Lucene search
K
JvnMost viewed

5627 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/19 3:4 a.m.•3 views

JP1/Cm2/Network Node Manager i Denial of Service (DoS) Vulnerability

Overview JP1/Cm2/Network Node Manager i NNMi contains vulnerabilities could allow a remote attacker to cause a denial of service DoS condition or execute arbitrary code. Impact A remote attacker could cause a denial of service DoS condition or execute arbitrary code. Solution Please refer to the...

7.8CVSS7.4AI score0.02929EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/23 5:21 a.m.•3 views

Movable Type vulnerable to OS command injection

Overview Movable Type contains an OS command injection vulnerability. Movable Type contains an OS command injection vulnerability in its file management system. Impact A user with a privilege to upload files may execute an arbitrary OS command. Solution Update the software Update to the latest...

6.5CVSS7.7AI score0.02421EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/12/06 7:49 a.m.•3 views

PowerChute Business Edition vulnerable to cross-site scripting

Overview PowerChute Business Edition contains a cross-site scripting vulnerability. PowerChute Business Edition from Schneider Electric is a power management software. PowerChute Business Edition contains a cross-site scripting vulnerability. Jun Okada of GLOBAL TECHNOLOGY CORPORATION reported th...

4.3CVSS6AI score0.00921EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/21 9:23 a.m.•3 views

Nikki vulnerable to OS command injection

Overview Nikki from HP no Mawashimono contains an OS command injection vulnerability. Nikki from HP no Mawashimono is a CGI software for posting diary entries. Nikki contains an OS command injection vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the...

7.5CVSS7.3AI score0.02262EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/11/21 9:22 a.m.•3 views

Nikki vulnerable to directory traversal

Overview Nikki from HP no Mawashimono contains a directory traversal vulnerability. Nikki from HP no Mawashimono is CGI software for posting diary entries. Nikki contains a directory traversal vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

7.5CVSS6.8AI score0.0174EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 8:49 a.m.•3 views

Touhou Hisouten vulnerable to denial-of-service

Overview Touhou Hisouten from Twilight Frontier contains a denial-of-service DoS vulnerability. Touhou Hisouten from Twilight Frontier is a video game which has an online match mode. Touhou Hisouten contains an issue when processing network traffic, which may result in a denial-of-service DoS. Yu...

5CVSS6.6AI score0.01409EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/10/28 8:39 a.m.•3 views

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP loads certain executables when using certain functions. FFFTP contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS7.5AI score0.02343EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/26 8:12 a.m.•3 views

Samba Web Administration Tool vulnerable to cross-site request forgery

Overview Samba Web Administration Tool SWAT contains a cross-site request forgery vulnerability. Samba Web Administration Tool SWAT allows for Samba configuration through a web interface. SWAT contains a cross-site request forgery vulnerability. SWAT is disabled in a default configuration of Samb...

6.8CVSS6.5AI score0.10046EPSS
Exploits6References21
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/12 5:6 a.m.•3 views

Internet Explorer window display vulnerability

Overview Internet Explorer contains a vulnerability where the window display may be forged. Internet Explorer contains an issue with rendering window displays, which may lead to a window display being forged. hoshikuzu|stardust reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.5AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/25 9:6 a.m.•3 views

Oracle iPlanet Web Server information disclosure vulnerability

Overview Oracle iPlanet Web Server formerly Sun Java System Web Server contains an information disclosure vulnerability. Oracle iPlanet Web Server formerly Sun Java System Web Server is a web server. Oracle iPlanet Web Server contains an information disclosure vulnerability. Impact A remote...

5CVSS6.3AI score0.02521EPSS
Exploits1References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/15 7:32 a.m.•3 views

ASP.NET vulnerable to cross-site scripting

Overview ASP.NET may create web applications for mobile devices that contain a cross-site scripting vulnerability. ASP.NET contains an issue in the handling of session ID's in mobile devices. When "Mobile Controls" are used in ASP.NET to develop web applications for mobile devices, the applicatio...

