5609 matches found
JVN#29949691: Inkdrop vulnerable to OS command injection
Inkdrop provided by Takuya Matsuyama is a Markdown editor. Inkdrop contains an OS command injection vulnerability CWE-78. Impact If a file or code snippet containing an invalid iframe is loaded into Inkdrop, an arbitrary OS command may be executed on the system where it runs. Solution Update the...
Hitachi Virtual File Platform vulnerable to OS command injection
Overview Hitachi Virtual File Platform provided by Hitachi contains an OS command injection vulnerability CWE-78 due to a flaw in processing parameters of the HTTP requests. Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#21298724: Hitachi Virtual File Platform vulnerable to OS command injection
Hitachi Virtual File Platform provided by Hitachi contains an OS command injection vulnerability CWE-78 due to a flaw in processing parameters of the HTTP requests. Impact A remote attacker who can log in to the product may execute an arbitrary OS command with root privilege. Solution Update the...
Hitachi Application Server Help vulnerable cross-site scripting
Overview Hitachi Application Server Help contains a cross-site scripting vulnerability CWE-79. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrar...
JVN#03776901: Hitachi Application Server Help vulnerable cross-site scripting
Hitachi Application Server Help contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the appropriate latest version of the help according to the information provided by the developer. Product...
Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE
Overview Multiple EC-CUBE plugins provided by EC-CUBE CO.,LTD. contain multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability CWE-79 - CVE-2021-20742 Cross-site scripting vulnerability CWE-79 - CVE-2021-20743 Cross-site scripting vulnerability CWE-79 -...
Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting
Overview Multiple EC-CUBE plugins provided by ETUNA contain a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by executing a specific operation on the management page of EC-CUBE. As of 2021 June 15, an attack exploting this vulnerability has been observed in the wil...
JVN#57524494: Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE
Multiple EC-CUBE plugins provided by EC-CUBE CO.,LTD. contain multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability CWE-79 - CVE-2021-20742 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L| Base Score: 7.1 CVSS v2|...
JVN#79254445: Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting
Multiple EC-CUBE plugins provided by ETUNA contain a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by executing a specific operation on the management page of EC-CUBE. As of 2021 June 15, an attack exploting this vulnerability has been observed in the wild. Impact...
Asken App for Android fails to restrict custom URL schemes properly
Overview Asken App for Android by asken Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to access ...
Multiple vulnerabilities in GROWI
Overview GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. NoSQL injection CWE-943 - CVE-2021-20736 Improper authentication CWE-287 - CVE-2021-20737 Impact The expected impact depends on each vulnerability, but it may be affected as follows. A user who can access the...
JVN#38034268: あすけん App for Android fails to restrict custom URL schemes properly
あすけん App for Android by asken Inc. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to access an arbitra...
JVN#95457785: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. NoSQL injection CWE-943 - CVE-2021-20736 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 7.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5 Improper...
WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
Overview WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a stored cross-site scripting vulnerability CWE-79. Yu Iwama of Secure Sky Technology Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#70566757: WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a stored cross-site scripting vulnerability CWE-79. Impact If a user views a malicious page while logged in to the affected system with the administrative privilege, an arbitrary script may be executed. Solution Update the...
urllib3 vulnerable to Regular expression Denial-of-Service (ReDoS)
Overview urllib3 contains a Regular expression Denial-of-Service DoS vulnerability. urllib3, an HTTP client module for Python, contains a Regular expression Denial-of-Service ReDoS vulnerability CWE-400, CVE-2021-33503 due to catastrophic backtracking while processing a malicious URL. Nariyoshi...
ATOM - Smart life App vulnerable to improper server certificate verification
Overview ATOM - Smart life App provided by ATOM tech Inc. is vulnerable to improper server certificate verification CWE-295. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#64064138: ATOM - Smart life App vulnerable to improper server certificate verification
ATOM - Smart life App provided by ATOM tech Inc. is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update the application to the latest version...
goo blog App fails to restrict custom URL schemes properly
Overview goo blog App by NTT Resonant Incorporated provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-284 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to...
JVN#91691168: goo blog App fails to restrict custom URL schemes properly
goo blog App by NTT Resonant Incorporated provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly CWE-284 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to access an...
