Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Blogn cross-site scripting vulnerability

Overview Blogn, a script for the creation of blogs from R-ONE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking...

6.8CVSS6AI score0.014EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone

Overview Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone My Computer zone. Impact An arbitrary script could be executed in an inappropriate security zone. Solution None...

7.5CVSS6.8AI score0.01688EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

MailDwarf cross-site scripting vulnerability

Overview MailDwarf is a mail form CGI provided by HTML Dwarf. MailDwarf contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...

6.8CVSS6.1AI score0.01182EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

open-gorotto cross-site scripting vulnerability

Overview open-gorotto, open source software to create members-only community sites, contains a cross-site scripting vulnerability, as it does not properly handle output of usernames. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is...

4.3CVSS6.1AI score0.01707EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Shopping Basket Pro directory traversal vulnerability

Overview A directory traversal vulnerability exists in Shopping Basket Pro from CGI RESCUE. Shopping Basket Pro from CGI RESCUE is shopping cart software. A directory traversal vulnerability exists in Shopping Basket Pro. Impact A remote attacker could obtain a list of the file and directory name...

5CVSS6.9AI score0.01838EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal

Overview httpd.pl from Fuktommy.com including an HTML preprocessor contains a directory traversal vulnerability. httpd.pl, an open source web server application program from Fuktommy.com including an HTML preprocessor, contains a directory traversal vulnerability. Impact A remote attacker could,...

5CVSS6.6AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files

Overview Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files, that is, the folders and files are not visible using ordinary system tools. Some models of Sony Pocket Bit series contain Fingerprint Authentication Software. Fingerprint Authentication Software...

6.8CVSS6.6AI score0.01857EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Lhaplus buffer overflow vulnerability

Overview Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. Lhaplus, file compression/decompression software supporting multiple compression file formats, contains a buffer overflow vulnerability. If a user...

6.8CVSS8AI score0.03456EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Multiple Cybozu products vulnerable to cross-site scripting

Overview Multiple Cybozu products are vulnerable to cross-site scripting. Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN50342989. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the...

4.3CVSS6.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Apache UTF-7 Encoding Cross-Site Scripting Vulnerability

Overview The modautoindex.c module in Apache HTTP Server is vulnerable to a cross-site scripting attack. When the charset on a server-generated page is undefined, the vulnerability allows attackers to inject arbitrary scripts or HTML via the P parameter using the UTF-7 charset. Impact An attacker...

6.1CVSS6.8AI score0.26188EPSS
Exploits0References26
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Microsoft Internet Explorer address bar spoofing vulnerability

Overview Microsoft Internet Explorer contains an address bar spoofing vulnerability. A remote attacker can cause a spoofed content to be displayed in a user's web browser window. The address bar and other parts of the trust user interface can be displayed in the context of a trusted site while th...

4.3CVSS6.7AI score0.19154EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Multiple email clients vulnerable in handling an attachement inapropriately

Overview Some email clients contain a vulnerability which may crash themselves as they do not properly handle an attached file with an particular file name. Impact Actual impact could differ depending on the email clients though, email clients may crash when hadling an attached file with a...

5CVSS6.7AI score0.01814EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Wiki clone products vulnerable to denial of service attacks

Overview Wiki clones allow a user via a web browser to edit documents on the web server. Some products of Wiki clones contain a vulnerability which consumes large amounts of CPU and memory resources when handling a particular request. Impact A remote attacker could execute a DoS denial of service...

5CVSS7AI score0.01566EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

ServerView cross-site scripting vulnerability

Overview ServerView, server-monitoring software included with Fujitsu servers, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

4.3CVSS6.3AI score0.01275EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Geeklog cross-site scripting vulnerability

Overview Geeklog, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution None...

4.3CVSS6.1AI score0.01518EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

04WebServer cross-site scripting vulnerability

Overview 04WebServer, open source web server software, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

6.8CVSS6.3AI score0.01251EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Owl SQL injection vulnerability

Overview Owl, an open source document management and publishing system, contains an SQL injection vulnerability. Impact A remote attacker may modify or steal the database contents. Solution None...

7.5CVSS8AI score0.01308EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Owl cross-site scripting vulnerability

Overview Owl, an open source document management and publishing system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. As a result, web pages could be spoofed. Solution...

4.3CVSS6.2AI score0.01272EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

NEC MultiWriter 1700C web server authentication bypass vulnerability

Overview Certain NEC printers have build-in web servers. They contain a vulnerability, where unauthorized users could change the system configuration. Impact A remote attacker could change the system configuration of the printer's built-in web server. Solution None...

7.5CVSS6.9AI score0.01201EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

NEC MultiWriter 1700C/7500C FTP server vulnerability

Overview NEC printers contain a vulnerability which allow connection to external FTP servers via the printer's internal FTP server. Although the printer's FTP server can connect to a target FTP server, it cannot send files to a target FTP server. Impact A remote attacker could possibly conduct a...