4.3CVSS6.2AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/29 8:55 a.m.•3 views

Accela BizSearch Standard Search Page Cross-Site Scripting Vulnerability

Overview The standard search page of Accela BizSearch contains a cross-site scripting vulnerability. Impact By setting up a fraudulent website that exploits an XSS vulnerability of the Accela BizSearch's standard search page the "targeted website" via the Internet, a remote attacker could execute...

4.3CVSS6.6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/16 3:25 a.m.•3 views

Microsoft Outlook read receipt function vulnerability

Overview Microsoft Outlook contains a vulnerability in the read receipt function. Microsoft Outlook contains a vulnerability in the read receipt function. A read receipt may be sent unintentionally, notifying the sender that the email was received. Ayako Kozakai of NTT DATA SECURITY CORPORATION...

2.6CVSS6.4AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/05/19 7:49 a.m.•3 views

iVIEW Suite vulnerable to SQL injection

Overview iVIEW Suite from RADVISION contains a SQL injection vulnerability. iVIEW Suite provided by RADVISION is a software to manage video conference systems in SCOPIA. iVIEW Suite contains a SQL injection vulnerability. Hirofumi Oka of NRI SecureTechnologies,Ltd. reported this vulnerability to...

7.5CVSS7.6AI score0.01258EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/04/01 6:52 a.m.•3 views

Hitachi Tuning Manager Software Cross-Site Scripting Vulnerability

Overview Hitachi Tuning Manager Software contains a cross-site scripting vulnerability. Impact A remote attacker could make a user execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/03/27 11:11 p.m.•3 views

Picasa may insecurely load executable files

Overview Picasa may use unsafe methods for determining how to load executables .exe Picasa is a software for viewing and managing photos. Picasa loads certain executables when using the "Locate on Disk" function. Picasa contains an issue with the file search path, which may insecurely load...

6.9CVSS7.5AI score0.0032EPSS
Exploits1References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/03/27 11:6 p.m.•3 views

e107 vulnerable to cross-site scripting

Overview e107 contains a cross-site scripting vulnerability. e107 provided by e107.org is a Content Management System CMS software. e107 contains a cross-site scripting vulnerability. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Securi...

4.3CVSS6AI score0.01042EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/02/28 8:17 a.m.•3 views

SEIL Series routers vulnerable to buffer overflow

Overview SEIL Series routers contain a buffer overflow vulnerability. The PPP Access Concentrator PPPAC contained in SEIL Series routers contain a buffer overflow vulnerability when processing PPPoE packets. Impact An attacker may be able to execute arbitrary code. Accoding to the developer, all...

8.3CVSS7.6AI score0.02608EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:20 a.m.•3 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific ISO-2022-JP encoded characters, which may result in cross-site...

4.3CVSS5.8AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:19 a.m.•3 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific EUC-JP or ShiftJIS encoded characters, which may result in cross-site...

4.3CVSS5.9AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:19 a.m.•3 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific UTF-7 encoded characters, which may result in cross-site scripting. Fo...

4.3CVSS5.8AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 9:26 a.m.•3 views

Movable Type vulnerable to cross-site scripting

Overview Movable Type contains a cross-site scripting vulnerability. Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on t...

4.3CVSS6.2AI score0.0125EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 9:25 a.m.•3 views

Vulnerability in Epson printer driver installer where access permissions are changed

Overview A vulnerability in printer driver installers provided by Epson cause access permissions to a certain folder on the system to be changed. When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files C:\Program Files are changed. A...

4.6CVSS6.7AI score0.00311EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/01 11:27 a.m.•3 views

Clipboard contents alteration vulnerability in Grani

Overview Grani contains a vulnerability in which the contents of the clipboard may be altered. Grani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the...

5.8CVSS6.5AI score0.00867EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/01 11:27 a.m.•3 views

Clipboard contents alteration vulnerability in Sleipnir

Overview Sleipnir contains a vulnerability in which the contents of the clipboard may be altered. Sleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the conten...

5.8CVSS6.5AI score0.01007EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/04 10:10 a.m.•3 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability differs from JVN01948274, and other issues that were previously published on JVN. Impact When opening a specially crafted file...

