5609 matches found
Apache Struts 2 vulnerable to remote code execution (S2-061)
Overview Apache Struts 2 provided by The Apache Software Foundation contains a remote code execution vulnerability due to improper input validation CWE-20. Masato Anzai of Aeye Security Lab, inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securi...
JVN#55917325: Multiple vulnerabilities in Aterm SA3500G
Aterm SA3500G provided by NEC Corporation contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5635 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2| AV:A/AC:L/Au:N/C:P/I:P/A:P| Base Score: 5.8 OS...
JVN#43969166: Apache Struts 2 vulnerable to remote code execution (S2-061)
Apache Struts 2 provided by The Apache Software Foundation contains a remote code execution vulnerability due to improper input validation CWE-20. Impact A remote attacker may execute arbitrary code. Solution Update the software Update the software to the latest version according to the informati...
FileZen vulnerable to directory traversal
Overview FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface. FileZen contains a directory traversal vulnerability CWE-22. Soliton Systems K.K. reported this vulnerability to IPA to notify users of its solution through JVN...
JVN#12884935: FileZen vulnerable to directory traversal
FileZen provided by Soliton Systems K.K. is an appliance for secure file transfer and sharing by mail or an web interface. FileZen contains a directory traversal vulnerability CWE-22. Impact A remote attacker may upload an arbitrary file in the specific directory in the product. If a specialy...
ServerProtect for Linux vulnerable to heap-based buffer overflow
Overview Kernel Hook Module for ServerProtect for Linux provided by Trend Micro Incorporated contains a heap-based buffer overflow vulnerability CWE-122. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN. Impact An attacker who can...
Apache Cordova Plugin camera vulnerable to information exposure
Overview Apache Cordova Plugin camera is a plugin for Apache Cordova applications, which provides an API for taking pictures and for choosing images from the system image library. Vulnerable versions of Apache Cordova Plugin camera, when used in Android applications, use the external storage on t...
JVN#59779918: Apache Cordova Plugin camera vulnerable to information exposure
Apache Cordova Plugin camera is a plugin for Apache Cordova applications, which provides an API for taking pictures and for choosing images from the system image library. Vulnerable versions of Apache Cordova Plugin camera, when used in Android applications, use the external storage on the device...
Multiple vulnerabilities in EC-CUBE
Overview EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple vulnerabilities listed below. Clickjacking attacks CWE-1021 - CVE-2020-5679 Improper input validation CWE-20 - CVE-2020-5680 EC-CUBE CO.,LTD. reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN...
desknet's NEO vulnerable to cross-site scripting
Overview desknet's NEO provided by NEOJAPAN Inc. contains a stored cross-site scripting vulnerability CWE-79. Ryo Sato of BroadBand Security,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...
JVN#42199826: desknet's NEO vulnerable to cross-site scripting
desknet's NEO provided by NEOJAPAN Inc. contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the software Update the software to the latest version according to the information provided by the...
JVN#24457594: Multiple vulnerabilities in EC-CUBE
EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple vulnerabilities listed below. Clickjacking attacks CWE-1021 - CVE-2020-5679 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score: 4.3 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 Imprope...
Multiple vulnerabilities in GROWI
Overview GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Information disclosure CWE-200 - CVE-2020-5676 Reflected cross-site scripting vulnerability due to a flaw in processing input URLs CWE-79 - CVE-2020-5677 Stored cross-site scripting vulnerability due to a flaw...
JVN#56450373: Multiple vulnerabilities in GROWI
GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Information disclosure CWE-200 - CVE-2020-5676 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:N/A:N| Base Score: 5.0 Reflected...
NETGEAR GS108Ev3 vulnerable to cross-site request forgery
Overview GS108Ev3 switching hub provided by NETGEAR contains a cross-site request forgery vulnerability CWE-352. Yuta Ikegami reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a user views a malicious page...
JVN#27806339: NETGEAR GS108Ev3 vulnerable to cross-site request forgery
GS108Ev3 switching hub provided by NETGEAR contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in to the management screen of the device, the product's settings may be changed without the user's intention or consent. Solution Update th...
The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
Overview The installers of multiple products by SEIKO EPSON CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wi...
JVN#26835001: The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries
The installers of multiple products by SEIKO EPSON CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...
Trend Micro Security 2020 (Consumer) is vulnerable to arbitrary file deletion
Overview Trend Micro Security 2020 Consumer provided by Trend Micro Incorporated contains an arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges. Trend Micro Incorporated...
