Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

phpAdsNew cross-site scripting vulnerability

Overview phpAdsNew, an open source web advertising management system, contains a cross-site scripting vulnerability. Note that phpAdsNew is now called "Openads." The products listed below use the same module as phpAdsNew thus they are also affected by the vulnerability. - phpPgAds 2.0.9-pr1 and...

6.8CVSS6.1AI score0.01433EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables

Overview CCC Cleaner, provided from Cyber Clean Center between January 25 and March 12, 2007, contains a division-by-zero vulnerability that occurs when it scans UPX-packed executables. This vulnerability is caused by the "Antivirus UPX Parsing Kernel Buffer Overflow Vulnerability" on TrendMicro'...

7.8CVSS7.1AI score0.02525EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

NewsGlue and Ikinari Jijyoutsuu arbitrary script execution vulnerability

Overview NewsGlue and Ikinari Jijyoutsuu are RSS readers. An arbitrary script embedded in RSS feeds could be executed in either of the RSS readers, as they fail to handle the output of RSS information properly. Impact An arbitrary script could be executed in NewsGlue or Ikinari Jijyoutsuu...

6.4CVSS6.5AI score0.01263EPSS
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Canon Network Camera Server VB100 Series vulnerable to cross-site scripting

Overview Canon Network Camera Server VB100 Series contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed in the camera server management screen. Solution None...

4.3CVSS6.3AI score0.01233EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Lunascape RSS reader arbitrary script execution vulnerability

Overview A vulnerability exists in the web browser Lunascape's RSS reader. An arbitrary script embedded in RSS feeds could be executed as the output of RSS information is not properly handled. Impact Arbitrary JavaScript could be executed within Lunascape's RSS reader. Solution None...

4.3CVSS6.7AI score0.01263EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

dotProject cross-site scripting vulnerability

Overview dotProject, an open source project management tool, contains a cross-site scripting vulnerability. This vulnerability is different from JVN97636431. Impact An arbitrary script may be executed on the user's web browser. In particular, if session information from a cookie is leaked, sessio...

4.3CVSS6.1AI score0.01263EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Internet Explorer vulnerable in MHTML handling

Overview Internet Explorer is vulnerable in handling MHTML MIME Encapsulation of Aggregate HTML protocol, which allows an arbitrary script execution. When Internet Explorer accesses a website with the MHTML protocol, Internet Explorer processes the contents as MHTML data, ignoring their actual...

4.3CVSS6.8AI score0.2504EPSS
Exploits1References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

sHTTPd cross-site scripting vulnerability

Overview sHTTPd, from Uchu Ninja Neko-dan, contains a cross-site scripting vulnerability. sHTTPd from Uchu Ninja Neko-dan is a web server for Windows. sHTTPd contains a cross-site scripting vunerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the...

4.3CVSS6.3AI score0.01263EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

RaidenHTTPD cross-site scripting vulnerability

Overview RaidenHTTPD, from Sonei Information Systems TEAM JOHNLONG, contains a cross-site scripting vulnerability. RaidenHTTPD is a multipurpose web server for Windows provided by TEAM JOHNLONG. RaidenHTTPD contains a cross-site scripting vulnerability. Impact Arbitrary code could be executed on...

10CVSS6.1AI score0.05191EPSS
Exploits1References13
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Lhaca LHZ Archive Extended Header Size Processing Buffer Overflow Vulnerability

Overview Lhaca does not process an LHZ archive with an invalid Extended Header Size properly, which could lead to buffer overflow. This problem is reported to be different from the issue identified in JVNDB-2007-000492 CVE-2007-3375. Impact An attacker could execute arbitrary code. Solution Pleas...

9.3CVSS7.2AI score0.04613EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

WebCart cross-site scripting vulnerability

Overview WebCart, provided by CGI's, contains a cross-site scripting vulnerability. WebCart provided by CGI's is shopping cart software. WebCart's management interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...

6.4CVSS6.2AI score0.01263EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities

Overview The image-processing APIs in Cosminexus Developer's Kit for Java is vulnerable to buffer overflow and a Denial od Service DoS. Impact An attacker could cause a Denial of Service DoS or execute arbitrary code. Solution Please refer to the 'Vendor Information' section for official...

10CVSS7.7AI score0.0585EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page

Overview When Hitachi Web Server receives a request that contains malicious scripts, they are inserted into the server-satus page the Server automatically creates. This allows the inserted malicious scripts to be executed on the client machines. The vulnerability does not affect the product if th...

