Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/05/10 5:49 a.m.•2 views

Installer of Electronic reception and examination of application for radio licenses Online may insecurely load Dynamic Link Libraries

Overview Installer of Electronic reception and examination of application for radio licenses Online contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the...

7.8CVSS7.1AI score0.00944EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/05/10 4:55 a.m.•2 views

CREATE SD official App for Android fails to restrict access permissions

Overview CREATE SD official App for Android provided by CREATE SD CO., LTD. implements the function to access a requested URL using an Intent. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an Intent from an arbitrary App and t...

5.8CVSS6.8AI score0.01133EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/04/02 5:18 a.m.•2 views

The installer of Microsoft Teams may insecurely load Dynamic Link Libraries

Overview The installer of Microsoft Teams contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Microsoft states that the root cause of this vulnerability is "Application Directory App Dir DLL planting", thus there is no plan to release a...

7.8CVSS7AI score0.04605EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/03/27 5:41 a.m.•2 views

PowerAct Pro Master Agent for Windows fails to restrict acess permissions

Overview PowerAct Pro Master Agent for Windows provided by OMRON SOCIAL SOLUTIONS Co.,Ltd. fails to restrict access permissions. Hosono, Akane reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user with an...

6.5CVSS6.7AI score0.01336EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/03/12 5:28 a.m.•2 views

iChain Insurance Wallet App for iOS vulnerable to directory traversal

Overview iChain Insurance Wallet App for iOS provided by iChain, Inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability CWE-22, CVE-2018-16202. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/C...

8.6CVSS6.7AI score0.03305EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/02/05 5:9 a.m.•2 views

POWER EGG vulnerability where EL expression may be executed

Overview POWER EGG provided by D-CIRCLE inc. is an integrated collaboration tool. POWER EGG contains a vulnerability where an arbitray EL expression may be executed CWE-20. Touma Hatano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

9.8CVSS7.1AI score0.01479EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/01/24 6:37 a.m.•2 views

HOUSE GATE App for iOS vulnerable to directory traversal

Overview HOUSE GATE App for iOS provided by HOUSE GATE inc. uses the old version of cordova-plugin-ionic-webview, and inherits a directory traversal vulnerability CWE-22, CVE-2018-16202. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

8.6CVSS6.8AI score0.03305EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2019/01/10 6:45 a.m.•2 views

WordPress plugin "spam-byebye" vulnerable to cross-site scripting

Overview The WordPress plugin "spam-byebye" contains a reflected cross-site scripting vulnerability CWE-79 qw3rTyTy reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

6.1CVSS5.9AI score0.00952EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/26 3:9 a.m.•2 views

Clickjacking Vulnerability in Hitachi Automation Director

Overview A Clickjacking Vulnerability was found in Hitachi Automation Director. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.3CVSS6.7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/25 7:18 a.m.•2 views

Installer of Mapping Tool may insecurely load Dynamic Link Libraries

Overview Installer of Mapping Tool provided by Japan Atomic Energy Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Takashi Sugawara reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

7.8CVSS7AI score0.00985EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/10 5:26 a.m.•2 views

Multiple vulnerabilities in Cybozu Remote Service

Overview Cybozu Remote Service provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Upload of arbitrary files in logo setting screen CWE-434 - CVE-2018-16169 Directory traversal in used device management screen CWE-22 - CVE-2018-16170 Directory traversal in client certificates...

8.8CVSS7.2AI score0.01857EPSS
Exploits0References17
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/04 7:53 a.m.•2 views

Problem with directory permissions in JP1/Operations Analytics

Overview A problem with directory permissions was found in JP1/Operations Analytics. Impact Regarding the impact of the vulnarability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5.6CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/12/04 7:53 a.m.•2 views

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor

Overview Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate acti...

4.9CVSS7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/11/27 6:26 a.m.•2 views

Multiple vulnerabilities in RICOH Interactive Whiteboard

Overview RICOH Interactive Whiteboard provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Command injection CWE-94 - CVE-2018-16184 Missing file signature - CVE-2018-16185 Hard-coded credentials for the administrator settings screen - CVE-2018-16186 The server...

