5609 matches found
JVN#76024879: PowerCMS XMLRPC API vulnerable to command injection
PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability CWE-74. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According to the developer,...
Multiple vulnerabilities in CentreCOM AR260S V2
Overview CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. OS command injection vulnerability in GUI setting page CWE-78 - CVE-2022-35273 Use of hard-coded credentials for the telnet server CWE-798 - CVE-2022-38394 Undocumented hidden command that...
Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries
Overview Installer of Device Software Manager provided by RICOH COMPANY, LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon IT Solutions Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wit...
JVN#44721267: Installer of Ricoh Device Software Manager may insecurely load Dynamic Link Libraries
Installer of Device Software Manager provided by RICOH COMPANY, LTD. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the lates...
JVN#45473612: Multiple vulnerabilities in CentreCOM AR260S V2
CentreCOM AR260S V2 provided by Allied Telesis K.K. contains multiple vulnerabilities listed below. OS command injection vulnerability in GUI setting page CWE-78 - CVE-2022-35273 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...
Movable Type XMLRPC API vulnerable to command injection
Overview Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability CWE-74. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According...
Multiple vulnerabilities in Exment
Overview Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2022-38080 SQL injection CWE-89 - CVE-2022-37333 Stored cross-site scripting CWE-79 - CVE-2022-38089 CVE-2022-38080, CVE-2022-37333 Hibiki Moriyama of STNet,...
Multiple vulnerabilities in PukiWiki
Overview PukiWiki provided by PukiWiki Development Team contains multiple vulnerabilities listed below. Path Traversal CWE-22 - CVE-2022-34486 Reflected Cross-site Scripting CWE-79 - CVE-2022-27637 Harold Kim reported these vulnerabilities to the developer and coordinated. After coordination was...
JVN#46239102: Multiple vulnerabilities in Exment
Exment provided by Kajitori Co.,Ltd contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2022-38080 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2| AV:N/AC:H/Au:S/C:N/I:P/A:N| Base Score: 2.1...
JVN#57728859: Movable Type XMLRPC API vulnerable to command injection
Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability CWE-74. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According to the...
PLANEX MZK-DP150N contains hidden administrative functionality
Overview MZK-DP150N provided by PLANEX COMMUNICATIONS INC. contains a hidden administrative screen CVE-2021-37289, CWE-912. In the initial settings of the product, the login account for the configuration screen is common to all products. Please change the account information from the initial...
PukiWiki vulnerable to cross-site scripting
Overview PukiWiki provided by PukiWiki Developers Team contains a stored cross-site scripting vulnerability CWE-79. Ryuhoh Ide of Department of Applied Physics, School of Engineering, The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
UNIMO Technology digital video recorders vulnerable to missing authentication for critical functions
Overview Multiple digital video recorders provided by UNIMO Technology Co., Ltd do not perform authentication for some critical functions CWE-306 in the device management web interface. The reporter states that attacks exploiting this vulnerability have been observed. Yoshiki Mori, Ushimaru Hayat...
JVN#43979089: PukiWiki vulnerable to cross-site scripting
PukiWiki provided by PukiWiki Developers Team contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who accessed the site using the product. Solution Update the Software Update the Software to the latest version...
Multiple vulnerabilities in Trend Micro Security
Overview Trend Micro Incorporated has released security updates for Trend Micro Security. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Security 2022 Information disclosure due to an Out-Of-Bounds Read...
Trend Micro Endpoint security products for enterprises vulnerable to Link Following Local Privilege Escalation
Overview Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN. Impact A non-administrative user of the system where the affected product...
Kaitai Struct: compiler vulnerable to denial-of-service (DoS)
Overview Kaitai Struct: compiler provided by Kaitai team contains SnakeYAML library version 1.25, which is used in parsing .ksy files. SnakeYAML version 1.25 expands recursive aliases unlimitedly CWE-674, hence Katai Struct: compiler is vulnerable to a denial-of-service DoS attack by Billion Laug...
JVN#42883072: Kaitai Struct: compiler vulnerable to denial-of-service (DoS)
Kaitai Struct: compiler provided by Kaitai team contains SnakeYAML library version 1.25, which is used in parsing .ksy files. SnakeYAML version 1.25 expands recursive aliases unlimitedly CWE-674, hence Katai Struct: compiler is vulnerable to a denial-of-service DoS attack by Billion Laughs Attack...