7.8CVSS7AI score0.01205EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

MyODBC Japanese Conversion Edition denial of service vulnerability

Overview MyODBC is an ODBC driver that allows ODBC-compliant applications to communicate with a MySQL database. MyODBC Japanese Conversion Edition is a Windows version of the driver with additional Japanese encoding functionality released from SoftAgency. MyODBC Japanese Conversion Edition contai...

7.8CVSS6.7AI score0.01205EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Hyper NIKKI System cross-site scripting vulnerability

Overview Hyper NIKKI System hns, web log software from the Hyper NIKKI System Project, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session...

4.3CVSS6.2AI score0.01273EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Nucleus cross-site scripting vulnerability

Overview Nucleus, an open source content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the web browser of an administrator with Nucleus super-admin privilege. If session information from a cookie is leaked, an attacker could...

6.8CVSS6.1AI score0.01401EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Chama Cargo cross-site scripting vulnerability

Overview Chama Cargo, a cgi program written in perl for creating shopping websites, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution None...

6.8CVSS6.3AI score0.014EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

SugarCRM cross-site scripting vulnerability

Overview SugarCRM, open source CRM Customer Relationship Management software, contains a cross-site scripting vulnerability. This vulnerability is different from JVN30144870. Impact An arbitrary script could be executed on the user's web browser where the user logged into SugarCRM. If an attacker...

6.8CVSS6AI score0.01386EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

a-blog cross-site scripting vulnerability

Overview a-blog, a server-based blog tool from appleple, Inc. contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. If session information from a cookie is leaked, an attacker could possibly conduct session hijacking. Solution None...

4.3CVSS6.2AI score0.01824EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2008/05/20 3:0 p.m.•3 views

Trac cross-site scripting vulnerability

Overview Trac is a project management tool from Edgewall Software. InterAct Corp. provides a localized version of Trac in Japan. Trac wiki engine contains a cross-site scripting vulnerability which affects Microsoft Internet Explorer. Impact A remote attacker could possibly execute an arbitrary...

4.3CVSS6.2AI score0.01089EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/04/08 3:11 a.m.•2 views

Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM

Overview Multiple vulnerabilities have been found in JP1/IT Desktop Management 2 and JP1/NETM/DM. CVE-2025-65115:Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM CVE-2025-65116:Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM Impact...

9.8CVSS5.8AI score0.00613EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2026/03/04 1:40 a.m.•2 views

Canon IJ Scan Utility registers Windows services with unquoted file paths

Overview IJ Scan Utility provided by Canon Inc. contains the following vulnerability. Unquoted search path or element CWE-428 - CVE-2026-1585 Canon Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact A user may execute arbitrary code with SYSTEM...

8.4CVSS7.5AI score0.00119EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/27 6:13 a.m.•2 views

Multiple vulnerabilities in SS1

Overview SS1 provided by provided by DOS Co., Ltd. contains multiple vulnerabilities listed below. Inadequate encryption strength CWE-326 - CVE-2025-46409 Files or directories accessible to external parties CWE-552 - CVE-2025-52460 Incorrect permission assignment for critical resource CWE-732 -...

9.8CVSS7.7AI score0.00575EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/08/08 5:47 a.m.•2 views

Multiple vulnerabilities in Mubit Powered BLUE 870

Overview Powered BLUE 870 provided by Mubit co.,ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2025-54958 Path traversal CWE-22 - CVE-2025-54959 CVE-2025-54958 Yusuke SAKAI of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC...

6.3CVSS7.8AI score0.00826EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/07/16 4:54 a.m.•2 views

ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials

Overview ZWX-2000CSW2-HN and ZWX-2000CS2-HN provided by ZEXELON CO., LTD. contain the following vulnerability. Use of Hard-coded Credentials CWE-798 - CVE-2025-53842 This vulnerability is caused by an insufficient fix for CVE-2024-39838 JVN70666401. Hiroki Sato of Institute of Science Tokyo...

6.8CVSS6.6AI score0.00193EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/07/07 7:26 a.m.•2 views

Heap-based buffer overflow vulnerability in V-SFT and TELLUS

Overview A heap-based buffer overflow vulnerability CWE-122 exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. - CVE-2025-50130 Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact Opening V9 files or X1 file...

8.4CVSS7.5AI score0.00191EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/07/07 7:4 a.m.•2 views

Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)

Overview Trend Micro Incorporated has released a security update for Trend Micro Security for Windows CVE-2025-52521. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Arbitrary files or folders may be deleted due to a windows...

7.8CVSS6.9AI score0.00331EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/03/18 6:1 a.m.•2 views

+F FS010M vulnerable to OS command injection

Overview +F FS010M provided by FUJI SOFT INCORPORATED contains multiple OS command injection vulnerabilities listed below. OS command injection CWE-78 - CVE-2025-24306 OS command injection CWE-78 - CVE-2025-25220 Takeshi Kuramori of National Institute of Information and Communications Technology,...