Hibernate ORM vulnerable to SQL injection
Overview Hibernate ORM is an ORM framework for Java. Hibernate ORM can be configured hibernate.usesqlcomments to true, which is false by default to add comments to generated SQL statements, aimed at debugging purpose. When hibernate.usesqlcomments is configured to true, malicious input may produc...
JVN#90729322: Hibernate ORM vulnerable to SQL injection
Hibernate ORM is an ORM framework for Java. Hibernate ORM can be configured hibernate.usesqlcomments to true, which is false by default to add comments to generated SQL statements, aimed at debugging purpose. When hibernate.usesqlcomments is configured to true, malicious input may produce...
Multiple vulnerabilities in KonaWiki3
Overview KonaWiki3 is a lightweight wiki clone that supports Japanese wiki notation. KonaWiki3 contains multiple vulnerabilities listed below. Path Traversal CWE-22 - CVE-2020-5670 Path Traversal CWE-22 - CVE-2020-5671 Stored Cross-site Scripting CWE-79 - CVE-2020-5672 Reflected Cross-site...
Movable Type Premium vulnerable to cross-site scripting
Overview Movable Type Premium provided by Six Apart Ltd. contains a cross-site scripting vulnerability CWE-79. Six Apart Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Six Apart Ltd. coordinated under the Information Security Early Warning...
JVN#94245475: Movable Type Premium vulnerable to cross-site scripting
Movable Type Premium provided by Six Apart Ltd. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the software Update the software to the latest version according to the information provided by the...
MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption
Overview MELSEC iQ-R series CPU modules provided by Mitsubishi Electric Corporation contain an uncontrolled resource consumption vulnerability CWE-400. According to the developer, in case of "To Use or Not to Use Web Server Settings" in the parameter of CPU modules are set to "Not Use", this issu...
JVN#44764844: MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption
MELSEC iQ-R series CPU modules provided by Mitsubishi Electric Corporation contain an uncontrolled resource consumption vulnerability CWE-400. According to the developer, in case of "To Use or Not to Use Web Server Settings" in the parameter of CPU modules are set to "Not Use", this issue does no...
Multiple vulnerabilities in XOOPS module "XooNIps"
Overview XOOPS module "XooNIps" contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2020-5659 Reflected cross-site scripting CWE-79 - CVE-2020-5662 Stored cross-site scripting CWE-79 - CVE-2020-5663 Deserialization of untrusted data CWE-502 - CVE-2020-5664 stypr of Flatt...
Studyplus App uses a hard-coded API key for an external service
Overview Studyplus App provided by Studyplus Inc. uses a hard-coded API key for an external service CWE-798. Ryo Sato of BroadBand Security,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact API key for an...
Cybozu Garoon vulnerable to improper input validation
Overview Cybozu Garoon provided by Cybozu, Inc. contains an improper input validation vulnerability CWE-20. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early Warning...
JVN#00414047: Studyplus App uses a hard-coded API key for an external service
Studyplus App provided by Studyplus Inc. uses a hard-coded API key for an external service CWE-798. Impact API key for an external service may be obtained by analyzing data in the app. Note that a user is not directly affected by this vulnerability. Solution Update the Application Update the...
JVN#57942454: Cybozu Garoon vulnerable to improper input validation
Cybozu Garoon provided by Cybozu, Inc. contains an improper input validation vulnerability CWE-20. Impact A user who can login to the product may delete some data of the bulletin board. Solution Update the software and Apply the patch Update the software to Cybozu Garoon version 5.0.2, and then...
Local File Inclusion vulnerability in OneThird CMS
Overview OneThird CMS provided SpiQe Software is a content management system CMS. OneThird CMS contains a Local File Inclusion vulnerability CWE-98. Impact Sensitive information may be obtained or arbitrary code may be executed by an unauthenticated remote attacker. Solution Update the Software...
Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"
Overview WordPress Plugin "Simple Download Monitor" provided by Tips and Tricks HQ contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2020-5650 SQL Injection CWE-89 - CVE-2020-5651 Gen Sato of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to the...
JVN#31425618: Multiple vulnerabilities in WordPress Plugin "Simple Download Monitor"
WordPress Plugin "Simple Download Monitor" provided by Tips and Tricks HQ contains multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2020-5650 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...
WordPress Plugin "Live Chat - Live support" vulnerable to cross-site request forgery
Overview WordPress Plugin "Live Chat - Live support" provided by onWebChat contains a cross-site request forgery vulnerability CWE-352. Yusuke Fukuda of Cryptography Laboratory, Department of Information and Communication Engineering, Tokyo Denki University reported this vulnerability to the...