9.3CVSS8AI score0.06065EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/25 8:42 a.m.•3 views

Sleipnir and Grani may insecurely load dynamic libraries

Overview Sleipnir and Grani may use unsafe methods for determining how to load DLLs. Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurel...

6.9CVSS7.4AI score0.00287EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:41 a.m.•3 views

Archive Decoder may insecurely load executable files

Overview Archive Decoder may use unsafe methods for determining how to load executables .exe. Archive Decoder is a file extraction software that supports multiple file en extracting files. Archive Decoder contains an issue with the file search path, which may insecurely load executables. Makoto...

6.9CVSS7.5AI score0.00283EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:41 a.m.•3 views

Explzh may insecurely load executable files

Overview Explzh may use unsafe methods for determining how to load executables .exe. Explzh is a file compression/extraction software supporting multiple file formats. Explzh loads certain executables .exe when extracting files. Explzh contains an issue with the file search path, which may...

6.9CVSS7.5AI score0.00365EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:41 a.m.•3 views

K2Editor may insecurely load executable files

Overview K2Editor may use unsafe methods for determining how to load executables .exe. K2Editor is a text editor. K2Editor loads certain executables .exe when opening the folder that contains the text file that is being edited. K2Editor contains an issue with the file search path, which may...

6.9CVSS7.5AI score0.00279EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/18 10:37 a.m.•3 views

Cross-site Request Forgery Vulnerability in Oracle iPlanet Web Server

Overview Oracle iPlanet Web Server formerly Sun Java System Web Server contains a cross-site request forgery vulnerability. Oracle iPlanet Web Server formerly Sun Java System Web Server is a web server. Oracle iPlanet Web Server contains a cross-site request forgery vulnerability. Yoshihiro...

5.8CVSS6.5AI score0.02371EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/13 7:58 a.m.•3 views

Multiple Vulnerabilities in Groupmax Scheduler Server

Overview A denial of service DoS or arbitrary file manipulation vulnerability has been reported in multiple Hitachi products. Impact A remote attacker could cause a denial of service DoS condition or manipulate arbitrary files. Solution Please refer to the 'Vendor Information' section for the...

8.5CVSS6.9AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/13 7:58 a.m.•3 views

Phishing Vulnerability in Accela BizSearch Document View Window

Overview The document view window in Accela BizSearch Gateway Option has the following vulnerabilities which allow a remote attacker to: display a fraudulent web page over a legitimate web page steal cookies stored in browser place arbitrary cookies into browser Impact A remote attacker could...

5.8CVSS6.9AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/05 10:31 a.m.•3 views

AD-EDIT2 vulnerable to cross-site scripting

Overview AD-EDIT2 contains a cross-site scripting vulnerability. AD-EDIT2 is a Contents Management System CMS software. AD-EDIT2 contains a cross-site scripting vulnerability. Seiei Higa of IT College Okinawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS6.1AI score0.01042EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/08/31 5:16 a.m.•3 views

moobbs2 vulnerable to cross-site scripting

Overview moobbs2 contains a cross-site scripting vulnerability. moobbs2 from Moo is a threaded bulletin board software. moobbs contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5CVSS6.1AI score0.01033EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/08/20 8:17 a.m.•3 views

Winny BBS information processing vulnerability

Overview Winny contains a vulnerability in the processing of BBS information. Winny is a P2P file sharing software. Winny contains a vulnerability in the processing of BBS information, which can be used to launch Distributed Denial of Service DDoS attacks. Yuji Ukai of eEye Digital Security...

10CVSS6.7AI score0.01446EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/06/29 6:35 a.m.•3 views

Forced Shutdown or Restart with JP1/ServerConductor/Deployment Manager

Overview JP1/ServerConductor/Deployment Manager's Client Service for DPM has a vulnerability which could cause a shutdown or restart of the client computer when receiving ill-formed data. Impact A remote attacker could shut down or restart the target system. Solution Please refer to the 'Vendor...

7.8CVSS6.9AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/06/17 10:50 a.m.•3 views

Multiple vulnerabilities in ActiveGeckoBrowser

Overview ActiveGeckoBrowser from Fenrir Inc. contains multiple vulnerabilities. ActiveGeckoBrowser from Fenrir Inc. is a plugin that adds the Gecko rendering engine to the Sleipnir web browser. ActiveGeckoBrowser contains multiple vulnerabilities caused by the Gecko engine. Impact A remote attack...

