Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/04/07 5:49 a.m.3 views

Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads

Overview Joomla! plugin "AcyMailing" allows an unauthenticated user to upload arbitrary files CWE-434. qw3rTyTy reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Arbitrary PHP code may be executed. Solution...

7.2CVSS7.2AI score0.013EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/04/07 12:0 a.m.84 views

JVN#56890693: Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads

Joomla! plugin "AcyMailing" allows an unauthenticated user to upload arbitrary files CWE-434. Impact Arbitrary PHP code may be executed. Solution Update the plugin Update the plugin according to the information provided by the developer. Products Affected AcyMailing versions prior to 6.9.2...

7.2CVSS7.1AI score0.013EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/31 8:44 a.m.3 views

Multiple Yamaha network devices vulnerable to denial-of-service (DoS)

Overview Multiple network devices provided by Yamaha Corporation contain a denial-of-service DoS vulnerability. NIWA Naoya of Amano Lab, Dept. of Information and Computer Science, Faculty of Science and Technology, Keio University reported this vulnerability to IPA. JPCERT/CC coordinated with the...

7.8CVSS6.9AI score0.01419EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/31 4:37 a.m.2 views

Denial-of-service (DoS) vulnerability in Mitsubishi Electric MELSOFT transmission port

Overview MELSOFT transmission port UDP/IP of MELSEC iQ-R, iQ-F, Q, L, and F series provided by Mitsubishi Electric Coporation contains an uncontrolled resource consumption issue CWE-400. When MELSOFT transmission port receives massive amount of data, resource consumption occurs and the port does...

7.5CVSS6.8AI score0.01331EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/31 12:0 a.m.83 views

JVN#38732359: Multiple Yamaha network devices vulnerable to denial-of-service (DoS)

Multiple network devices provided by Yamaha Corporation contain a denial-of-service DoS vulnerability CWE-400 due to an issue in processing received packets. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the firmware Update to the latest version ...

7.8CVSS7.6AI score0.01419EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/25 12:50 a.m.3 views

WL-Enq (WEB Enquete) vulnerable to OS command injection

Overview WL-Enq WEB Enquete provided by WonderLink is a CGI to provide web enquete functions. WL-Enq WEB Enquete contains an OS command injection vulnerability CWE-78. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January 16, 2020, it was...

10CVSS8AI score0.02274EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 9:29 a.m.1 views

WL-Enq (WEB Enquete) vulnerable to cross-site scripting

Overview WL-Enq WEB Enquete provided by WonderLink is a CGI to provide web enquete functions. WL-Enq WEB Enquete contains a cross-site scripting vulnerability CWE-79. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January 16, 2020, it was judg...

6.1CVSS6.1AI score0.00773EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 9:14 a.m.1 views

Keijiban Tsumiki vulnerable to OS command injection

Overview Keijiban Tsumiki provided by Mash room - Free CGI - is a CGI to provide Bulletin Board System BBS functions. Keijiban Tsumiki contains an OS command injection vulnerability CWE-78. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on Januar...

10CVSS7.7AI score0.02274EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 9:5 a.m.2 views

mailform vulnerable to cross-site scripting

Overview mailform provided by keitai-site.net is a PHP script providing mail form functions to a website. mailform contains a stored cross-site scripting vulnerability CWE-79. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January 16, 2020, it...

6.1CVSS6AI score0.00773EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 8:59 a.m.3 views

mailform vulnerable to PHP code execution

Overview mailform provided by keitai-site.net is a PHP script providing a mail form function to a website. mailform contains a PHP code execution vulnerability CWE-94 on the server where the product is running. During the meeting of Committee for authorizing the disclosure of unresolved...

10CVSS7.4AI score0.02274EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 8:53 a.m.3 views

Multiple vulnerabilities in Shihonkanri Plus GOOUT

Overview Shihonkanri Plus GOOUT provided by EKAKIN is a CGI that enables to view data stored in Shihonkanri Plus outside. Shihonkanri Plus GOOUT contains multiple vulnerabilities which allow reading/writing an arbitrary file listed below because of the improper validation of input parameter...

9.1CVSS6.7AI score0.01935EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 8:47 a.m.3 views

Shihonkanri Plus GOOUT vulnerable to OS command injection

Overview Shihonkanri Plus GOOUT provided by EKAKIN is a CGI that enables to view data stored in Shihonkanri Plus outside. Shihonkanri Plus GOOUT contains an OS command injection CWE-78 vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held...