CONTEC SolarView Compact vulnerable to insufficient verification in uploading files
Overview SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System. The image file management page of SolarView Compact contains an insufficient verification vulnerability when uploadi webray reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer.ng files...
Information Disclosure Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator
Overview Information Disclosure Vulnerability have been found in Hitachi Automation Director and Hitachi Ops Center Automator. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official...
Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001
Overview Nintendo Wi-Fi Network Adaptor provided by Nintendo Co.,Ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2022-36381 Buffer overflow CWE-121 - CVE-2022-36293 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc reported these vulnerabilities to IP...
JVN#17625382: Multiple vulnerabilities in Nintendo Wi-Fi Network Adaptor WAP-001
Nintendo Wi-Fi Network Adaptor provided by Nintendo Co.,Ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2022-36381 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2| AV:A/AC:L/Au:S/C:P/I:P/A:P|...
"JustSystems JUST Online Update for J-License" starts a program with an unquoted file path
Overview "JustSystems JUST Online Update for J-License" is bundled with multiple products for corporate users provided by JustSystems Corporation, as in Ichitaro through Pro5 and others, and it is registered as a Windows service. "JustSystems JUST Online Update for J-License" starts another progr...
"Hulu" App for iOS vulnerable to improper server certificate verification
Overview "Hulu" App for iOS provided by HJ Holdings, Inc. is vulnerable to improper server certificate verification CWE-295. Shungo Kumasaka of GMO Cyber Security by IERAE reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
"Hulu" App for Android uses a hard-coded API key for an external service
Overview "Hulu" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service CWE-798. Ryo Sato of BroadBand Security, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact T...
JVN#57073973: "JustSystems JUST Online Update for J-License" starts a program with an unquoted file path
"JustSystems JUST Online Update for J-License" is bundled with multiple products for corporate users provided by JustSystems Corporation, as in Ichitaro through Pro5 and others, and it is registered as a Windows service. "JustSystems JUST Online Update for J-License" starts another program with a...
JVN#40907489: "Hulu / フールー" App for Android uses a hard-coded API key for an external service
"Hulu / フールー" App for Android provided by HJ Holdings, Inc. uses a hard-coded API key for an external service CWE-798. Impact The hard-coded API key may be retrieved via reverse-engineering the application binary. Note that the application users are not directly affected by this vulnerability...
JVN#81563390: "Hulu / フールー" App for iOS vulnerable to improper server certificate verification
"Hulu / フールー" App for iOS provided by HJ Holdings, Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the application Update the application to the latest versi...
WordPress Plugin "Newsletter" vulnerable to cross-site scripting
Overview WordPress Plugin "Newsletter" provided by Stefano Lissa & The Newsletter Team contains a cross-site scripting vulnerability CWE-79. Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
Multiple vulnerabilities in untangle
Overview untangle provided by Christian Stefanescu is a Python library for processing XML documents. untangle contains multiple vulnerabilities listed below. Improper Restriction of Recursive Entity References in DTDs CWE-776 - CVE-2022-33977 Improper Restriction of XML External Entity Reference...
JVN#77850327: WordPress Plugin "Newsletter" vulnerable to cross-site scripting
WordPress Plugin "Newsletter" provided by Stefano Lissa & The Newsletter Team contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the WordPress using the plugin with the administrative privilege...
JVN#30454777: Multiple vulnerabilities in untangle
untangle provided by Christian Stefanescu is a Python library for processing XML documents. untangle contains multiple vulnerabilities listed below. Improper Restriction of Recursive Entity References in DTDs CWE-776 - CVE-2022-33977 Version| Vector| Score ---|---|--- CVSS v3|...
Booked vulnerable to open redirect
Overview Booked provided by Twinkle Toes Software contains an open redirect vulnerability CWE-601. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When...
JVN#75063798: Booked vulnerable to open redirect
Booked provided by Twinkle Toes Software contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the software Update the...
