5596 matches found
WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting
Overview WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" provided by TMS contains a cross-site scripting vulnerability CWE-79. Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and coordinated. The developer and JPCERT/...
JVN#00971105: WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" vulnerable to cross-site scripting
WordPress Plugin "Appointment and Event Booking Calendar for WordPress - Amelia" provided by TMS contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in the WordPress where the product is installed. Solution...
Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft
Overview Shinseiyo Sogo Soft provided by The Ministry of Justice improperly restricts XML external entity references XXE CWE-611. Taku Toyama of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...
WordPress plugin "LIQUID SPEECH BALLOON" vulnerable to cross-site request forgery
Overview WordPress plugin "LIQUID SPEECH BALLOON" provided by LIQUID DESIGN Ltd. contains a cross-site request forgery vulnerability CWE-352. Ryo Sato of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass
Overview EC-CUBE plugin "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series" provided by NE Inc. contains an authentication bypass vulnerability CWE-287. TSUKADA Nobuhisa of Seasoft reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
JVN#50862842: EC-CUBE plugin "NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)" vulnerable to authentication bypass
EC-CUBE plugin "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series" provided by NE Inc. contains an authentication bypass vulnerability CWE-287. Impact A remote attacker may alter the information stored in the system. Solution Stop using "NEXT ENGINE Integration Plugin for EC-CUBE 2.0 series "...
JVN#99657911: WordPress plugin "LIQUID SPEECH BALLOON” vulnerable to cross-site request forgery
WordPress plugin "LIQUID SPEECH BALLOON” provided by LIQUID DESIGN Ltd. contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Update the Software to the latest...
JVN#73178249: Improper restriction of XML external entity references (XXE) in Shinseiyo Sogo Soft
Shinseiyo Sogo Soft provided by The Ministry of Justice improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker. Solution Update the Software Update the software to the latest...
Security Issues in FINS protocol
Overview FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of Omron products. FINS commands enable to read/write information, conduct various operations and set the...
Joruri Gw vulnerable to cross-site scripting
Overview Joruri Gw provided by SiteBridge Inc. is groupware. Message Memo function of Joruri Gw contains a cross-site scripting vulnerability CWE-79. Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
API server of TONE Family vulnerable to authentication bypass using an alternate path
Overview API server of TONE Family provided by DREAM TRAIN INTERNET INC. contains an authentication bypass vulnerability using an alternate path CWE-288. Kodai Karakawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...
JVN#14492006: API server of TONE Family vulnerable to authentication bypass using an alternate path
API server of TONE Family provided by DREAM TRAIN INTERNET INC. contains an authentication bypass vulnerability using an alternate path CWE-288. Impact A remote unauthenticated attacker may login to the management console of the affected service by using E-mail address required when logging into...
JVN#87559956: Joruri Gw vulnerable to cross-site scripting
Joruri Gw provided by SiteBridge Inc. is groupware. Message Memo function of Joruri Gw contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the specific page of the product. Solution Update the software...
JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor
Overview JB Inquiry form provided by Jubei Inc. contains an exposure of private personal information to an unauthorized actor vulnerability CWE-359. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Trend Micro Security may insecurely load Dynamic Link Libraries
Overview Trend Micro Security provided by Trend Micro Incorporated contains an insecure DLL loading issue CWE-427. While the affected version of Trend Micro Security is installed and a malicious DLL is placed in a directory where some application executable resides, invoking the application...
JVN#36340790: JB Inquiry form vulnerable to exposure of private personal information to an unauthorized actor
JB Inquiry form provided by Jubei Inc. contains an exposure of private personal information to an unauthorized actor vulnerability CWE-359 . Impact A remote attacker may obtain information entered from forms created using the affected product. Solution Update the Software Update to the latest...
JVN#76257155: Trend Micro Security may insecurely load Dynamic Link Libraries
Trend Micro Security provided by Trend Micro Incorporated contains an insecure DLL loading issue CWE-427. While the affected version of Trend Micro Security is installed and a malicious DLL is placed in a directory where some application executable resides, invoking the application executable may...
Multiple mobile printing apps for Android vulnerable to improper intent handling
Overview Multiple mobile printing apps for Android are vulnerable to improper intent handling CWE-668. Johan Francsics reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact When a malicious app is installed on the victim user's Android device, the app may send...
Vulnerability in JP1/VERITAS
Overview A vulnerability VTS23-003 exists in JP1/VERITAS. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
Yokogawa Electric CENTUM series vulnerable to cleartext storage of sensitive information
Overview CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information CWE-312, CVE-2023-26593. Yokogawa Electric Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact If an attacker who can...
Multiple vulnerabilities in JustSystems products
Overview Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below. Use After Free CWE-416 - CVE-2022-43664 Heap-based Buffer Overflow CWE-122 - CVE-2022-45115 Free of Memory not on the Heap CWE-590 - CVE-2023-22291 Heap-based Buffer Overflow CWE-122 -...
Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool
Overview National land numerical information data conversion tool provided by MLIT improperly restricts XML external entity references XXE CWE-611. Taku Toyama and Kohei Matsumoto of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
JVN#79149117: Multiple vulnerabilities in JustSystems products
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below. Use After Free CWE-416 - CVE-2022-43664 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Base Score: 7.8 CVSS v2| AV:N/AC:M/Au:N/C:P/I:P/A:P| Base Score:...