10CVSS7.5AI score0.02274EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 8:42 a.m.4 views

CuteNews vulnerable to cross-site scripting

Overview Cute News provided by CutePHP.com is a system to manage news. Cute News contains a cross-site scripting vulnerability CWE-79. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January 16, 2020, it was judged that an advisory for this...

6.1CVSS6.2AI score0.00773EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 8:40 a.m.3 views

Cute News vulnerable to PHP code execution

Overview Cute News provided by CutePHP.com is a system to manage news. Cute News contains a PHP code execution vulnerability CWE-94. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January 16, 2020, it was judged that an advisory for this...

9CVSS7.8AI score0.0205EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.77 views

JVN#77634892: mailform vulnerable to PHP code execution

mailform provided by keitai-site.net is a PHP script providing a mail form function to a website. mailform contains a PHP code execution vulnerability CWE-94 on the server where the product is running. Impact Arbitrary PHP code may be executed on the server where the product is running. Solution...

10CVSS9.7AI score0.02274EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.74 views

JVN#85942151: mailform vulnerable to cross-site scripting

mailform provided by keitai-site.net is a PHP script providing mail form functions to a website. mailform contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of an administrator who is accessing a website using mailform...

6.1CVSS6AI score0.00773EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.72 views

JVN#88277644: Keijiban Tsumiki vulenrable to OS command injection

Keijiban Tsumiki provided by Mash room - Free CGI - is a CGI to provide Bulletin Board System BBS functions. Keijiban Tsumiki contains an OS command injection vulnerability CWE-78. Impact A remote attacker may execute an arbitrary OS command. Solution Consider stop using Keijiban Tsumiki v1.15...

10CVSS9.8AI score0.02274EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.81 views

JVN#29095127: CuteNews vulnerable to cross-site scripting

Cute News provided by CutePHP.com is a system to manage news. Cute News contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user with a login privilege to the website that uses Cute News while accessing the website. Solution...

6.1CVSS6.1AI score0.00773EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.72 views

JVN#88033799: WL-Enq (WEB Enquete) vulnerable to cross-site scripting

WL-Enq WEB Enquete provided by WonderLink is a CGI to provide web enquete functions. WL-Enq WEB Enquete contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing a website that uses WL-Enq WEB Enquete. Solution...

6.1CVSS6AI score0.00773EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.79 views

JVN#27951364: WL-Enq (WEB Enquete) vulnerable to OS command injection

WL-Enq WEB Enquete provided by WonderLink is a CGI to provide web enquete functions. WL-Enq WEB Enquete contains an OS command injection vulnerability CWE-78. Impact A remote attacker may execute arbitrary OS commands with the administrative privilege. Solution Consider stop using WL-Enq 1.12 Sin...

10CVSS10AI score0.02274EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.52 views

JVN#32415420: Multiple vulnerabiliteis in Shihonkanri Plus GOOUT

Shihonkanri Plus GOOUT provided by EKAKIN is a CGI that enables to view data stored in Shihonkanri Plus outside. Shihonkanri Plus GOOUT contains multiple vulnerabilities which allow reading/writing an arbitrary file listed below because of the improper validation of input parameter. Directory...

9.1CVSS9.4AI score0.01935EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.95 views

JVN#58176087: Cute News vulnerable to PHP code execution

Cute News provided by CutePHP.com is a system to manage news. Cute News contains a PHP code execution vulnerability CWE-94. Impact A user who can login to CuteNews may execute arbitrary PHP code. Solution Consider stop using Cute News 2.1.2 Since the developer was unreachable, existence of any...

9CVSS9AI score0.0205EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/24 12:0 a.m.70 views

JVN#63834780: Shihonkanri Plus GOOUT vulnerable to OS command injection

Shihonkanri Plus GOOUT provided by EKAKIN is a CGI that enables to view data stored in Shihonkanri Plus outside. Shihonkanri Plus GOOUT contains an OS command injection CWE-78 vulnerability. Impact A remote attacker may execute an arbitrary OS command. Solution Consider stop using Shihonkanri Plu...

10CVSS9.8AI score0.02274EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/11 5:16 a.m.1 views

Cross-site Scripting Vulnerability in JP1/Performance Management - Manager [Web Console]

Overview A Cross-site Scripting Vulnerability was found in JP1/Performance Management - Manager Web Console. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

6.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/09 2:23 a.m.1 views

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center

Overview Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure an...