10CVSS8.3AI score0.04317EPSS
Exploits0References15
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/11/14 6:38 a.m.•2 views

Multiple directory traversal vulnerabilities in Cybozu Office

Overview Cybozu Office provided by Cybozu, Inc. contains multiple directory traversal vulnerabilities below. Directory traversal vulnerability due to a flaw in processing parameter of the HTTP request CWE-22 - CVE-2018-0703 Directory traversal vulnerability due to a flaw in processing parameter...

8.6CVSS7AI score0.01947EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/11/14 6:34 a.m.•2 views

Cybozu Mailwise vulnerable to directory traversal

Overview Cybozu Mailwise provided by Cybozu, Inc. contains a directory traversal vulnerability CWE-22 due to a flaw in processing parameter of the HTTP request. Yuji Tounai reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of it...

8.6CVSS6.8AI score0.01947EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/11/02 5:56 a.m.•2 views

WordPress plugin "Event Calendar WD" vulnerable to cross-site scripting

Overview The WordPress plugin "Event Calendar WD" provided by Web-Dorado contains a stored cross-site scripting vulnerability CWE-79. Yuta Kitaoka of TokyoDenkiUniversity Cryptography Lab reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5.4CVSS5.9AI score0.01204EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/10/23 6:15 a.m.•2 views

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor

Overview Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate acti...

9.8CVSS7AI score0.04767EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/10/19 5:45 a.m.•2 views

Web Isolation vulnerable to cross-site scripting

Overview Web Isolation provided by Symantec Corporation contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update the software to the latest version according to the information provide...

6.1CVSS6AI score0.00999EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/08/22 8:11 a.m.•2 views

Path Traversal Vulnerability in Hitachi Automation Director

Overview A Path Traversal Vulnerability was found in Hitachi Automation Director. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

7.1CVSS6.7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/26 5:58 a.m.•2 views

LINE MUSIC for Android fails to verify SSL server certificates

Overview LINE MUSIC for Android provided by LINE MUSIC CORPORATION fails to verify SSL server certificates CWE-295. LINE MUSIC CORPORATION reported this vulnerability to JPCERT/CC to notify users of respective solutions through JVN. Impact A man-in-the-middle attack may allow an attacker to...

7.4CVSS6.5AI score0.00633EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/20 6:41 a.m.•2 views

WL-330NUL vulnerable to cross-site request forgery

Overview WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a cross-site request forgery vulnerability CWE-352. Masashi Sakai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

8.8CVSS6.5AI score0.00558EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/18 6:35 a.m.•2 views

Movable Type plugin MTAppjQuery vulnerable to PHP code execution

Overview MTAppjQuery provided by bit part LLC is a plugin for Movable Type. An older version PHP library Uploadify is incorporated in MTAppjQuery v1.8.1 and earlier versions and the older versions of Uploadify contains unrestricted upload of arbitrary file CWE-434, which may lead to arbitrary PHP...

9.8CVSS7.9AI score0.02409EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/12 6:4 a.m.•2 views

Multiple vulnerabilities in Aterm W300P

Overview Aterm W300P provided by NEC Corporation contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2018-0629, CVE-2018-0630, CVE-2018-0631 Buffer Overflow CWE-119 - CVE-2018-0632, CVE-2018-0633 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this...

9CVSS7.5AI score0.018EPSS
Exploits0References14
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/06 5:36 a.m.•2 views

DHC Online Shop App for Android fails to verify SSL server certificates

Overview DHC Online Shop App for Android provided by DHC Corporation fails to verify SSL server certificates. Sho Ueshima and Tsuyoshi Ogawa of SIE Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

7.4CVSS6.5AI score0.00607EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/07/03 4:42 a.m.•2 views

Installer of Glary Utilities may insecurely load Dynamic Link Libraries

Overview Installer of Glary Utilities provided by Glarysoft Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Ear...

