Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/31 6:43 a.m.•3 views

FileMaker Pro vulnerable to cross-site scripting

Overview FileMaker Pro contains an "Instant Web Publishing" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Upgrade the software Upgrade to the latest version according to the...

4.3CVSS6.8AI score0.01792EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/29 6:19 a.m.•3 views

Sleipnir Mobile for Android vulnerable to address bar spoofing

Overview Sleipnir Mobile for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...

5.8CVSS6.5AI score0.01528EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/27 6:4 a.m.•3 views

Yahoo! Browser vulnerable to address bar spoofing

Overview Yahoo! Browser contains an issue in displaying URL, which may result in the address bar being spoofed. Note that this vulnerability is different from JVN55074201. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.8CVSS6.5AI score0.01516EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/20 6:16 a.m.•3 views

Cross-site scripting vulnerability in the web2py social bookmarking widget

Overview The social bookmarking widget share.js in web2py contains a cross-site scripting vulnerability. web2py is a framework for creating and designing web applications. The social bookmarking widget in web2py contains a cross-site scripting vulnerability. Yuji Kosuga of Everforth Co., Ltd...

4.3CVSS6AI score0.0118EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/26 6:50 a.m.•3 views

Yahoo! Browser vulnerable to address bar spoofing

Overview Yahoo! Browser contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact This...

5.8CVSS6.5AI score0.0146EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/26 4:36 a.m.•3 views

ArtIME Japanese Input vulnerable to information disclosure

Overview ArtIME Japanese Input contains an issue in the access permissions for the certain files. ArtIME Japanese Input is a Japanese Input Method Editor IME for Android devices. ArtIME Japanese Input contains an issue in the access permissions for the certain files. Gaku Mochizuki of Mitsui Buss...

5CVSS6.5AI score0.00982EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:32 a.m.•3 views

VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima...

6.8CVSS6.5AI score0.02614EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:30 a.m.•3 views

VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories...

6.8CVSS6.5AI score0.02176EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/07 5:13 a.m.•3 views

Multiple Cisco products vulnerable to denial-of-service (DoS)

Overview The SSH implementation in multiple Cisco products contains a denial-of-service DoS vulnerability. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

7.8CVSS6.7AI score0.01553EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/26 5:45 a.m.•3 views

Multiple JustSystems products vulnerable to arbitrary code execution

Overview Multiple products provided by JustSystems Corporation contain a vulnerability that may allow arbitrary code execution. For more information, refer to the information provided by the developer. Impact Opening a file may cause arbitrary code to be executed with the privilege of the running...

9.3CVSS7.6AI score0.03815EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/15 5:29 a.m.•3 views

3DM (3ware Disk Manager) vulnerable to directory traversal

Overview 3DM 3ware Disk Manager contains a directory traversal vulnerability. 3DM provided by LSI is a software to manage a RAID controller. 3DM contains a directory traversal vulnerability. yamaguchi tsuyoshi of Digiplate.inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5CVSS6.8AI score0.01854EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/14 5:15 a.m.•3 views

GREE for Android vulnerable to directory traversal

Overview GREE for Android contains a directory traversal vulnerability. GREE for Android contains an issue in handling URL inputs, which may result in a directory traversal vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS6.5AI score0.01368EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/01/18 4:36 a.m.•3 views

Documents Pro (formerly Files HD) vulnerable to cross-site scripting

Overview Documents Pro provided by Olive Toast Software Ltd. contains a cross-site scripting vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd. report...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/14 6:7 a.m.•3 views

Multiple Android devices vulnerable to denial-of-service (DoS)

Overview Multiple Android devices contains a denial-of-service DoS vulnerability. Multiple Android devices contain an issue when referencing specific system area, which may lead to a denial-of-service DoS. Tsukasa Oi of Fourteenforty Research Institue, Inc. reported this vulnerability to IPA...

5.4CVSS6.5AI score
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 5:0 a.m.•3 views

Opera address bar spoofing vulnerability

Overview Opera contains a vulnerability where the URL displayed in the address bar may be spoofed. Opera contains a vulnerability where certain characters may be displayed in the address bar, causing 2 URLs to potentially be indistinguishable from each other. Masahiro Yamada reported this...