JVN#92404841: WordPress Plugin "Live Chat – Live support" vulnerable to cross-site request forgery
WordPress Plugin "Live Chat - Live support" provided by onWebChat contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious web page while logged in, unintended operations may be performed. Solution Update the plugin Update the plugin according to the...
Trend Micro Antivirus for Mac vulnerable to a privilege escalation
Overview Antivirus for Mac provided by Trend Micro Incorporated contain a symbolic link privilege escalation vulnerability CWE-61. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated unde...
OS command injection vulnerability in multiple ELECOM LAN routers
Overview Multiple ELECOM LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability CWE-78. Katsuhiko Satoa.k.a. gorohkun of 00One, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
JVN#82892096: OS command injection vulnerability in multiple ELECOM LAN routers
Multiple ELECOM LAN routers provided by ELECOM CO.,LTD. contain an OS command injection vulnerability CWE-78. Impact A remote attacker who can access the management screen of the affected device may execute an arbitrary OS command with root privilege. Solution Apply the appropriate firmware updat...
InfoCage SiteShell installs their files with improper access permissions
Overview InfoCage SiteShell provided by NEC Corporation installs their files with improper access permissions CWE-732. Especially, the service executable files can be modified by Everyone users. NEC Corporation reported this vulnerability to IPA to notify users of its solution through JVN...
JVN#07426151: InfoCage SiteShell installs their files with improper access permissions
InfoCage SiteShell provided by NEC Corporation installs their files with improper access permissions CWE-732. Especially, the service executable files can be modified by Everyone users. Impact The service executable files may be modified by local users, resulting in arbitrary code execution with ...
CMONOS.JP vulnerable to cross-site scripting
Overview CMONOS.JP provided CMONOS Co. Ltd. is a content management system CMS. CMONOS.JP contains a stored cross-site scripting vulnerability CWE-79. stypr of Flatt Security Inc. reported this vulnerability to the developer and coordinated on his own. After coordination was completed, this case...
ServerProtect for Linux vulnerable to OS command injection
Overview ServerProtect for Linux provided by Trend Micro Incorporated contains an OS command injection vulnerability CWE-78. Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact A remote authenticated attacker may execute arbitrary code. Soluti...
Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
Overview Active Update function implemented in Premium Security 2019 for Windows v15, Maximum Security 2019 for Windows v15, Internet Security 2019 for Windows v15 and Antivirus+ 2019 for Windows v15 provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Update files...
JVN#60093979: Multiple vulnerabilities in Active Update function implemented in multiple Trend Micro products
Active Update function implemented in Premium Security 2019 for Windows v15, Maximum Security 2019 for Windows v15, Internet Security 2019 for Windows v15 and Antivirus+ 2019 for Windows v15 provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. Update files are not...
Multiple access restriction bypass vulnerabilities in UNIQLO App
Overview UNIQLO App provided by UNIQLO CO., LTD. contains multiple access restriction bypass vulnerabilities below. A remote attacker may be able to lead a user to access an arbitrary website via the vulnerable App. The App launched by a Custom URL Scheme may lead a user to access an arbitrary UR...
JVN#31864411: Multiple access restriction bypass vulnerabilities in UNIQLO App
UNIQLO App provided by UNIQLO CO., LTD. contains multiple access restriction bypass vulnerabilities below. A remote attacker may be able to lead a user to access an arbitrary website via the vulnerable App. The App launched by a Custom URL Scheme may lead a user to access an arbitrary URL -...
Multiple vulnerabilities in Buffalo AirStation WHR-G54S
Overview Buffalo AirStation WHR-G54S contains multiple vulnerabilities listed below. Directory Traversal - CVE-2020-5605 Cross-site Scripting - CVE-2020-5606 RyotaK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
JVN#09166495: Multiple vulnerabilities in Buffalo AirStation WHR-G54S
Buffalo AirStation WHR-G54S contains multiple vulnerabilities listed below. Directory Traversal - CVE-2020-5605 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N| Base Score: 4.1 CVSS v2| AV:A/AC:L/Au:S/C:P/I:N/A:N| Base Score: 2.7 Cross-site Scripting -...
Yodobashi App for Android fails to restrict access permissions
Overview Yodobashi App for Android provided by Yodobashi Camera Co.,Ltd. implements the function to access a requested URL using an Intent. This function contains an improper access control vulnerability CWE-284 that may allow the vulnerable App to receive an Intent from an arbitrary App and to...