Multiple vulnerabilities in Buffalo WSR-1166DHP3 and WSR-1166DHP4 routers
Overview Buffalo WSR-1166DHP3 and WSR-1166DHP4 routers provided by Buffalo Inc. contain multiple vulnerabilities listed below. Improper access control CWE-284 - CVE-2021-20730 OS command injection CWE-78 - CVE-2021-20731 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC...
Zettlr vulnerable to cross-site scripting
Overview Zettlr provided by Hendrik Erz is a Markdown editor. Zettlr contains a cross-site scripting vulnerability CWE-79. Eiji Mori of flatt security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If ...
JVN#98239374: Zettlr vulnerable to cross-site scripting
Zettlr provided by Hendrik Erz is a Markdown editor. Zettlr contains a cross-site scripting vulnerability CWE-79. Impact If a file or code snippet containing an invalid iframe is loaded into Zettlr, an arbitrary script may be executed on the system where it runs. Solution Update the Software Upda...
Hitachi Ops Center Analyzer vulnerability of communication using a certificate not intended by the user
Overview Hitachi Ops Center Analyzer has a vulnerability of communication using a certificate not intended by the user. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure...
The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries
Overview The installers of ScanSnap Manager provided by FUJITSU LIMITED contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wi...
Installer of Overwolf may insecurely load Dynamic Link Libraries
Overview Overwolf is a software framework for creating applications for games. The Overwolf Installer contains an issue with the DLL search path CWE-427, which may lead to insecurely loading Dynamic Link Libraries stored in the same directory where the installer resides. Shogo kumamaru of LAC Co....
Multiple cross-site scripting vulnerabilities in multiple PHP Factory products
Overview Multiple products provided by PHP Factory contain multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability CWE-79 - CVE-2021-20723 Reflected cross-site scripting vulnerability in the admin page CWE-79 - CVE-2021-20724 Reflected cross-site...
QND vulnerable to privilege escalation
Overview QND provided by QualitySoft Corporation contains a privilege escalation vulnerability CWE-268. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. RedTeam reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
JVN#78254777: Installer of Overwolf may insecurely load Dynamic Link Libraries
Overwolf is a software framework for creating applications for games. The Overwolf Installer contains an issue with the DLL search path CWE-427, which may lead to insecurely loading Dynamic Link Libraries stored in the same directory where the installer resides. Impact Arbitrary code may be...
JVN#74686032: QND vulnerable to privilege escalation
QND provided by QualitySoft Corporation contains a privilege escalation vulnerability CWE-268. Impact A user who can log in to the PC where the product's Windows client is installed may obtain administrative privileges. As a result, sensitive information may be modified/obtained or unintended...
JVN#53910556: Multiple cross-site scripting vulnerabilities in multiple PHP Factory products
Multiple products provided by PHP Factory contain multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability CWE-79 - CVE-2021-20723 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.7 CVSS v2|...
JVN#65733194: The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries
The installers of ScanSnap Manager provided by FUJITSU LIMITED contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...
mod_auth_openidc vulnerable to denial-of-service (DoS)
Overview modauthopenidc provided by ZmartZone is an OpenID Connect's Relying Party module for Apache HTTP Server. This module contains a denial-of-service DoS vulnerability CWE-400. Tatsuhiko Yasumatsu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points
Overview Cisco Small Business Series Wireless Access Points provided by Cisco Systems, Inc. contain multiple vulnerabilities listed below. Improper access control CWE-284 - CVE-2021-1400 Command injection CWE-78 - CVE-2021-1401 Shuto Imai of LAC Co., Ltd. reported this vulnerability to IPA...
JVN#71263107: Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points
Cisco Small Business Series Wireless Access Points provided by Cisco Systems, Inc. contain multiple vulnerabilities listed below. Improper access control CWE-284 - CVE-2021-1400 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2|...
JVN#49704918: mod_auth_openidc vulnerable to denial-of-service (DoS)
modauthopenidc provided by ZmartZone is an OpenID Connect's Relying Party module for Apache HTTP Server. This module contains a denial-of-service DoS vulnerability CWE-400. Impact A remote attacker may cause a denial-of-service DoS condition. Solution Update the software Update to the latest...
