JVN#02158640: web2py vulnerable to open redirect

web2py contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Update the Software Update the software to the latest version accordi...

Gitlab vulnerable to server-side request forgery

Overview Gitlab contains a server-side request forgery vulnerability CWE-918 through the Project Import feature. Kanta Nishitani of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to IPA, and...

JVN#93667442: Gitlab vulnerable to server-side request forgery

Gitlab contains a server-side request forgery vulnerability CWE-918 through the Project Import feature. Impact The vulnerability allows an attacker to make arbitrary HTTP/HTTPS or git requests inside a GitLab instance's network. Solution Update the software Update the software to the latest versi...

Growi vulnerable to weak password requirements

Overview GROWI provided by WESEEK, Inc. contains a weak password requirements vulnerability CWE-521, CVE-2022-1236. 418sec first reported this vulnerability to JPCERT/CC, then JPCERT/CC contacted WSEEK, Inc. as a coordinator. After the coordination between 418sec and WESEEK, Inc. was completed,...

FreeBSD vulnerable to denial-of-service (DoS)

Overview FreeBSD contains a denial-of-service DoS vulnerability CWE-400 due to improper handling of TSopt on TCP connections. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the software Update the software to the latest version according to the...

JVN#20930118: FreeBSD vulnerable to denial-of-service (DoS)

FreeBSD contains a denial-of-service DoS vulnerability CWE-400 due to improper handling of TSopt on TCP connections. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the software Update the software to the latest version according to the information...

Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting

Overview Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc., with firmware versions prior to 12.250SY, improperly processes user input and generates error pages, leading to a cross-site scripting vulnerability CWE-79. The vulnerability has been addressed on 12.250SY released in...

JVN#94363766: Cisco Catalyst 2940 Series Switches vulnerable to cross-site scripting

Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc., with firmware versions prior to 12.250SY, improperly processes user input and generates error pages, leading to a cross-site scripting vulnerability CWE-79. The vulnerability has been addressed on 12.250SY released in 2011 Cisco...

SHIRASAGI vulnerable to cross-site scripting

Overview SHIRASAGI provided by SHIRASAGI Project contains a cross-site scripting vulnerability CWE-79. hibiki moriyama of STNet, Incorporated reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary scri...

JVN#32962443: SHIRASAGI vulnerable to cross-site scripting

SHIRASAGI provided by SHIRASAGI Project contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is using the product. Solution Update the Software Update to the latest version according to the information provided by the...

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

Overview Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Privilege escalation and arbitrary DLL loading due to an incorrect...

T&D Data Server and THERMO RECORDER DATA SERVER contain a directory traversal vulnerability.

Overview T Data Server and THERMO RECORDER DATA SERVER provided by T Corporation contain a directory traversal vulnerability CWE-22. Shun Asai of FiveDrive, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...

WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting

Overview WordPress Plugin "Modern Events Calendar Lite" provided by Webnus contains a stored cross-site scripting vulnerability CWE-79. Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

JVN#04155116: WordPress Plugin "Modern Events Calendar Lite" vulnerable to cross-site scripting

WordPress Plugin "Modern Events Calendar Lite" provided by Webnus contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the website using the plugin. Solution Update the plugin Update the plugin to t...

JVN#28659051: T&D Data Server and THERMO RECORDER DATA SERVER vulnerable to directory traversal

T&D Data Server and THERMO RECORDER DATA SERVER provided by T&D Corporation contain a directory traversal vulnerability CWE-22. Impact Arbitrary files on the server may be viewed by a remote attacker. Solution Update the software Update the software to the latest version according to the...

RevoWorks incomplete filtering of MS Office v4 macros

Overview RevoWorks SCVX, RevoWorks Browser and RevoWorks Desktop provided by J's Communication Co., Ltd. enables users to execute web browsers, accessing drives, folders, files and registries in a sandboxed environment. Users can download files from the internet to the sandboxed environment,...

Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification

Overview Mobaoku-Auction & Flea Market App for iOS provided by DeNA Co., Ltd. is vulnerable to improper server certificate verification CWE-295. Okazawa Yoshihiro reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

Multiple vulnerabilities in Fuji Electric V-SFT

Overview Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" provided by FUJI ELECTRIC CO., LTD. Out-of-bounds Write CWE-787 - CVE-2022-30538 Out-of-bounds Read CWE-125 - CVE-2022-30546 Heap-based Buffer Overflow CWE-122 - CVE-2022-26302 Use...

