5625 matches found
Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool
Overview National land numerical information data conversion tool provided by MLIT improperly restricts XML external entity references XXE CWE-611. Taku Toyama and Kohei Matsumoto of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
JVN#75742861: Improper restriction of XML external entity references (XXE) in National land numerical information data conversion tool
National land numerical information data conversion tool provided by MLIT improperly restricts XML external entity references XXE CWE-611. Impact By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker. Solution Stop using the product The developer...
JVN#79149117: Multiple vulnerabilities in JustSystems products
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below. Use After Free CWE-416 - CVE-2022-43664 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Base Score: 7.8 CVSS v2| AV:N/AC:M/Au:N/C:P/I:P/A:P| Base Score:...
JTEKT ELECTRONIC Screen Creator Advance 2 vulnerable to improper restriction of operations within the bounds of a memory buffer
Overview Screen Creator Advance 2 provided by JTEKT ELECTRONICS CORPORATION is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. Michael Heinzl reported this vulnerability to...
CONPROSYS HMI System(CHS) vulnerable to SQL injection
Overview CONPROSYS HMI SystemCHS provided by Contec Co., Ltd. contains an SQL injection vulnerability CWE-89, CVE-2023-1658. Tenable Network Security reported this vulnerability to the developer. JPCERT/CC coordinated with the reporter and the developer. Impact Sending a specially crafted paramet...
Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210
Overview SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2016-2183 Command injection CWE-77 - CVE-2022-36556 Unrestricted upload of file with...
HAProxy vulnerable to HTTP request/response smuggling
Overview HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack CWE-444. Yuki Mogi of FFRI Security, Inc. reported...
JVN#40604023: Multiple vulnerabilities in Seiko Solutions SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210
SkyBridge MB-A100/A110/A200/A130 SkySpider MB-R210 provided by Seiko Solutions Inc. contain multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2016-2183 Version| Vector| Score ---|---|--- CVSS v3|...
JVN#38170084: HAProxy vulnerable to HTTP request/response smuggling
HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name, and when deployed in front of a server that incorrectly process this malformed header, it may be used to conduct an HTTP request/response smuggling attack CWE-444. Impact A remote attacker may alter a legitimate...
baserCMS vulnerable to arbitrary file uploads
Overview baserCMS provided by baserCMS Users Community allows an authenticated user to upload arbitrary files CWE-434. Taisei Inoue of GMO Cybersecurity by Ierae, Inc. and Yusuke Akagi of Mitsui Bussan Secure Directions, Inc., Shiga Takuma of BroadBand Security, Inc. reported this vulnerability t...
JVN#61105618: baserCMS vulnerable to arbitrary file uploads
baserCMS provided by baserCMS Users Community allows an authenticated user to upload arbitrary files CWE-434. Impact An user with Operator privilege may upload arbitrary files. As a result, arbitrary PHP code may be executed. Solution Update the software Update the software to the latest version...
ELECOM WAB-MAT registers its windows service executable with an unquoted file path
Overview WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path CWE-428. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#35246979: ELECOM WAB-MAT registers its windows service executable with an unquoted file path
WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path CWE-428. Impact If a malicious executable is placed on a certain path, it may be executed with the privilege of the Windows service...
Multiple vulnerabilities in Contec CONPROSYS IoT Gateway products
Overview CONPROSYS IoT Gateway products provided by Contec CO.,LTD. contain multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2023-27917 Network Maintenance page validates input values improperly, resulting in OS command injection. Inadequate Encryption Strength CWE-326 -...
TP-Link T2600G-28SQ uses vulnerable SSH host keys
Overview TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys CWE-1391. Kuniyuki Hasegawa of VeriServe Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact The credential information for a...
JVN#62420378: TP-Link T2600G-28SQ uses vulnerable SSH host keys
TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys CWE-1391. Impact The credential information for an affected device may be obtained when the administrator is tricked to login to a device which spoofs the affected device. Solution Update the Firmware Update the firmware to the late...
Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service
Overview Android App "Wolt Delivery: Food and more" provided by Wolt uses a hard-coded API key for an external service CWE-798. Naoya Kurosawa of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#64453490: Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service
Android App "Wolt Delivery: Food and more" provided by Wolt uses a hard-coded API key for an external service CWE-798. Impact The hard-coded API key may be retrieved via reverse-engineering the application binary. Note that the application users are not directly affected by this vulnerability...
Multiple vulnerabilities in Buffalo network devices
Overview Multiple network devices provided by BUFFALO INC. contain multiple vulnerabilities listed below. Use of hard-coded credentials CWE-798 - CVE-2023-26588 Improper access control CWE-284 - CVE-2023-24544 Stored cross-site scripting CWE-79 - CVE-2023-24464 Impact An attacker may access the...
Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config
Overview Web Config for printers/network interface provided by SEIKO EPSON CORPORATION contains multiple vulnerabilities listed below. Stored cross-site Scripting CWE-79 - CVE-2023-23572 Cross-Site Request Forgery CWE-352 - CVE-2023-27520 Takaya Noma, Yudai Morii, Hiroki Yasui, Takayuki Sasaki, a...
JVN#82424996: Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config
Web Config for printers/network interface provided by SEIKO EPSON CORPORATION contains multiple vulnerabilities listed below. Stored cross-site Scripting CWE-79 - CVE-2023-23572 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.8 CVSS v2|...
Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software
Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Out-of-bounds read CWE-125 - CVE-2023-22419, CVE-2023-22421 Use-after-free CWE-416 - CVE-2023-22424 Michael Heinzl reported these vulnerabilities to JPCERT/CC...
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
Overview pgivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pgivm contains multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2023-228...
JVN#19872280: Multiple vulnerabilities in PostgreSQL extension module pg_ivm
pgivm provided by IVM Development Group is a PostgreSQL extension module that provides incremental view maintenance functionality of materialized views. pgivm contains multiple vulnerabilities listed below. Exposure of sensitive information to an unauthorized actor CWE-200 - CVE-2023-22847 An...
Multiple vulnerabilities in Trend Micro Maximum Security
Overview Trend Micro Incorporated has released security updates for Trend Micro Maximum Security. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Maximum Security 2022 Arbitrary file deletion due to link...
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
Overview Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Uploading of a large number of files to fill up the file system on the...
File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center
Overview A File and Directory Permissions Vulnerability CVE-2020-36652 exists in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...
Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
Overview SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2023-22335 Path Traversal CWE-22 - CVE-2023-22336 Use of Hard-coded...
JVN#57224029: Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2023-22335 Version| Vector| Score ---|---|--- CVSS v3|...
Multiple cross-site scripting vulnerabilities in EC-CUBE
Overview EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Contents Management CWE-79 - CVE-2023-22438 Cross-site scripting vulnerability in Authentication Key Settings CWE-79 - CVE-2023-25077 Cross-site...
web2py development tool vulnerable to open redirect
Overview The admin development tool included in the web2py source code contains an open redirect vulnerability CWE-601. According to the developer, they do not recommend using the tool in operational environment or disclosing it on the Internet. Takuto Yoshikai of Aeye Security Lab reported this...
JVN#04785663: Multiple cross-site scripting vulnerabilities in EC-CUBE
EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Contents Management CWE-79 - CVE-2023-22438 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVS...
JVN#78253670: web2py development tool vulnerable to open redirect
The admin development tool included in the web2py source code contains an open redirect vulnerability CWE-601. According to the developer, they do not recommend using the tool in operational environment or disclosing it on the Internet. Impact When using the tool, a web2py user may be redirected ...
Multiple cross-site scripting vulnerabilities in SHIRASAGI
Overview SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability on Schedule function CWE-79 - CVE-2023-22425 Stored cross-site scripting vulnerability on Theme switching function CWE-79 - CVE-2023-22427 CVE-2023-22425 Ren...