Multiple vulnerabilities in KonaWiki2
Overview KonaWiki2 provided by kujirahand contains multiple vulnerabilites listed below. SQL Injection CWE-89 - CVE-2021-20720 Unrestricted upload of file with dangerous type CWE-434 - CVE-2021-20721 apple502j reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
RFNTPS vulnerable to OS command injection
Overview RFNTPS provided by NIPPON ANTENNA Co.,Ltd. is a terrestrial reception type NTP server. RFNTPS contains an OS command injection vulnerability CWE-78. Tomoomi Iwata of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
JVN#13076220: RFNTPS vulnerable to OS command injection
RFNTPS provided by NIPPON ANTENNA Co.,Ltd. is a terrestrial reception type NTP server. RFNTPS contains an OS command injection vulnerability CWE-78. Impact A user on the same LAN who can access the product may execute an arbitrary OS command with root privilege. Solution Update the Firmware Updat...
JVN#34232719: Multiple vulnerabilities in KonaWiki2
KonaWiki2 provided by kujirahand contains multiple vulnerabilites listed below. SQL Injection CWE-89 - CVE-2021-20720 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 7.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5 Unrestricted upload...
EC-CUBE vulnerable to cross-site scripting
Overview EC-CUBE provided by EC-CUBE CO.,LTD. contains a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by executing a specific operation on the management page of EC-CUBE. As of 2021 May 10, an attack exploting this vulnerability has been observed in the wild...
JVN#97554111: EC-CUBE vulnerable to cross-site scripting
EC-CUBE provided by EC-CUBE CO.,LTD. contains a cross-site scripting vulnerability CWE-79. An arbitrary script may be executed by executing a specific operation on the management page of EC-CUBE. As of 2021 May 10, an attack exploting this vulnerability has been observed in the wild. Impact If a...
Multiple Buffalo network devices contain hidden functionality
Overview Multiple network devices provided by BUFFALO INC. contain hidden functionality CWE-912 that allows an attacker to enable the debug option. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact A network-adjacent attacker...
Multiple vulnerabilities in Buffalo broadband routers
Overview Multiple broadband routers provided by BUFFALO INC. contain multiple vulnerabilities listed below. Disclosure of sensitive information to an unauthorized user CWE-200 - CVE-2021-3511 Improper access control CWE-284 - CVE-2021-3512 Chuya Hayakawa of 00One, Inc. reported this vulnerability...
WordPress plugin "WP Fastest Cache" vulnerable to directory traversal
Overview WordPress plugin "WP Fastest Cache" provided by Emre Vona contains a directory traversal vulnerability CWE-22. Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the developer and coordinated on his own. After coordination was completed, this case was report...
Hot Pepper Gourmet App fails to restrict access permissions
Overview Hot Pepper Gourmet App provided by Recruit Co., Ltd. implements the function to access a requested URL using Custom URL Scheme. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an request from an arbitrary App and execut...
JVN#97434260: Hot Pepper Gourmet App fails to restrict access permissions
Hot Pepper Gourmet App provided by Recruit Co., Ltd. implements the function to access a requested URL using Custom URL Scheme. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an request from an arbitrary App and execute access...
JVN#35240327: WordPress plugin "WP Fastest Cache" vulnerable to directory traversal
WordPress plugin "WP Fastest Cache" provided by Emre Vona contains a directory traversal vulnerability CWE-22. Impact Arbitrary files on the server may be deleted by a user with an administrative privilege. Solution Update the plugin Update the plugin according to the information provided by the...
yappa-ng vulnerable to cross-site scripting
Overview yappa-ng provided by yet another PHP photo album next generation according to the original report submitted by the reporter is a PHP photo gallery. yappa-ng contains a cross-site scripting vulnerability CWE-79 which allows unintentional script execution on the user's web browser. During...
JVN#55833077: yappa-ng vulnerable to cross-site scripting
yappa-ng provided by yet another PHP photo album next generation according to the original report submitted by the reporter is a PHP photo gallery. yappa-ng contains a cross-site scripting vulnerability CWE-79 which allows unintentional script execution on the user's web browser. Impact An...