7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/09 2:21 a.m.1 views

Improper LDAPS Certificate Validation in Hitachi Ops Center Common Services

Overview Improper certificate validation in Hitachi Ops Center Common Services. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/03 8:50 a.m.11 views

Multiple vulnerabilities in OpenBlocks IoT VX2

Overview OpenBlocks IoT VX2 provided by Plat'Home Co., Ltd. contains multiple vulnerabilities. Masahiro Murashima and Genta Kataoka of IERAE SECURITY INC. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/03 12:0 a.m.104 views

JVN#19666251: Multiple vulnerabilities in OpenBlocks IoT VX2

OpenBlocks IoT VX2 provided by Plat'Home Co., Ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5535 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2| AV:A/AC:L/Au:N/C:P/I:P/A:P| Base Score:...

8.8CVSS9.5AI score0.00855EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/02 5:39 a.m.1 views

GRANDIT vulnerable to session management

Overview GRANDIT provided by GRANDIT CORPORATION contains a vulnerability in session management CWE-639. Kazuki Mitobe of FUJISOFT INCORPORATED reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user who can...

6.5CVSS6.6AI score0.00842EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/03/02 12:0 a.m.74 views

JVN#73472345: GRANDIT vulnerable to session management

GRANDIT provided by GRANDIT CORPORATION contains a vulnerability in session management CWE-639. Impact A user who can access to the product may impersonate an arbitrary user. As a result, information may be altered or disclosed. Solution Apply the Patch Apply the appropriate patch according to th...

6.5CVSS6.4AI score0.00842EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 6:47 a.m.3 views

Improper Authentication Vulnerability in RICOH printers

Overview Multiple RICOH printers contain Improper Authentication Vulnerability CWE-287. RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership. Impac...

7.5CVSS6.5AI score0.01409EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 6:44 a.m.4 views

Improper Access Control Vulnerability in RICOH printers

Overview Multiple RICOH printers contain Improper Access Control CWE-284. RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership. Impact A user who c...

7.2CVSS7.1AI score0.00374EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 6:29 a.m.2 views

Privilege escalation vulnerability in multiple RICOH printer drivers

Overview Multiple RICOH printer drivers contain a privilege escalation vulnerability. RICOH COMPANY, LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Name of company/Organization coordinated under the Information Security Early Warning...

7.8CVSS6.8AI score0.04566EPSS
Exploits8References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 5:6 a.m.2 views

Cross-site Request Forgery Vulnerability in RICOH printers

Overview Multiple RICOH printers contain Cross-site Request Forgery CWE-352. RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership. Impact If a user...

8.8CVSS6.6AI score0.00714EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 5:2 a.m.27 views

Information Disclosure Vulnerability in RICOH printers

Overview Multiple RICOH printers contain Information Disclosure CWE-200. RICOH COMPANY, LTD. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and RICOH COMPANY, LTD. coordinated under the Information Security Early Warning Partnership. Impact A user who ca...

7.5CVSS6.2AI score0.01409EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 12:0 a.m.76 views

JVN#52962201: Multiple vulnerabilities in RICOH printers

Multiple RICOH printers contain multiple vulnerabilities listed below. Information Disclosure CWE-200 - CVE-CVE-2019-14301 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N| Base Score: 6.5 CVSS v2| AV:A/AC:L/Au:N/C:P/I:N/A:N| Base Score: 3.3 Improper Access...

8.8CVSS7.9AI score0.01409EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/25 12:0 a.m.100 views

JVN#15697526: Privilege escalation vulnerability in multiple RICOH printer drivers

Multiple RICOH printer drivers contain a privilege escalation vulnerability. Impact If a user who can login to the computer where the affected printer driver is installed uses the specially crafted printer driver, that may result in administrative privileges being taken by privilege escalation...

7.8CVSS7.6AI score0.04566EPSS
Exploits8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/19 5:39 a.m.2 views

Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS

Overview Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS provided by NEC Corporation contain multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in UPnP function CWE-78 - CVE-2020-5524 OS command injection vulnerability in management screen CWE-78 -...

8.8CVSS7.7AI score0.01019EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/19 5:34 a.m.3 views

Multiple vulnerabilities in Aterm WG2600HS

Overview Aterm WG2600HS provided by NEC Corporation contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2020-5533 OS command injection CWE-78 - CVE-2020-5534 Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wit...