4.3CVSS7.7AI score0.27783EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Ichitaro series buffer overflow vulnerability

Overview The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN32981509 and JVN50495547. The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user ope...

9.3CVSS7.9AI score0.05741EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Hitachi JP1/File Transmission Server/FTP Authentication Bypass Vulnerability

Overview Hitachi JP1/File Transmission Server/FTP contains a vulnerability which could be exploited to bypass authentication. Impact An attacker could view the files in a certain directory. Solution Please refer to the 'Vendor Information' section for official remediation and take appropriate...

5CVSS6.8AI score0.01607EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

JP1/Cm2/Network Node Manager Arbitrary Code Execution Vulnerability

Overview Shared Trace Service in JP1/Cm2/Network Node Manager NNM is vulnerable to arbitrary code execution. Impact An attacker could execute arbitrary code. Solution Please refer to the 'Vendor Information' section for the vendor recommended workaround...

6.8CVSS8AI score0.02473EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Cosminexus Application Server Incorrect Group Permission Handling Vulnerability

Overview When a logical J2EE server or logical user server is started from Cosminexus Manager in Cosminexus Application Server, Cosminexus Manager may assign the wrong user's group permissions to an activated server process. Impact An attacker could exploit the vulnerability to obtain...

4.6CVSS6.7AI score0.00306EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

LHa Vuffer Overflow Vulnerability in Testing and Extracting Process

Overview LHa for UNIX does not handle the header length information properly when testing or extracting an archive, which could lead to buffer overflow. Impact An attacker could execute arbitrary code with the privilege of the user running LHa. Solution Please refer to the 'Vendor Information'...

10CVSS7.5AI score0.10262EPSS
Exploits3References14
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•4 views

Safari allows access from HTTP to HTTPS

Overview Apple Safari contains a vulnerability that allows a remote attacker to access HTTPS content via an HTTP session. Safari is a default web browser installed in Mac OS X and iPhone. Safari contains a vulnerability that allows a remote attacker to access web page contents protected by SSL/TL...

6.8CVSS6.5AI score0.02569EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/26 12:52 a.m.•3 views

Generic IO & Memory Access driver for TOSHIBA and Dynabook PCs exposes its IOCTL with insufficient access control

Overview Generic IO & Memory Access driver is part of a utility to configure BIOS/Supervisor passwords from within Windows. This driver is installed on PCs provided by TOSHIBA CORPORATION and Dynabook Inc. between 2009 and 2016. The driver contains the following vulnerability. Exposed IOCTL with...

6.8CVSS5.8AI score0.00121EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/06/25 12:32 a.m.•3 views

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Analyzer viewpoint and Hitachi Ops Center Viewpoint

Overview Hitachi Infrastructure Analytics Advisor contains the following vulnerability: CVE-2025-48924 Hitachi Ops Center Analyzer contains the following vulnerabilities: CVE-2025-48924 Hitachi Ops Center Analyzer viewpoint contains the following vulnerability: CVE-2025-48924 Hitachi Ops Center...

8.2CVSS7AI score0.02164EPSS
Exploits4References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/24 8:56 a.m.•3 views

Apache ActiveMQ series improper validation of MQTT packets [AMQ-9810]

Overview Apache ActiveMQ series provided by The Apache Software Foundation does not properly validate the remaining length field of MQTT packets, which may lead to integer overflow and misinterpretation of MQTT packets. Integer overflow or wraparound CWE-190 - CVE-2025-66168, CVE-2026-40046 Gai...

8.8CVSS5.4AI score0.0078EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/31 6:53 a.m.•3 views

Security information for Hitachi Disk Array Systems

Overview A vulnerability exists in the firmware replacement function of Hitachi Disk Array Systems that involves improper input validation. CVE-2025-0824 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' sectio...

3.7CVSS5.9AI score0.00083EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/31 6:53 a.m.•3 views

Security information for Hitachi Disk Array Systems

Overview A vulnerability exists in the management gui maintenance utility of Hitachi Disk Array Systems that involves improper authorization vulnerability. CVE-2025-2902 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...

8.3CVSS5.9AI score0.00195EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/12 8:22 a.m.•3 views

Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1

Overview MR-GM5L-S1 and MR-GM5A-L1 provided by Micro Research Ltd. contain multiple vulnerabilities listed below. Code injection CWE-94 - CVE-2026-20892 Use of hard-coded credentials CWE-798 - CVE-2026-24448 Authentication bypass using an alternate path or channel CWE-288 - CVE-2026-27842 Chuya...

9.8CVSS7.5AI score0.00567EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/02/26 2:2 a.m.•3 views

Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager

Overview Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager contain a vulnerability CVE-2025-5781 that may allow session tokens to be stored. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...

