a remote command execution vulnerability. This issue is the same issue that the developer published as S2-016 on July 16, 2013 Note that attacks leveraging...

9.8CVSS8.9AI score0.99998EPSS
Exploits18
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/07/06 12:0 a.m.64 views

JVN#03582364: YY-BOARD vulnerable to cross-site scripting

YY-BOARD is a bulletin-board software. YY-BOARD contains a vulnerability in handling web form entries, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS6.2AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/08/25 12:0 a.m.63 views

JVN#50890770: Apache Struts 2 vulnerable to denial-of-service (DoS)

Apache Struts 2 provided by The Apache Software Foundation contains a denial-of-service DoS vulnerability CWE-400. Impact An attacker may be able to cause a denial-of-service DoS. Solution Update the Software Update to the latest version according to the information provided by the developer Appl...

7.5CVSS8.2AI score0.68761EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/04/23 12:0 a.m.63 views

JVN#93064451: Multiple SHARP Android devices vulnerable to information disclosure

Multiple SHARP Android devices contain an information disclosure vulnerability CWE-200. Impact Sensitive information of the device may be obtained by the other android application installed in the device. Solution Update the Firmware Update the firmware to the latest version according to the...

7.5CVSS7.2AI score0.01203EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/06/30 12:0 a.m.63 views

JVN#23389212: Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice may insecurely load Dynamic Link Libraries

Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the...

9.3CVSS7.7AI score0.0108EPSS
Exploits0
Total number of security vulnerabilities5000