7.8CVSS6.9AI score0.00794EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/06/13 6:11 a.m.•2 views

Local File Inclusion vulnerability in Zenphoto

Overview Zenphoto is a content management system CMS. Zenphoto contains a Local File Inclusion vulnerability. ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Sensitive information may be obtained or...

7.2CVSS7.2AI score0.01846EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/31 5:7 a.m.•2 views

Multiple vulnerabilities in Pixelpost

Overview Pixelpost provided by Pixelpost.org contains multiple vulnerabilities listed below. Arbitrary code execution - CVE-2018-0604 Cross-site scripting CWE-79 - CVE-2018-0605 SQL injection CWE-89 - CVE-2018-0606 ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the...

7.2CVSS8.9AI score0.01796EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/29 4:47 a.m.•2 views

The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely invoke an executable file

Overview The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION contains an issue with the DLL search path, which may lead to insecurely invoke an executable file...

9.3CVSS6.9AI score0.01052EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/22 5:30 a.m.•2 views

Multiple vulnerabilities in Cybozu Office

Overview Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. Information disclosure in the application "Message" when viewing an external image CWE-200 - CVE-2018-0526 Stored cross-site scripting in "E-mail Details Screen" of the application "E-mail" CWE-79 -...

6.5CVSS6.1AI score0.01069EPSS
Exploits0References26
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/17 6:18 a.m.•2 views

Multiple Microsoft Windows applications and installers may insecurely load Dynamic Link Libraries

Overview Multiple Windows applications and installers provided by Microsoft contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the same directory where applications and/or installers reside CWE-427. Microsoft states that the root cause of thi...

7.8CVSS7.2AI score0.0513EPSS
Exploits0References16
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/17 5:57 a.m.•2 views

The installer of Visual C++ Redistributable may insecurely load Dynamic Link Libraries

Overview The installer of Visual C++ Redistributable provided Microsoft contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the same directory as the installer CWE-427. Microsoft states that the root cause of this vulnerability is "Applicatio...

9.3CVSS7.1AI score0.04589EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/11 5:34 a.m.•2 views

KINEPASS App fails to verify SSL server certificates

Overview KINEPASS App provided by T-JOY CO.,LTD fails to verify SSL server certificates. Seigo Yamamoto of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow a...

5.9CVSS6.5AI score0.00873EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/11 5:34 a.m.•2 views

IIJ SmartKey App for Android vulnerable to authentication bypass

Overview IIJ SmartKey App for Android contains an authentication bypass vulnerability. IIJ SmartKey App for Android provided by Internet Initiative Japan Inc. is an application that enables two-step authentication two-factor authentication for a website from an Android device. IIJ SmartKey App fo...

7.5CVSS6.8AI score0.01622EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/10 6:30 a.m.•2 views

Access Control Vulnerability in Hitachi Infrastructure Analytics Advisor

Overview An Access Control Vulnerability was found in Hitachi Infrastructure Analytics Advisor. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate...

7.5CVSS6.7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/04/27 5:0 a.m.•2 views

WordPress plugin "Events Manager" vulnerable to cross-site scripting

Overview The WordPress plugin "Events Manager" provided by NetWebLogic contains a stored cross-site scripting vulnerability CWE-79. Daichi Takaki of Cryptography Laboratory,Department of Information and Communication Engineering,Tokyo Denki University reported this vulnerability to IPA. JPCERT/CC...

5.4CVSS5.8AI score0.01517EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/04/10 4:39 a.m.•2 views

Hatena Bookmark App for iOS contains an address bar spoofing vulnerability

Overview Hatena Bookmark App for iOS provided by Hatena Co., Ltd. contains a vulnerability where the address bar displays a different URL than the URL that is being accessed. Kenichiro Wakitani reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

6.5CVSS6.4AI score0.01017EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/03/13 7:48 a.m.•2 views

TinyFTP Daemon vulnerable to buffer overflow

Overview TinyFTP Daemon provided by Hisayuki Nomura is a FTP File Transfer Protocol server. TinyFTP Daemon contains a buffer overflow vulnerability CWE-121. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on December 5, 2017, it was judged that an...