Multiple vulnerabilities in Fuji Electric V-SFT, V-Server and V-Server Lite

Overview Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" and the remote monitoring software "V-Server" and "V-Server Lite" provided by FUJI ELECTRIC CO., LTD. Out-of-bounds Read in V-SFT CWE-125 - CVE-2022-29506 Out-of-bounds Read in...

Multiple vulnerabilities in CONTEC SolarView Compact

Overview SolarView Compact provided by CONTEC CO., LTD. is PV Measurement System. SolarView Compact contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2022-29303 Improper validation of input values on the send test mail console of the product's web server may result...

JVN#13878856: Mobaoku-Auction & Flea Market App for iOS vulnerable to improper server certificate verification

Mobaoku-Auction & Flea Market App for iOS provided by DeNA Co., Ltd. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the application Update the application to the...

JVN#27256219: RevoWorks incomplete filtering of MS Office v4 macros

RevoWorks SCVX, RevoWorks Browser and RevoWorks Desktop provided by J's Communication Co., Ltd. enables users to execute web browsers, accessing drives, folders, files and registries in a sandboxed environment. Users can download files from the internet to the sandboxed environment, sanitizing...

Trend Micro Password Manager vulnerable to privilege escalation

Overview Trend Micro Incorporated has released a security update for Trend Micro Password Manager. Trend Micro Incorporated reported the vulnerability to JPCERT/CC to notify users of the solutions through JVN. Impact A non-administrative user of the system where the affected product is installed...

WordPress plugin "WP Statistics" vulnerable to cross-site scripting

Overview WordPress plugin "WP Statistics" provided by VeronaLabs contains a cross-site scripting vulnerability CWE-79. Shogo Kumamaru of LAC CyberLink Co., Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

JVN#15241647: WordPress plugin "WP Statistics" vulnerable to cross-site scripting

WordPress plugin "WP Statistics" provided by VeronaLabs contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the web site using the product. Solution Update the plugin Update the plugin according to th...

Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)

Overview Spring Security OAuth spring-security-oauth2 provided by VMware, Inc. contains a denial-of-service vulnerability due to uncontrolled resource consumption CWE-400. Note that Spring Security OAuth spring-security-oauth2 is no longer supported, therefore Spring Security has been developed a...

JVN#15317878: Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)

Spring Security OAuth spring-security-oauth2 provided by VMware, Inc. contains a denial-of-service vulnerability due to uncontrolled resource consumption CWE-400. Note that Spring Security OAuth spring-security-oauth2 is no longer supported, therefore Spring Security has been developed as the...

Multiple vulnerabilities in Rakuten Casa

Overview Rakuten Casa provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. Use of Hard-coded Credentials CWE-798 - CVE-2022-29525 Improper Access Control CWE-284 - CVE-2022-28704 Improper Access Control CWE-284 - CVE-2022-26834 CVE-2022-29525 Narumi Hirai of LAC Co.,...

JVN#46892984: Multiple vulnerabilities in Rakuten Casa

Rakuten Casa provided by Rakuten Mobile, Inc. contains multiple vulnerabilities listed below. Use of Hard-coded Credentials CWE-798 - CVE-2022-29525 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 5.9 CVSS v2| AV:N/AC:M/Au:N/C:C/I:N/A:N| Base...

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1584CyVDB-2670 Operation restriction bypass vulnerability in Bulletin CWE-285 - CVE-2022-28718 CyVDB-1865CyVDB-2692 Operation restriction bypass vulnerability in Workflow CWE-285 - CVE-2022-27661...

JVN#73897863: Multiple vulnerabilities in Cybozu Garoon

Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-1584CyVDB-2670 Operation restriction bypass vulnerability in Bulletin CWE-285 - CVE-2022-28718 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N| Base Score: 4.3 CVS...

Strapi vulnerable to cross-site scripting

Overview Strapi contains a stored cross-site scripting vulnerability CWE-79 in the file upload function. Yuta Morioka of Information Science College reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitra...

EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery

Overview EC-CUBE plugin "Easy Blog for EC-CUBE4" provided by COREMOBILE Co. Ltd. contains a cross-site request forgery vulnerability CWE-352. Furukawa Natsumi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

Installer of Trend Micro HouseCall for Home Networks may insecurely load Dynamic Link Libraries

Overview Trend Micro Incorporated has released a security update for HouseCall for Home Networks. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact Installer of Trend Micro HouseCall for Home Networks contains an issue with the D...