JVN#18765463: Multiple cross-site scripting vulnerabilities in SHIRASAGI
SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability on Schedule function CWE-79 - CVE-2023-22425 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...
The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries
Overview The installers of ELECOM Camera Assistant and QuickFileDealer provided by ELECOM CO.,LTD. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA...
Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools
Overview tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools provided by FUJITSU LIMITED contain an improper restriction of XML external entity reference XXE vulnerability CWE-611. Toyama Taku and Sakaki Ryutaro of NEC Corporation reported this vulnerability to IPA. JPCERT/CC...
JVN#00712821: Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools
tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools provided by FUJITSU LIMITED contain an improper restriction of XML external entity reference XXE vulnerability CWE-611. Impact By reading a specially crafted XML file, arbitrary files which meet a certain condition may be...
JVN#60263237: The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries
The installers of ELECOM Camera Assistant and QuickFileDealer provided by ELECOM CO.,LTD. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the running application. Solution...
Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G
Overview Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G provided by PLANEX COMMUNICATIONS INC. contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2023-22370 Cross-site request forgery CWE-352 - CVE-2023-22375 Reflected cross-site scripting CWE-79 -...
Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers
Overview Zuken Elmic KASAGO, TCP/IP protocol stack for embedded systems, uses its own random number generator function when generating TCP initial sequence numbers, which leads to use insufficient random values CWE-330. Zuken Elmic reported this vulnerability to JPCERT/CC to notify users of its...
JVN#98612206: Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G
Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G provided by PLANEX COMMUNICATIONS INC. contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2023-22370 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.8...
NEC PC Settings Tool vulnerable to missing authentication for critical function
Overview PC Settings Tool is an application pre-installed on computers provided by NEC by default. PC Settings Tool Library contained in the application is vulnerable to missing authentication for critical function CWE-306. Haruki Yadani of LAC Co., Ltd. reported this vulnerability to IPA...
JVN#60320736: NEC PC Settings Tool vulnerable to missing authentication for critical function
PC Settings Tool is an application pre-installed on computers provided by NEC by default. PC Settings Tool Library contained in the application is vulnerable to missing authentication for critical function CWE-306. Impact A general user of the computer which the affected product is installed may...
Multiple vulnerabilities in JTEKT ELECTRONICS Screen Creator Advance 2
Overview Screen Creator Advance 2 provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Out-of-bound write CWE-787 - CVE-2023-22345 Out-of-bound read CWE-125 - CVE-2023-22346, CVE-2023-22347, CVE-2023-22349, CVE-2023-22350, CVE-2023-22353 Use-after-free CWE-416...
Ichiran App vulnerable to improper server certificate verification
Overview Ichiran App developed by Betrend Corporation and provided by ICHIRAN INC. is vulnerable to improper server certificate verification CWE-295. Ryo Nihonyanagi of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
JVN#11257333: Ichiran App vulnerable to improper server certificate verification
Ichiran App developed by Betrend Corporation and provided by ICHIRAN INC. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the application Update the application t...
Vulnerability in Driver Distributor where passwords are stored in a recoverable format
Overview Driver Distributor provided by FUJIFILM Business Innovation Corp. contains a vulnerability where passwords are stored in a recoverable format CWE-257. Sato Ryo, Yokoi Hiroshi, and Shiga Takuma of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
SUSHIRO App for Android outputs sensitive information to the log file
Overview SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file CWE-532. Impact An attacker may obtain a credential information from the log file. Solution Update the Application Update the application to the latest version according to the...
JVN#84642320: SUSHIRO App for Android outputs sensitive information to the log file
SUSHIRO App for Android provided by AKINDO SUSHIRO CO., LTD. outputs sensitive information to the log file CWE-532. Impact An attacker may obtain a credential information from the log file. Solution Update the Application Update the application to the latest version according to the information...