5.2CVSS5.9AI score0.00098EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/12/17 4:4 a.m.•3 views

GROWI vulnerable to cross-site request forgery

Overview GROWI provided by GROWI, Inc. contains the following vulnerability. Cross-site request forgery CWE-352 - CVE-2025-64700 GROWI, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and GROWI, Inc. coordinated under the Information Security...

5.1CVSS6.6AI score0.00112EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/12/17 2:28 a.m.•3 views

Multiple vulnerabilities in CHOCO TEI WATCHER mini

Overview CHOCO TEI WATCHER mini provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below. Clickjacking CWE-1021 - CVE-2025-59479 Improper check for unusual conditions CWE-754 - CVE-2025-61976 Improper check for unusual conditions CWE-754 - CVE-2025-66357 JTEKT...

8.7CVSS6.7AI score0.00362EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/12/16 6:31 a.m.•3 views

SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow

Overview Web Config is software installed on multiple SEIKO EPSON printers which allows users to check the status and change the settings via a web browser. Web Config contains the following vulnerability. Stack-based buffer overflow CWE-121 - CVE-2025-66635 Shogo Iyota of GMO Cybersecurity by...

8.6CVSS7.5AI score0.00491EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/12/09 8:16 a.m.•3 views

ELECOM Clone for Windows registers a Windows service with an unquoted file path

Overview Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. Clone for Windows provided by ELECOM CO.,LTD. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2025-66271 Kazuma Matsumoto of GMO Cybersecurity by IERA...

8.4CVSS7AI score0.00135EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/10/29 5:17 a.m.•3 views

Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries

Overview The installer of WTW EAGLE for Windows provided by Wireless Tsukamoto Co., Ltd. contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2025-62776 Kazuma Matsumoto of GMO...

8.4CVSS6.8AI score0.00146EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/10/20 7:17 a.m.•3 views

Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel

Overview Lanscope Endpoint Manager On-Premises provided by MOTEX Inc. contains the following vulnerability. Improper verification of source of a communication channel CWE-940 - CVE-2025-61932 MOTEX Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...

9.8CVSS7.4AI score0.02689EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/09/02 5:20 a.m.•3 views

"Gunosy" App vulnerable to insertion of sensitive information into sent data

Overview "Gunosy" App provided by Gunosy Inc. contains the following vulnerability. Insertion of sensitive information into sent data CWE-201 - CVE-2025-44017 YUNAO ZHOU of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5.1CVSS6.4AI score0.00212EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/09/01 6:22 a.m.•3 views

Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series

Overview A vulnerability that could allow a Denial-of-Service DoS is reported in the Konica Minolta bizhub series. Konica Minolta bizhub series provided by Konica Minolta, Inc. contains the following vulnerability. Uncaught exception CWE-248 - CVE-2025-54777 Konica Minolta, Inc. reported this...

5.3CVSS6.8AI score0.00108EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/27 10:50 a.m.•3 views

Improper file access permission settings in multiple i-FILTER products

Overview Multiple i-FILTER products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 - CVE-2025-57846 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

8.5CVSS7.3AI score0.00138EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/27 5:22 a.m.•3 views

ScanSnap Manager installers vulnerable to privilege escalation

Overview ScanSnap Manager installers provided by PFU Limited contain the following vulnerability. Incorrect privilege assignment CWE-266 - CVE-2025-57797 Kazuhira Agata, Kentaro Kan, Tomoaki Kobayashi, Takayuki Tomita, Yoshiaki Yamamuro reported this vulnerability to IPA. JPCERT/CC coordinated wi...

8.5CVSS6.8AI score0.00122EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/18 4:40 a.m.•3 views

PgManage vulnerable to injection

Overview PgManage provided by Command Prompt, Inc. uses RestrictedPython module. The version of RestrictedPython module imported to PgManage contains vulnerabilities, which are inherited to PgManage CWE-477. Sho Nakatani of SecDevLab Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

7.2AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/08 6:29 a.m.•3 views

WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection

Overview Advanced Custom Fields provided by WPEngine, Inc. contains the following vulnerability. HTML injection WE-94 - CVE-2025-54940 Shogo Kumamaru of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

4.6CVSS7AI score0.00209EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/08 5:50 a.m.•3 views

Multiple SEIKO EPSON products use weak initial passwords

Overview Multiple SEIKO EPSON products contain the following vulnerability. Use of weak credentials CWE-1391 - CVE-2025-35970 The initial administrator password is easy to guess from the information available via SNMP SEIKO EPSON CORPORATION reported this vulnerability to JPCERT/CC to notify user...