10CVSS7.6AI score0.0323EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/03/13 7:48 a.m.•2 views

ViX may insecurely load Dynamic Link Libraries

Overview ViX provided by KOKADA is a Graphics Viewer Software for Windows. ViX contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries contained in the same directory as an image file CWE-427. During the meeting of Committee for authorizing the...

7.8CVSS6.9AI score0.00961EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/03/09 4:56 a.m.•2 views

Multiple vulnerabilities in CG-WGR1200

Overview CG-WGR1200 provided by Corega Inc is a wireless LAN router. CG-WGR1200 contains multiple vulnerabilities listed below. Buffer Overflow CWE-119 - CVE-2017-10852 Buffer Overflow CWE-78 - CVE-2017-10853 Authentication bypass CWE-306 - CVE-2017-10854 Taizoh Tsukamoto of Mitsui Bussan Secure...

8.8CVSS8.1AI score0.00868EPSS
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/03/05 6:10 a.m.•2 views

Installer of WinShot may insecurely load Dynamic Link Libraries

Overview Installer of WinShot contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9.3CVSS6.8AI score0.01076EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/03/05 5:7 a.m.•2 views

Installer of JTrim may insecurely load Dynamic Link Libraries

Overview Installer of JTrim contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9.3CVSS6.8AI score0.00925EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/02/14 5:59 a.m.•2 views

XXE Vulnerability in Hitachi Device Manager

Overview An XXE XML External Entity Vulnerability was found in Hitachi Device Manager. This vulnerability only affects the Linux cluster environment. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section fo...

7.8CVSS6.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/02/14 5:58 a.m.•2 views

Multiple Vulnerabilities in Hitachi Command Suite

Overview Multiple vulnerabilities have been found in Hitachi Command Suite. Cross-site Scripting Open Redirect Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

6.1CVSS6.8AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/02/13 6:37 a.m.•2 views

Installer of "FLET'S Azukeru Backup Tool" may insecurely load Dynamic Link Libraries

Overview "FLET'S Azukeru Backup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is software to automatically back up files in the user's computer to "FLET'S Azukeru" service. Installer of "FLET'S Azukeru Backup Tool" contains an issue with the DLL search path, which may lead to...

7.8CVSS6.8AI score0.00928EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/01/30 3:30 a.m.•2 views

WordPress plugin "WP Retina 2x" vulnerable to cross-site scripting

Overview The WordPress plugin "WP Retina 2x" contains a reflected cross-site scripting vulnerability CWE-79. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on a...

6.1CVSS5.9AI score0.00918EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/01/12 6:7 a.m.•2 views

Cross-site Scripting Vulnerability in Fujitsu NetCOBOL

Overview A cross-site scripting vulnerability was found in MeFt/Web Service manager function in Fujitsu NetCOBOL. Impact By creating a malicious webpage that exploits this vulnerability, an attacker could execute arbitrary code on the user's computer used to access the malicious webpage. Solution...

3.5CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/01/12 5:58 a.m.•2 views

Cross-site Scripting Vulnerability in Fujitsu Interstage List Works

Overview A cross-suite scripting vulnerability has been found in web functionality of Fujitsu Interstage List Works. Impact By creating a malicious webpage that exploits this vulnerability, an attacker could execute arbitrary code on the user's computer used to access the malicious webpage...

6.1CVSS7.2AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/11/13 6:30 a.m.•2 views

CS-Cart Japanese Edition vulnerable to cross-site scripting

Overview CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition contains a cross-site scripting vulnerabulity CWE-79. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.4CVSS6.1AI score0.00538EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/10/17 7:58 a.m.•2 views

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor

Overview Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor. Cross-site Scripting Access Control For Access Control, Hitachi Data Center Analytics v8.0.0, v8.0.2, v8.1.0, and v8.1.3 will be affected. Impact Regarding the impact of the vulnerability, please refer ...

7.5CVSS6.6AI score
Exploits0References3
Total number of security vulnerabilities5000