5CVSS6.5AI score0.01318EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 4:57 a.m.•3 views

Adobe Reader fails to properly handle signatures

Overview Adobe Reader fails to properly handle RSA signatures. Adobe Reader contains an issue where it may fail to properly verify RSA signatures. Masahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5CVSS7.3AI score0.04894EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/10 6:5 a.m.•3 views

Cross-site Scripting Vulnerability in JP1/Integrated Management - Service Support

Overview A cross-site scripting vulnerability was found in JP1/Integrated Management - Service Support. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate...

3.5CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/30 5:53 a.m.•3 views

Multiple web browsers vulnerable in processing Tranfer-Encoding header

Overview Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. When viewing a malicious web site through a proxy server, part of the HTTP response may be misidentified as ...

2.6CVSS6.6AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:19 a.m.•3 views

YY-BOARD vulnerable to cross-site scripting

Overview YY-BOARD contains a cross-site scripting vulnerability. YY-BOARD is a bulletin-board software. YY-BOARD contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 5:0 a.m.•3 views

SmallPICT vulnerable to cross-site scripting

Overview SmallPICT contains a cross-site scripting vulnerability. SmallPICT is a bulletin-board software. SmallPICT contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/05 5:4 a.m.•3 views

@WEB ShoppingCart vulnerable to cross-site scripting

Overview @WEB ShoppingCart contains a cross-site scripting vulnerability. @WEB ShoppingCart provided by WEBLOGIC CORPORATION. is a system for creating shopping websites. @WEB ShoppingCart contains a cross-site scripting vulnerability. Yoshinori Matsumoto of Kobe Digital Labo.,Inc reported this...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:50 a.m.•3 views

Logitec LAN-W300N/R series fails to restrict access permissions

Overview Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. The LAN-W300N/R series are wireless LAN routers. Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. Jin Sawada, Keisuke Okazaki, Naoto Katsumi of Security...

10CVSS6.5AI score0.05867EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/21 4:56 a.m.•3 views

iLunascape for Android vulnerable in the WebView class

Overview iLunascape for Android contains a vulnerability in the WebView class. iLunascape for Android is a web browser for Android devices. iLunascape for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to...

5CVSS6.5AI score0.01513EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:53 a.m.•3 views

WEB MART from KENT-WEB vulnerable to cross-site scripting

Overview WEB MART provided by KENT-WEB contains a cross-site scripting vulnerability. WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability when using Microsoft IE's CSS expressions, which may result in cross-site scripting. Isayama Takayoshi ...

4.3CVSS5.8AI score0.01783EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 5:3 a.m.•3 views

Dokodemo Rikunabi 2013 vulnerable to cross-site scripting

Overview Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Dokodemo Rikunabi 2013 is an extension for Google Chrome. Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Kazuhiko Kusano of Graduate School of Information Sciences,Tohoku University reported this...

5.8CVSS6.1AI score0.01968EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/19 5:31 a.m.•3 views

Janetter vulnerable to cross-site request forgery

Overview Janetter contains a cross-site request forgery vulnerability. Janetter is a client software for using Twitter. Janetter contains a cross-site request forgery vulnerability. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University reported this vulnerability to IPA...

6.8CVSS6.7AI score0.00814EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/19 3:4 a.m.•3 views

JP1/Cm2/Network Node Manager i Denial of Service (DoS) Vulnerability

Overview JP1/Cm2/Network Node Manager i NNMi contains vulnerabilities could allow a remote attacker to cause a denial of service DoS condition or execute arbitrary code. Impact A remote attacker could cause a denial of service DoS condition or execute arbitrary code. Solution Please refer to the...

7.8CVSS7.4AI score0.02929EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/09 5:35 a.m.•3 views

Jenkins vulnerable to cross-site scripting

Overview Jenkins contains a cross-site scripting vulnerability. Jenkins is a continuous integration CI tool. Note that this vulnerability is different from JVN14791558. Minoru Sakai of SCSK Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

4.3CVSS6.1AI score0.01137EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/09 5:18 a.m.•3 views

SquirrelMail plugin Autocomplete vulnerable to cross-site scripting

Overview The SquirrelMail plugin Autocomplete contains a cross-site scripting vulnerability. The Autocomplete plugin in SquirrelMail searches for registered email addresses in user contacts as the user types into specific fields. The Autocomplete plugin contains a cross-site scripting...

