5617 matches found
WindLDR and WindO/I-NV4 store sensitive information in cleartext
Overview PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Yuki Meguro of Toinx Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
xfpt vulnerable to stack-based buffer overflow
Overview xfpt fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability CWE-121. Yuhei Kawakoya of NTT Security Holdings Corporation reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact When ...
JVN#08342147: WindLDR and WindO/I-NV4 store sensitive information in cleartext
PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Impact An attacker who obtained the product's project file may obtain user credentials of the PLC or...
Multiple vulnerabilities in ELECOM wireless LAN routers and access points
Overview Multiple wireless LAN routers and access points provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site scripting vulnerability due to an improper processing of input values in easysetup.cgi and menu.cgi CWE-79 - CVE-2024-34577, CVE-2024-42412 Missing...
Authentication Bypass Vulnerability in Hitachi Ops Center Common Services
Overview Authentication bypass vulnerability exists in Hitachi Ops Center Common Services. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
JVN#24885537: Multiple vulnerabilities in ELECOM wireless LAN routers and access points
Multiple wireless LAN routers and access points provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Cross-site scripting vulnerability due to an improper processing of input values in easysetup.cgi and menu.cgi CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score...
Unquoted Service Path in Hitachi Device Manager
Overview Hitachi Device Manager contain the following vulnerabilities: CVE-2024-5963: An unquoted executable path exists in Hitachi Device Manager Display new window Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...
BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
Overview Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Yoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to...
JVN#12824024: BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection
Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Impact If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS...
Multiple Safie products vulnerable to improper server certificate verification
Overview Multiple Safie products are vulnerable to improper server certificate verification CWE-295. The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the...
Installer of Trend Micro Security 2020 (Consumer) may insecurely load Dynamic Link Libraries
Overview Installers of Trend Micro Security 2020 Consumer family may insecurely load Dynamic Link Libraries. Multiple products provided by Trend Micro Incorporated contain the DLL search path issue, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Trend Micro Incorporated...
JVN#83440451: Multiple Safie products vulnerable to improper server certificate verification
Multiple Safie products are vulnerable to improper server certificate verification CWE-295. The product can be operated via port 11029/TCP and Bluetooth, and its communications are AES encrypted. The product user can obtain the encryption key from the cloud server based on the device-specific...
Packetbeat vulnerable to denial-of-service (DoS)
Overview Packetbeat provided by Elastic contains a denial-of-service DoS vulnerability. Packetbeat provided by Elastic is a network packet analyzer. Packetbeat contains a flaw in processing the PostgreSQL handler CWE-129 . Impact Processing a specially crafted packet may lead to a denial-of-servi...
Multiple vulnerabilities in LogonTracer
Overview LogonTracer provided by JPCERT Coordination Center is a tool to investigate malicious Windows logon by visualizing and analyzing Windows event log. LogonTracer contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2018-16165 CVSS v3...
A vulnerability in TOYOTA MOTOR's DCU (Display Control Unit)
Overview TOYOTA MOTOR's DCU contains a vulnerability which is triggered by BlueBorne vulnerability. TOYOTA MOTER CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact An unauthenticated attacker may cause a denial of service DoS condition or...
Trend Micro Security (Consumer) Driver vulnerable to Out-of-bounds Read
Overview Trend Micro Security Consumer Driver is vulnerable to Out-of-bounds Read. Multiple products provided by Trend Micro Incorporated contain Out-of-bounds Read vulnerability CWE-125. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...
"Rakuten Ichiba App" fails to restrict custom URL schemes properly
Overview "Rakuten Ichiba App" provided by Rakuten Group, Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Shiga Takuma of BroadBand Security...
JVN#56648919: "Rakuten Ichiba App" fails to restrict custom URL schemes properly
"Rakuten Ichiba App" provided by Rakuten Group, Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to...
EL Injection Vulnerability in Hitachi Tuning Manager
Overview An EL Injection Vulnerability exists in Hitachi Tuning Manager. CVE-2024-5828:EL Injection Vulnerability in Hitachi Tuning Manager Display new window Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information'...
WAON service app for Android fails to verify SSL server certificates
Overview WAON service app for Android provided by AEON CO., LTD. fails to verify SSL server certificates. Gaku Taniguchi of RiskFinder,inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle...