Multiple vulnerabilities in Cybozu Office
Overview Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-839CyVDB-2300CyVDB-3109 Browse restriction bypass vulnerability in Cabinet CWE-284 - CVE-2022-32283 CyVDB-1795 Operation restriction bypass vulnerability in Project CWE-285 - CVE-2022-32544...
JVN#20573662: Multiple vulnerabilities in Cybozu Office
Cybozu Office provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-839CyVDB-2300CyVDB-3109 Browse restriction bypass vulnerability in Cabinet CWE-284 - CVE-2022-32283 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N| Base Score: 4....
U-Boot squashfs filesystem implementation vulnerable to heap-based buffer overflow
Overview U-Boot is a boot loader for multiple platforms, and squashfs filesystem feature is provided since v2020.10-rc2 commit c5100613. squashfs filesystem implementation of U-Boot contains a heap-based buffer overflow vulnerability CWE-122 due to a defect in the metadata reading process...
Django Extract and Trunc functions vulnerable to SQL injection
Overview Django provided by Django Software Foundation is a Web application framework. Extract and Trunc functions of Django used to treat date data contain an SQL injection vulnerabilityCWE-89. Takuto Yoshikai of Aeye Security Lab reported this vulnerability to the developer and coordinated. Aft...
JVN#12610194: Django Extract and Trunc functions vulnerable to SQL injection
Django provided by Django Software Foundation is a Web application framework. Extract and Trunc functions of Django used to treat date data contain an SQL injection vulnerability CWE-89. Impact An attacker may execute an arbitrary SQL command. Data in websites built using the product may be alter...
Passage Drive vulnerable to insufficient data verification
Overview Passage Drive provided by Yokogawa Rental & Lease Corporation contains an insufficient data verification vulnerability for interprocess communication CWE-20. Yokogawa Rental & Lease Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...
JVN#23766146: Passage Drive vulnerable to insufficient data verification
Passage Drive provided by Yokogawa Rental & Lease Corporation contains an insufficient data verification vulnerability for interprocess communication CWE-20. Impact By running a malicious program, an arbitrary OS command may be executed with LocalSystem privilege of the Windows system where the...
Multiple vulnerabilities in Cybozu Garoon
Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-2909 Operation restriction bypass in multiple applications CWE-285 - CVE-2022-30602 CyVDB-3042 Information disclosure in multiple applications CWE-200 - CVE-2022-29512 CyVDB-3111 Improper input...
LiteCart vulnerable to cross-site scripting
Overview LiteCart contains a cross-site scripting vulnerability CWE-79. Satoshi Horikoshi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the web browser of the user wh...
JVN#32625020: LiteCart vulnerable to cross-site scripting
LiteCart contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the web site using the product. Solution Update the software Update the software to the latest version according to the information provided by...
JVN#14077132: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-2909 Operation restriction bypass in multiple applications CWE-285 - CVE-2022-30602 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L| Base Score: 5.4 CVSS v2|...
HOME SPOT CUBE2 vulnerable to OS command injection
Overview HOME SPOT CUBE2 provided by KDDI CORPORATION contains an OS command injection vulnerability CWE-78 due to improper processing of data received from DHCP server. Alice Rose reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...
JVN#41017328: HOME SPOT CUBE2 vulnerable to OS command injection
HOME SPOT CUBE2 provided by KDDI CORPORATION contains an OS command injection vulnerability CWE-78 due to improper processing of data received from DHCP server. Impact An arbitrary OS command may be executed on the product if a malicious DHCP server is placed on the WAN side of the product...
L2Blocker Sensor setup screen vulnerable to authentication bypass
Overview L2Blocker provided by SOFTCREATE CORP. contains a vulnerability CWE-288 in which the login authentication is bypassed by using alternative paths or channels for Sensor. Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#51464799: L2Blocker Sensor setup screen vulnerable to authentication bypass
L2Blocker provided by SOFTCREATE CORP. contains a vulnerability CWE-288 in which the login authentication is bypassed by using alternative paths or channels for Sensor. Impact An attacker who can access the device may perform an unauthorized login and obtain the stored information or cause a...
web2py vulnerable to open redirect
Overview web2py contains an open redirect vulnerability CWE-601. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When accessing a specially crafted URL, t...