4.3CVSS6AI score0.01443EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/05 6:50 a.m.•3 views

ES File Explorer fails to restrict access permissions

Overview ES File Explorer provided by EStrongs, Inc. contains an issue where access permissions are not restricted. ES File Explorer provided by EStrongs Inc. is a file and application manager. ES File Explorer contains an issue where access permissions are not restricted. Shiongu of satoweb and...

4.3CVSS6.4AI score0.01054EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/22 5:44 a.m.•3 views

Multiple COOKPAD applications for Android vulnerable in WebView class

Overview Multiple COOKPAD applications for Android contain a vulnerability in WebView class. Cookpad and Cookpad Noseru provided by COOKPAD Inc. are Android applications to search or post recipes. Cookpad and Cookpad Noseru contain a vulnerability in WebView class. Gaku Mochizuki of Mitsui Bussan...

5CVSS6.6AI score0.01496EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/12/06 7:49 a.m.•3 views

PowerChute Business Edition vulnerable to cross-site scripting

Overview PowerChute Business Edition contains a cross-site scripting vulnerability. PowerChute Business Edition from Schneider Electric is a power management software. PowerChute Business Edition contains a cross-site scripting vulnerability. Jun Okada of GLOBAL TECHNOLOGY CORPORATION reported th...

4.3CVSS6AI score0.00921EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/21 9:23 a.m.•3 views

Nikki vulnerable to OS command injection

Overview Nikki from HP no Mawashimono contains an OS command injection vulnerability. Nikki from HP no Mawashimono is a CGI software for posting diary entries. Nikki contains an OS command injection vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the...

7.5CVSS7.3AI score0.02262EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/21 9:22 a.m.•3 views

Nikki vulnerable to directory traversal

Overview Nikki from HP no Mawashimono contains a directory traversal vulnerability. Nikki from HP no Mawashimono is CGI software for posting diary entries. Nikki contains a directory traversal vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

7.5CVSS6.8AI score0.0174EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/08 9:25 a.m.•3 views

Iwate Portal Bar vulnerable to arbitrary script execution

Overview Iwate Portal Bar is vulnerable to arbitrary script execution. Iwate Portal Bar is an add-on to Internet Explorer that adds a toolbar and provides multiple functions. The RSS/Atom feed reader function in Iwate Portal Bar is vulnerable to arbitrary script execution due to the improper...

4.3CVSS7AI score0.0098EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 8:49 a.m.•3 views

Touhou Hisouten vulnerable to denial-of-service

Overview Touhou Hisouten from Twilight Frontier contains a denial-of-service DoS vulnerability. Touhou Hisouten from Twilight Frontier is a video game which has an online match mode. Touhou Hisouten contains an issue when processing network traffic, which may result in a denial-of-service DoS. Yu...

5CVSS6.6AI score0.01409EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 8:39 a.m.•3 views

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS7.5AI score0.02343EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/11 10:27 a.m.•3 views

WEB FORUM vulnerable to cross-site scripting

Overview WEB FORUM provided by KENT-WEB contains a cross-site scripting vulnerability. WEB FORUM provided by KENT-WEB is a bulletin board software. WEB FORUM contains a vulnerability in handling cookies, which may result in cross-site scripting. ISHIBASHI,Tsuyoshi of Mitsui Bussan Secure...

4.3CVSS5.8AI score0.01656EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/09/02 10:19 a.m.•3 views

Sage vulnerable to arbitrary script execution

Overview Sage is vulnerable to arbitrary script execution. Note that this vulnerability is different from JVN30221194. Sage is an addon for Mozilla Firefox that adds an RSS/Atom feed reader. Sage is vulnerable to arbitrary script execution due to the improper processing during HTML page output...

9.3CVSS6.8AI score0.0339EPSS
Exploits1References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/10 8:17 a.m.•3 views

Windows URL Protocol Handler may insecurely load executable files

Overview Windows URL Protocol Handler may use unsafe methods for determining how to load executable .exe files. Windows URL Protocol Handler loads a specified executable for each protocol. Windows URL Protocol Handler contains an issue with the file search path, which may insecurely load executab...