JVN#44550983: Strapi vulnerable to cross-site scripting

Strapi contains a stored cross-site scripting vulnerability CWE-79 in the file upload function. Impact An arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege. Solution Update the Software Update the software to the...

JVN#46241173: EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery

EC-CUBE plugin "Easy Blog for EC-CUBE4" provided by COREMOBILE Co. Ltd. contains a cross-site request forgery vulnerability CWE-352. Impact If a site administrator who is logging in to the management screen of EC-CUBE on which the plug-in is installed accesses a specially crafted page, a blog...

Command injection vulnerability in QNAP VioStar series NVR

Overview VioStar series NVR provided by QNAP Systems, Inc. contains a command injection vulnerability CVE-2022-27588, CWE-77. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An arbitrary command may be executed by a remote...

Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries

Overview Installer of Trend Micro Password Manager provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eiji James Yoshida of Security Professionals Network Inc. reported this vulnerability to IPA...

JVN#60037444: Installer of Trend Micro Password Manager may insecurely load Dynamic Link Libraries

Installer of Trend Micro Password Manager provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use...

GENEREX RCCMD vulnerable to directory traversal

Overview RCCMD provided by GENEREX SYSTEMS Computervertriebsgesellschaft mbH contains a directory traversal vulnerability CWE-22. Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#60801132: GENEREX RCCMD vulnerable to directory traversal

RCCMD provided by GENEREX SYSTEMS Computervertriebsgesellschaft mbH contains a directory traversal vulnerability CWE-22. Impact Arbitrary files on the server may be viewed or altered by an attacker. Solution Update the software Update the software to the latest version according to the informatio...

Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM

Overview FUJITSU Network IPCOM provided by FUJITSU LIMITED is an integrated network appliance. Operation management interface used to operate FUJITSU Network IPCOM contains multiple vulnerabilities listed below. OS command injection in the web console CWE-78 - CVE-2022-29516 Buffer overflow in th...

KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass

Overview Screen Creator Advance2 provided by KOYO ELECTRONICS INDUSTRIES CO., LTD. is a screen development tool for KOYO ELECTRONICS's HMI. Screen Creator Advance2 contains an authentication bypass vulnerability CWE-807 due to the improper check for the Remote control setting's account names. KOY...

Multiple vulnerabilities in multiple MEIKYO ELECTRIC products

Overview Multiple MEIKYO ELECTRIC products provided by MEIKYO ELECTRIC CO.,LTD. contain multiple vulnerabilities listed below. Cross-site request forgery CWE-352 - CVE-2022-27632 Cross-site scripting CWE-79 - CVE-2022-28717 Takayuki Sasaki of Yokohama National University reported these...

JVN#50337155: KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass

Screen Creator Advance2 provided by KOYO ELECTRONICS INDUSTRIES CO., LTD. is a screen development tool for KOYO ELECTRONICS's HMI. Screen Creator Advance2 contains an authentication bypass vulnerability CWE-807 due to the improper check for the Remote control setting's account names. Impact An...

JVN#96561229: Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM

FUJITSU Network IPCOM provided by FUJITSU LIMITED is an integrated network appliance. Operation management interface used to operate FUJITSU Network IPCOM contains multiple vulnerabilities listed below. OS command injection in the web console CWE-78 - CVE-2022-29516 Version| Vector| Score...

JVN#58266015: Multiple vulnerabilities in multiple MEIKYO ELECTRIC products

Multiple MEIKYO ELECTRIC products provided by MEIKYO ELECTRIC CO.,LTD. contain multiple vulnerabilities listed below. Cross-site request forgery CWE-352 - CVE-2022-27632 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L| Base Score: 5.4 CVSS v2|...

Hammock AssetView missing authentication for critical functions

Overview AssetView provided by Hammock Corporation misses authentication for some critical functions CWE-306 on the managing server. Denis Faiustov, Ruslan Sayfiev of GMO Cyber Security by IERAE reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

JVN#54857505: Hammock AssetView missing authentication for critical functions

AssetView provided by Hammock Corporation misses authentication for some critical functions CWE-306 on the managing server. Impact With some knowledge on the system configuration, a remote attacker may upload a crafted configuration file to the managing server, which results in the managed client...

WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" vulnerable to cross-site request forgery

Overview WordPress Plugin "MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership" provided by VideoWhisper contains a cross-site request forgery vulnerability CWE-352. Kosuke Sakai reported and coordinated with the developer to fix this vulnerability. After coordination was...