8.7CVSS6.8AI score0.00448EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/06/27 12:37 a.m.•3 views

Multiple Brother driver installers for Windows vulnerable to privilege escalation

Overview Multiple Brother driver installers for Windows contain the following vulnerability. Files or directories accessible to external parties CWE-552 - CVE-2025-49797 Julian Horoszkiewicz of Eviden reported this vulnerability to the developer. JPCERT/CC coordinated between the reporter and the...

8.5CVSS7AI score0.00147EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/06/18 4:42 a.m.•3 views

KCM3100 vulnerable to authentication bypass using an alternate path or channel

Overview KCM3100 provided by KAON is a Wi-Fi enabled gateway. KCM3100 contains the following vulnerability. Authentication bypass using an alternate path or channel CWE-288 - CVE-2025-51381 Namihiko Matsumura reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

9.8CVSS6.8AI score0.00631EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/06/13 7:9 a.m.•3 views

Multiple vulnerabilities in RICOH Streamline NX PC Client

Overview RICOH Streamline NX PC Client provided by Ricoh Company, Ltd. contains multiple vulnerabilities listed below. External control of file name or path CWE-73 - CVE-2025-36506 Path traversal CWE-22 - CVE-2025-46783 Use of less trusted source CWE-348 - CVE-2025-48825 Ricoh Company, Ltd...

9.8CVSS7.2AI score0.00776EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/06/06 4:56 a.m.•3 views

Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery

Overview Multiple surveillance cameras provided by i-PRO Co., Ltd. contain the following vulnerability. Cross-Site Request Forgery CSRF CWE-352 - CVE-2025-36513 Diego Giubertoni of Nozomi Networks Inc. reported this vulnerability to i-PRO Co., Ltd. and coordinated. After the coordination was...

5.1CVSS6.4AI score0.00126EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/06/03 6:35 a.m.•3 views

TimeWorks vulnerable to path traversal

Overview The web server module of TimeWorks provided by Keiyo System Co., LTD contains the following vulnerability. Path traversal CWE-22 - CVE-2025-41428 Masamu Asato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

6.9CVSS6.7AI score0.00574EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/05/26 5:22 a.m.•3 views

Mailform Pro CGI generating error messages containing sensitive information

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains a vulnerability listed below. Generation of error message containing sensitive information CWE-209 - CVE-2025-41441 Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

9.8CVSS6.6AI score0.00935EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/05/15 9:27 a.m.•3 views

Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series'

Overview Network attached hard disk 'HDL-T Series' provided by I-O DATA DEVICE, INC. contains multiple vulnerabilities. OS command injection CWE-78 Affected when 'Remote Link3 function' is enabled CVE-2025-32002 Missing authentication for critical function CWE-306 CVE-2025-32738 Chuya Hayakawa an...

9.8CVSS8.3AI score0.01705EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/05/15 7:14 a.m.•3 views

Pgpool-II vulnerable to authentication bypass by primary weakness

Overview Pgpool-II provided by PgPool Global Development Group contains the following vulnerability. Authentication bypass by primary weakness CWE-305 - CVE-2025-46801 PgPool Global Development Group reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...

9.8CVSS6.7AI score0.00791EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/05/12 8:52 a.m.•3 views

Multiple vulnerabilities in GL-MT2500 and GL-MT2500A

Overview GL-MT2500 and GL-MT2500A provided by GL.iNet contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2024-57391 Inefficient regular expression complexity CWE-1333 - CVE-2025-2811 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to...

7.5CVSS7.5AI score0.0034EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/04/10 6:36 a.m.•3 views

Multiple vulnerabilities in BizRobo!

Overview BizRobo! is an RPA Robotic Process Automation software provided by OPEN, Inc. Users compile an automation flow using DesignStudio, a development application that runs on Windows, and create robot files. A web application Management Console is provided to schedule RPA execution and to che...

9.8CVSS7.1AI score0.84362EPSS
Exploits5References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/03/19 6:33 a.m.•3 views

Multiple vulnerabilities in home gateway HGW-BL1500HM

Overview Home gateway HGW-BL1500HM provided by KDDI CORPORATION contains multiple vulnerabilities listed below. Stored cross-site scripting in the NickName registration screen CWE-79 - CVE-2025-27567 Stored cross-site scripting in the USB storage file-sharing function CWE-79 - CVE-2025-27574 Path...

8.8CVSS6.6AI score0.00878EPSS
Exploits0References10
Total number of security vulnerabilities5000