9.3CVSS7.5AI score0.3434EPSS
Exploits5References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/15 7:27 a.m.•3 views

Google Search Appliance vulnerable to cross-site scripting

Overview Google Search Appliance provided by Google contains a cross-site scripting vulnerability. Google Search Appliance from Google is a product that provides searching services for an intranet service or a website. Google Search Appliance contains a cross-site scripting vulnerability. Yosuke...

4.3CVSS6.1AI score0.00489EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/29 8:55 a.m.•3 views

Accela BizSearch Standard Search Page Cross-Site Scripting Vulnerability

Overview The standard search page of Accela BizSearch contains a cross-site scripting vulnerability. Impact By setting up a fraudulent website that exploits an XSS vulnerability of the Accela BizSearch's standard search page the "targeted website" via the Internet, a remote attacker could execute...

4.3CVSS6.6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/20 6:37 a.m.•3 views

WeblyGo vulnerable to cross-site scripting

Overview WeblyGo provided by KAWAI BUSINESS SOFTWARE CO., LTD. KBS contains a cross-site scripting vulnerability. WeblyGo is a groupware provided by KAWAI BUSINESS SOFTWARE CO., LTD. KBS. WeblyGo contains a cross-site scripting vulnerability. Yoshihiro Ishikawa of LAC reported this vulnerability ...

4.3CVSS6.1AI score0.01086EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/16 3:28 a.m.•3 views

Microsoft MSXML vulnerability in HTTP request processing

Overview MSXML provided by Microsoft contains a vulnerability in the processing of HTTP requests. MSXML provided by Microsoft contains a vulnerability where HTTP requests for XMLHTTP objects are not processed properly. As a result, when going through a proxy server, information may be sent to...

4.3CVSS6.8AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/16 3:25 a.m.•3 views

Microsoft Outlook read receipt function vulnerability

Overview Microsoft Outlook contains a vulnerability in the read receipt function. Microsoft Outlook contains a vulnerability in the read receipt function. A read receipt may be sent unintentionally, notifying the sender that the email was received. Ayako Kozakai of NTT DATA SECURITY CORPORATION...

2.6CVSS6.4AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/05/19 7:49 a.m.•3 views

iVIEW Suite vulnerable to SQL injection

Overview iVIEW Suite from RADVISION contains a SQL injection vulnerability. iVIEW Suite provided by RADVISION is a software to manage video conference systems in SCOPIA. iVIEW Suite contains a SQL injection vulnerability. Hirofumi Oka of NRI SecureTechnologies,Ltd. reported this vulnerability to...

7.5CVSS7.6AI score0.01258EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/05/10 11:37 p.m.•3 views

Multiple Buffalo routers vulnerable to cross-site request forgery

Overview Multiple routers provided by Buffalo contain a cross-site request forgery vulnerability. Multiple routers provided by Buffalo have a management screen that allows users to modify settings. These routers contain a cross-site request forgery vulnerability due to an issue in the management...

5.8CVSS6.7AI score0.00475EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/04/08 5:9 a.m.•3 views

Password Vault Web Access vulnerable to cross-site scripting

Overview Password Vault Web Access PVWA provided by Cyber-Ark Software, Ltd. contains a cross-site scripting vulnerability. Password Vault Web Access PVWA is a module in the Privileged Identity Management Suite that allows access via a web portal. PVWA contains a cross-site scripting vulnerabilit...

4.3CVSS5.9AI score0.01053EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/04/01 6:52 a.m.•3 views

Hitachi Tuning Manager Software Cross-Site Scripting Vulnerability

Overview Hitachi Tuning Manager Software contains a cross-site scripting vulnerability. Impact A remote attacker could make a user execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/03/27 11:11 p.m.•3 views

Picasa may insecurely load executable files

Overview Picasa may use unsafe methods for determining how to load executables .exe Picasa is a software for viewing and managing photos. Picasa loads certain executables when using the "Locate on Disk" function. Picasa contains an issue with the file search path, which may insecurely load...

6.9CVSS7.5AI score0.0032EPSS
Exploits1References8
Total number of security vulnerabilities5000