Firmware update for RICOH JavaTM Platform resets the TLS configuration
Overview JavaTM Platform provided by Ricoh Company, Ltd. is the execution environment for firmware extensions of Ricoh MFPs and printers, providing TLS Transport Layer Security communication mechanism. When the firmware for JavaTM Platform is updated from Ver.12.89 or earlier versions to a newer...
Cybozu Office vulnerable to bypass browsing restrictions in Custom App
Overview Cybozu Office provided by Cybozu, Inc. contains a vulnerability which allows to bypass browsing restrictions in Custom App CWE-201. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact A user who can login to the product may view data...
JVN#29845579: Cybozu Office vulnerable to bypass browsing restrictions in Custom App
Cybozu Office provided by Cybozu, Inc. contains a vulnerability which allows to bypass browsing restrictions in Custom App CWE-201. Impact A user who can login to the product may view data that the user does not have access by conducting 'search' under certain conditions. Solution Update the...
JVN#78728294: Firmware update for RICOH JavaTM Platform resets the TLS configuration
JavaTM Platform provided by Ricoh Company, Ltd. is the execution environment for firmware extensions of Ricoh MFPs and printers, providing TLS Transport Layer Security communication mechanism. When the firmware for JavaTM Platform is updated from Ver.12.89 or earlier versions to a newer version,...
Pimax Play and PiTool accept WebSocket connections from unintended endpoints
Overview Pimax Play and PiTool provided by Pimax accept WebSocket connections from unintended endpoints CWE-923. Rei Yano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Arbitrary code may be executed by a...
Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN
Overview ZWX-2000CSW2-HN provided by ZEXELON CO., LTD. is a high-speed coaxial modem with wireless LAN functions. ZWX-2000CSW2-HN contains multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 - CVE-2024-39838 Incorrect permission assignment for critical resource CWE-732 -...
JVN#70666401: Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN
ZWX-2000CSW2-HN provided by ZEXELON CO., LTD. is a high-speed coaxial modem with wireless LAN functions. ZWX-2000CSW2-HN contains multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score 4.5 CVE-2024-39838 Incorrect...
JVN#50850706: Pimax Play and PiTool accept WebSocket connections from unintended endpoints
Pimax Play and PiTool provided by Pimax accept WebSocket connections from unintended endpointsCWE-923. Impact Arbitrary code may be executed by a remote unauthenticated attacker. Solution Update the Software For Pimax Play, update the software to the latest version according to the information...
FFRI AMC vulnerable to OS command injection
Overview FFRI AMC provided by FFRI Security, Inc. is a management console for the endpoint security product FFRI yarai and ActSecure X. FFRI AMC contains an OS command injection vulnerability CWE-78. It is exploitable when the notification program setting is enabled, the executable file path is...
Multiple vulnerabilities in ELECOM wireless LAN routers
Overview Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 CVE-2024-34021 OS Command Injection CWE-78 CVE-2024-39607 Cross-Site Request Forgery CWE-352 CVE-2024-40883 CVE-2024-34021 Toya...
EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting
Overview EC-CUBE plugin for EC-CUBE 4 series "EC-CUBE Web API Plugin" provided by EC-CUBE CO.,LTD. contains a stored cross-site scripting vulnerability CWE-79 in OAuth Management feature. EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...
EC-CUBE 4 Series improper input validation when installing plugins
Overview EC-CUBE 4 series provided by EC-CUBE CO.,LTD improperly validates inputs when installing plugins CWE-349. EC-CUBE CO.,LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and EC-CUBE CO.,LTD. coordinated under the Information Security Early...
JVN#26225832: EC-CUBE plugin (for EC-CUBE 4 series) "EC-CUBE Web API Plugin" vulnerable to stored cross-site scripting
EC-CUBE plugin for EC-CUBE 4 series "EC-CUBE Web API Plugin" provided by EC-CUBE CO.,LTD. contains a stored cross-site scripting vulnerability CWE-79 in OAuth Management feature. Impact When there are multiple users using OAuth Management feature and one of them inputs some crafted value on the...