6.8CVSS7.8AI score0.02129EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/06/08 5:3 a.m.•3 views

Stack-Based Buffer Overflow Vulnerability in Collaboration Common Utility

Overview Collaboration Common Utility, a component of multiple Hitachi products, is vulnerable to stack-based buffer overflow when the Drag and Drop Component for Collaboration feature is also installed. Impact No details available. Solution Please refer to the 'Vendor Information' section for th...

10CVSS7.4AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/06/03 2:29 a.m.•3 views

e-Pares vulnerable to cross-site request forgery

Overview e-Pares contains a cross-site request forgery vulnerability. e-Pares is a system that manages facility conference rooms, etc. information. e-Pares contains a cross-site request forgery vulnerability. This vulnerability that was reported to IPA and JPCERT/CC was discovered as part of the...

2.6CVSS6.6AI score0.00824EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/06/03 2:29 a.m.•3 views

e-Pares vulnerable to cross-site scripting

Overview e-Pares contains a cross-site scripting vulnerability. e-Pares is a system that manages facility conference rooms, etc. information. e-Pares contains a cross-site scripting vulnerability. This vulnerability that was reported to IPA and JPCERT/CC was discovered as part of the Web...

4.3CVSS6.2AI score0.01645EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/06/01 8:37 a.m.•3 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability is different from JVN98467259. The "Ichitaro" series word processing software, from JustSystems Corporation contains a...

9.3CVSS7.9AI score0.05557EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/05/18 2:33 a.m.•3 views

Several EUR Form/EUR Products Arbitrary Code Execution Vulnerability

Overview An arbitrary code execution vulnerability exists in several EUR Form and EUR products. Impact A remote attacker could execute arbitrary code through the affected web pages. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate acti...

10CVSS8.1AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/04/08 8:47 a.m.•3 views

MODx vulnerable to cross-site scripting

Overview MODx provided by The MODx CMS Project contains a cross-site scripting vulnerability. MODx provided by the MODx CMS Project is a Contents Management System CMS software. MODx contains a cross-site scripting vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported th...

4.3CVSS6.1AI score0.01645EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/03/15 3:21 a.m.•3 views

JP1/Cm2/Network Node Manager Remote Console Insecure File Permissions Vulnerability

Overview Computer systems running the JP1/Cm2/Network Node Manager NNM Remote Console for Windows are vulnerable due to insecure file permissions set on the systems. Impact A local attacker could replace the affected files provided by the NNM Remote Console with arbitrary files. Solution Please...

6.6CVSS6.7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/14 12:24 p.m.•3 views

Oracle Application Server vulnerable to cross-site scripting

Overview Oracle Application Server from Oracle contains a cross-site scripting vulnerability. Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC...

2.6CVSS6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 10:52 a.m.•3 views

Active! mail 2003 cookie disclosure vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a vulnerability in which cookies may be disclosed. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which cookies may be disclosed. Kenichi Maehashi of CIS RAT at Hosei Universi...

5.8CVSS6.6AI score0.0105EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 10:52 a.m.•3 views

Active! mail 2003 session ID disclosure vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a vulnerability in which session IDs may be disclosed. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which session IDs may be disclosed. Kenichi Maehashi of CIS RAT at Hosei...

5.8CVSS6.6AI score0.01083EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 10:52 a.m.•3 views

Active! mail 2003 cross-site scripting vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a cross-site scripting vulnerability. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a cross-site scripting vulnerability. Kenichi Maehashi of CIS RAT at Hosei University reported this...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/19 6:45 a.m.•3 views

Redmine vulnerable to cross-site request forgery

Overview Redmine contains a cross-site request forgery vulnerability. Redmine is a project management software. Redmine contains a cross-site request forgery vulnerability. Yoshinari Fukumoto of Rakuten, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

6.8CVSS6.6AI score0.00719EPSS
Exploits0References10
Total number of security vulnerabilities5000