8CVSS7.3AI score0.0087EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/19 12:0 a.m.93 views

JVN#49410695: Multiple vulnerabilities in Aterm WG2600HS

Aterm WG2600HS provided by NEC Corporation contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2020-5533 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base Score: 2.6 OS...

8CVSS7.5AI score0.0087EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/19 12:0 a.m.83 views

JVN#25766797: Multiple OS command injection vulnerabilities in Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS

Aterm WF1200C, Aterm WG1200CR, and Aterm WG2600HS provided by NEC Corporation contain multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in UPnP function CWE-78 - CVE-2020-5524 Version| Vector| Score ---|---|--- CVSS v3|...

8.8CVSS8.5AI score0.01019EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/18 4:42 a.m.5 views

WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery

Overview WordPress Plugin "Easy Property Listings" provided by Merv Barrett contains a cross-site request forgery vulnerability CWE-352. Rei Nakahara of Cryptography Laboratory,Department of Information and Communication Engineering,Tokyo Denki University reported this vulnerability to the...

8.8CVSS6.5AI score0.00818EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/18 3:10 a.m.3 views

Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000

Overview MELSEC C Controller Module and MELIPC Series MI5000 provided by Mitsubishi Electric Corporation have multiple vulnerabilities due to the vulnerabilities called "URGENT/11" in TCP/IP function IPnet of VxWorks, a real-time OS distributed by Wind River. Q24DHCCPU-V and Q24DHCCPU-VG Buffer...

9.8CVSS7.2AI score0.84177EPSS
Exploits7References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/18 12:0 a.m.69 views

JVN#89259622: WordPress Plugin "Easy Property Listings" vulnerable to cross-site request forgery

WordPress Plugin "Easy Property Listings" provided by Merv Barrett contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin Update the plugin according to the informatio...

8.8CVSS8.6AI score0.00818EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/14 6:34 a.m.6 views

Security information for Hitachi Disk Array Systems

Overview A cross site scripting vulnerability exists in the SVPStorage Navigator of the Hitachi disk array system. Impact Regerding the impact df the vulnerablilty, please refer to the ventor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and...

6.2AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/14 4:43 a.m.1 views

ilbo App vulnerable to authentication bypass

Overview ilbo App provided by EXTRUN Ltd. contains an authentication bypass vulnerability CWE-287. Impact A user who can login to ilbo App may view the images which were recorded by the other user's ilbo device. Solution Update the Application Update to the latest version according to the...

4.3CVSS6.8AI score0.00922EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/14 4:39 a.m.2 views

Multiple Trend Micro products vulnerable to denial-of-service (DoS)

Overview Premium Security 2019 for Windows, Maximum Security 2019 for Windows, Internet Security 2019 for Windows, and Antivirus+ Security 2019 for Windows provided by Trend Micro Incorporated contain a denial-of-service DoS vulnerability CWE-400. BlackWingCat of Pink Flying Whale reported this...

6.2CVSS6.5AI score0.00365EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/14 12:0 a.m.75 views

JVN#02921757: Multiple Trend Micro products vulnerable to denial-of-service (DoS)

Premium Security 2019 for Windows, Maximum Security 2019 for Windows, Internet Security 2019 for Windows, and Antivirus+ Security 2019 for Windows provided by Trend Micro Incorporated contain a denial-of-service DoS vulnerability CWE-400. Impact An attacker may disable Premium Security 2019 for...

4.7CVSS4.6AI score0.00365EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/14 12:0 a.m.66 views

JVN#35496038: ilbo App vulnerable to authentication bypass

ilbo App provided by EXTRUN Ltd. contains an authentication bypass vulnerability CWE-287. Impact A user who can login to ilbo App may view the images which were recorded by the other user's ilbo device. Solution Update the Application Update to the latest version according to the information...

4.3CVSS4.5AI score0.00922EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/02/10 3:30 a.m.4 views

HtmlUnit vulenerable to arbitrary code execution

Overview HtmlUnit is a Java-based library which provides web browser functionality to Java programs, and it supports JavaScript evaluation with embedded Mozilla Rhino engine. Mozilla Rhino engine offers a feature to make Java objects available from JavaScript. HtmlUnit initializes Rhino engine...

8.1CVSS7AI score0.04719EPSS
Exploits0References5
Total number of security vulnerabilities5625