JVN#06672778: Multiple vulnerabilities in ELECOM wireless LAN routers
Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 6.8 CVE-2024-34021 OS Command Injection CWE-78...
JVN#26734798: FFRI AMC vulnerable to OS command injection
FFRI AMC provided by FFRI Security, Inc. is a management console for the endpoint security product FFRI yarai and ActSecure χ. FFRI AMC contains an OS command injection vulnerability CWE-78. It is exploitable when the notification program setting is enabled, the executable file path is configured...
JVN#48324254: EC-CUBE 4 Series improper input validation when installing plugins
EC-CUBE 4 series provided by EC-CUBE CO.,LTD improperly validates inputs when installing plugins CWE-349. Impact An attacker who obtained the administrative privilege may install an arbitrary PHP package. If the obsolete versions of PHP packages are installed, the product may be affected by some...
Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series
Overview FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. Initialization of a Resource with an Insecure Default CWE-1188 - CVE-2024-31070 Active Debug Code CWE-489 - CVE-2024-36475 OS Command Injection CWE-78 -...
SDoP contains a stack-based buffer overflow vulnerability.
Overview SDoP fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability CWE-121. Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...
Multiple vulnerabilities in SKYSEA Client View
Overview SKYSEA Client View provided by Sky Co.,LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View contains multiple vulnerabilities listed below. Improper access control in the specific process CWE-266 - CVE-2024-41139 Origin validation error in shared memory data exchanges CWE-3...
Multiple products from Check Point Software Technologies vulnerable to information disclosure
Overview Multiple products from Check Point Software Technologies contain an information disclosure vulnerability CWE-200,CVE-2024-24919. JPCERT/CC coordinated with Check Point Software Technologies to publish this advisory in order to notify users of this vulnerability. Impact A remote attacker...
JVN#16420523: SDoP vulnerable to stack-based buffer overflow
SDoP fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability CWE-121. Impact When a user of the affected product is tricked to process a specially crafted XML file, an arbitrary code may be executed on the user's environment...
JVN#84326763: Multiple vulnerabilities in SKYSEA Client View
SKYSEA Client View provided by Sky Co.,LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View contains multiple vulnerabilities listed below. Improper access control in the specific process CWE-266 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2024-41139 Origin...
ORC vulnerable to stack-based buffer overflow
Overview ORC provided by GStreamer is typically used when developing GStreamer plugins. Stack-based buffer overflow vulnerability CWE-121 exists in orcparse.c of ORC. Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#02030803: ORC vulnerable to stack-based buffer overflow
ORC provided by GStreamer is typically used when developing GStreamer plugins. Stack-based buffer overflow vulnerability CWE-121 exists in orcparse.c of ORC. Impact If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on t...
Assimp vulnerable to heap-based buffer overflow
Overview Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability CWE-122. Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...
JVN#87710540: Assimp vulnerable to heap-based buffer overflow
Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability CWE-122. Impact An attacker may execute arbitrary code by inputting a specially crafted file into the product. Solution Update the Software Update the software to the latest version according to the...
Cybozu Garoon vulnerable to cross-site scripting
Overview Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting vulnerability in PDF preview CWE-79. Masato Kinugawa reported this vulnerability to Cybozu, Inc. and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution through JVN. Impact An arbitrary script may be...
FUJITSU Network Edgiot GW1500 vulnerable to path traversal
Overview FUJITSU Network Edgiot GW1500 M2M-GW for FENICS provided by Fujitsu Limited contains a path traversal vulnerability CWE-22. Eddy HUYNH & Jonathan PAUC from LCIE - BUREAU VERITAS CPS reported this vulnerability to Fujitsu Limited and coordinated. After the coordination was completed,...
JVN#74825766: Cybozu Garoon vulnerable to cross-site scripting
Cybozu Garoon provided by Cybozu, Inc. contains a cross-site scripting vulnerability in PDF preview CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the Software Update the software to the latest version according to the information provided by...
JVN#25583987: FUJITSU Network Edgiot GW1500 vulnerable to path traversal
FUJITSU Network Edgiot GW1500 M2M-GW for FENICS provided by Fujitsu Limited contains a path traversal vulnerability CWE-22. Impact If a logged-in attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information...