JVN#75742861: Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool
National land numerical information data conversion tool provided by MLIT improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker. Solution Stop using the product The developer...
JTEKT ELECTRONIC Screen Creator Advance 2 vulnerable to improper restriction of operations within the bounds of a memory buffer
Overview Screen Creator Advance 2 provided by JTEKT ELECTRONICS CORPORATION is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. Michael Heinzl reported this vulnerability to...
CONPROSYS HMI System(CHS) vulnerable to SQL injection
Overview CONPROSYS HMI SystemCHS provided by Contec Co., Ltd. contains an SQL injection vulnerability CWE-89, CVE-2023-1658. Tenable Network Security reported this vulnerability to the developer. JPCERT/CC coordinated with the reporter and the developer. Impact Sending a specially crafted paramet...
Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210
Overview SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2016-2183 Command injection CWE-77 - CVE-2022-36556 Unrestricted upload of file with...
HAProxy vulnerable to HTTP request/response smuggling
Overview HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack CWE-444. Yuki Mogi of FFRI Security, Inc. reported...
JVN#40604023: Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210
SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2016-2183 Version| Vector| Score ---|---|--- CVSS v3|...
JVN#38170084: HAProxy vulnerable to HTTP request/response smuggling
HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack CWE-444. Impact A remote attacker may alter a legitimate...
baserCMS vulnerable to arbitrary file uploads
Overview baserCMS provided by baserCMS Users Community allows an authenticated user to upload arbitrary files CWE-434. Taisei Inoue of GMO Cybersecurity by Ierae, Inc. and Yusuke Akagi of Mitsui Bussan Secure Directions, Inc., Shiga Takuma of BroadBand Security, Inc. reported this vulnerability t...
JVN#61105618: baserCMS vulnerable to arbitrary file uploads
baserCMS provided by baserCMS Users Community allows an authenticated user to upload arbitrary files CWE-434. Impact An user with Operator privilege may upload arbitrary files. As a result, arbitrary PHP code may be executed. Solution Update the software Update the software to the latest version...
ELECOM WAB-MAT registers its windows service executable with an unquoted file path
Overview WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path CWE-428. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#35246979: ELECOM WAB-MAT registers its windows service executable with an unquoted file path
WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path CWE-428. Impact If a malicious executable is placed on a certain path, it may be executed with the privilege of the Windows service...
Multiple vulnerabilities in Contec CONPROSYS IoT Gateway products
Overview CONPROSYS IoT Gateway products provided by Contec CO.,LTD. contain multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2023-27917 Network Maintenance page validates input values improperly, resulting in OS command injection. Inadequate Encryption Strength CWE-326 -...
TP-Link T2600G-28SQ uses vulnerable SSH host keys
Overview TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys CWE-1391. Kuniyuki Hasegawa of VeriServe Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact The credential information for a...
JVN#62420378: TP-Link T2600G-28SQ uses vulnerable SSH host keys
TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys CWE-1391. Impact The credential information for an affected device may be obtained when the administrator is tricked to login to a device which spoofs the affected device. Solution Update the Firmware Update the firmware to the late...
Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service
Overview Android App "Wolt Delivery: Food and more" provided by Wolt uses a hard-coded API key for an external service CWE-798. Naoya Kurosawa of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#64453490: Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service
Android App "Wolt Delivery: Food and more" provided by Wolt uses a hard-coded API key for an external service CWE-798. Impact The hard-coded API key may be retrieved via reverse-engineering the application binary. Note that the application users are not directly affected by this vulnerability...
Multiple vulnerabilities in Buffalo network devices
Overview Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 - CVE-2023-26588 Improper access control CWE-284 - CVE-2023-24544 Stored cross-site scripting CWE-79 - CVE-2023-24464 Impact An attacker may access the...
Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config
Overview Web Config for printers/network interface provided by SEIKO EPSON CORPORATION contains multiple vulnerabilities listed below. Stored cross-site Scripting CWE-79 - CVE-2023-23572 Cross-Site Request Forgery CWE-352 - CVE-2023-27520 Takaya Noma, Yudai Morii, Hiroki Yasui, Takayuki Sasaki, a...
JVN#82424996: Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config
Web Config for printers/network interface provided by SEIKO EPSON CORPORATION contains multiple vulnerabilities listed below. Stored cross-site Scripting CWE-79 - CVE-2023-23572 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.8 CVSS v2|...
Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software
Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2023-22419, CVE-2023-22421 Use-after-free CWE-416 - CVE-2023-22424 Michael Heinzl reported these vulnerabilities to JPCERT/CC...
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
Overview pgivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pgivm contains multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2023-228...
JVN#19872280: Multiple vulnerabilities in PostgreSQL extension module pg_ivm
pgivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pgivm contains multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2023-22847 An...
Multiple vulnerabilities in Trend Micro Maximum Security
Overview Trend Micro Incorporated has released security updates for Trend Micro Maximum Security. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Maximum Security 2022 Arbitrary file deletion due to link...
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Overview Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Uploading of a large number of files to fill up the file system on the...
File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center
Overview A File and Directory Permissions Vulnerability CVE-2020-36652 exists in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...
Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
Overview SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2023-22335 Path Traversal CWE-22 - CVE-2023-22336 Use of Hard-coded...
JVN#57224029: Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2023-22335 Version| Vector| Score ---|---|--- CVSS v3|...