8.8CVSS7.6AI score0.01011EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/02/17 9:22 a.m.•2 views

Out-of-bounds read vulnerability in Cente middleware

Overview Some products in Cente middleware TCP/IP Network Series developed by DMG MORI Digital Co., LTD. and provided by NXTech Co., Ltd. treat TCP MSS option values improperly, leading to an out-of-bounds read vulnerability CWE-125, CVE-2025-23406. DMG MORI Digital Co., LTD. reported this...

5.3CVSS6.5AI score0.00373EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/02/06 9:27 a.m.•2 views

OMRON NJ/NX series vulnerable to path traversal

Overview Machine Automation Controller NJ/NX series provided by OMRON Corporation contain a path traversal vulnerability CWE-22, CVE-2024-12083. OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact An arbitrary file in the affected product...

6.6CVSS7.2AI score0.00637EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/02/04 4:58 a.m.•2 views

WordPress Plugin "Activity Log WinterLock" vulnerable to cross-site request forgery

Overview WordPress Plugin "Activity Log WinterLock" provided by SWIT contains a cross-site request forgery vulnerability CWE-352. KENJI YOSHIKAWA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a user vie...

4.3CVSS6.5AI score0.00164EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2025/01/29 5:57 a.m.•2 views

SXF Common Library vulnerable to improper input data handling

Overview SXF Common Library provided by General Incorporated Association OCF is vulnerable to improper input data handling CWE-237. Koh M. Nakagawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a produc...

3.3CVSS6.7AI score0.00153EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/12/25 2:28 a.m.•2 views

Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element

Overview Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent for Windows that contains a fix for an uncontrolled search path element vulnerability CWE-427, CVE-2024-55955. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the...

7.3CVSS6.6AI score0.00133EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/12/17 6:23 a.m.•2 views

Authentication Bypass Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer

Overview Authentication bypass vulnerability exists in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official...

9.4CVSS6.8AI score0.00769EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/12/04 6:22 a.m.•2 views

Multiple vulnerabilities in I-O DATA routers UD-LT1 and UD-LT1/EX

Overview UD-LT1 and UD-LT1/EX provided by I-O DATA DEVICE, INC. contain multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2024-45841 OS Command Injection CWE-78 - CVE-2024-47133 Inclusion of Undocumented Features CWE-1242 - CVE-2024-52564 T...

7.5CVSS7.9AI score0.00904EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/11/29 5:42 a.m.•2 views

Multiple vulnerabilities in FUJI ELECTRIC products

Overview Multiple vulnerabilities listed below exist in the remote monitoring software 'TELLUS' and 'TELLUS Lite', and the simulator module and the remote monitoring software 'V-Server' and 'V-Server Lite' contained in the graphic editor 'V-SFT' provided by FUJI ELECTRIC CO., LTD. Multiple...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/11/27 5:36 a.m.•2 views

HAProxy vulnerable to HTTP request/response smuggling

Overview HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack CWE-444. Yuki Mogi of FFRI...

5.3CVSS6.5AI score0.01043EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/10/18 5:48 a.m.•2 views

N-LINE vulnerable to HTML injection

Overview N-LINE provided by NEUMANN CO.LTD. is an online learning management system for driving schools. N-LINE processes inputs with insufficient check CWE-94, and malicious inputs from an student's device may badly impact the instructor's screen. Ayato Shitomi of Fore-Z co.ltd reported this...

7.4CVSS6.8AI score0.00219EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/10/03 4:42 a.m.•2 views

Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Out-of-bounds write CWE-787 - CVE-2024-47134 Stack-based buffer overflow CWE-121 - CVE-2024-47135 Out-of-bounds read CWE-125 - CVE-2024-47136 Michael Heinzl reported...

7.8CVSS7.7AI score0.00296EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/09/30 6:17 a.m.•2 views

RevoWorks Cloud vulnerable to unintended process execution

Overview RevoWorks Cloud provided by J's Communication Co., Ltd. is software to build a sandbox environment isolated from a client's local environment. In the sandbox environment, the product provides the function enabling execution of web browsers and detection and blocking of unauthorized...

7.8CVSS6.5AI score0.00173EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/09/24 7:0 a.m.•2 views

Multiple NTT EAST Home GateWay/Hikari Denwa routers fail to restrict access permissions

Overview Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION fail to restrict access permissions CWE-451. Keishi Awata of logicalmixed reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5.3CVSS6.6AI score0.00428EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/08/30 5:56 a.m.•2 views

IPCOM vulnerable to information disclosure

Overview SSL Accelerator/SSL-VPN Function of IPCOM provided by Fsas Technologies Inc. contains an information disclosure vulnerability due to observable timing discrepancy CWE-208. Fsas Technologies Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/...

7.5CVSS6.2AI score0.00427EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2024/08/22 4:51 a.m.•2 views

Multiple Safie products vulnerable to improper server certificate verification

Overview Multiple Safie products are vulnerable to improper server certificate verification CWE-295. The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the...

6.8CVSS7.1AI score0.0012EPSS
Exploits0References4
Total number of security vulnerabilities5000