Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/22 12:0 a.m.72 views

JVN#95423049: The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries

Content Manager Assistant for PlayStation provided by Sony Interactive Entertainment Inc. is a data transfer tool. The installer of Content Manager Assistant for PlayStation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact...

7.8CVSS7.7AI score0.00865EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/19 4:48 a.m.3 views

OneThird CMS vulnerable to directory traversal

Overview OneThird CMS provided by SpiQe Software is a Contents Management System CMS. OneThird CMS contains a directory traversal vulnerability CWE-22. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5CVSS6.7AI score0.01185EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/19 12:0 a.m.88 views

JVN#93333702: OneThird CMS vulnerable to directory traversal

OneThird CMS provided by SpiQe Software is a Contents Management System CMS. OneThird CMS contains a directory traversal vulnerability CWE-22. Impact An authenticated atacker with editing privileges may delete arbitrary files on the server. Solution Update the Software Update to the latest versio...

4.3CVSS4.6AI score0.01185EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/18 6:17 a.m.3 views

Multiple vulnerabilities in H2O

Overview H2O is an open source web server software. H2O contains multiple vulnerabilities listed below. A Denial-of-service DoS due to a flaw in processing HTTP/1 header CWE-20 - CVE-2017-10868 Stack-based buffer overflow CWE-121 - CVE-2017-10869 A Denial-of-service DoS due to a flaw in outputtin...

7.5CVSS7.4AI score0.03636EPSS
Exploits0References14
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/18 12:0 a.m.79 views

JVN#84182676: Multiple vulnerabilities in H2O

H2O is an open source web server software. H2O contains multiple vulnerabilities listed below. A Denial-of-service DoS due to a flaw in processing HTTP/1 header CWE-20 - CVE-2017-10868 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L| Base Score: 5.3 CVSS...

7.5CVSS7.6AI score0.03636EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 5:13 a.m.5 views

Fluentd vulenrable to escape sequence injection

Overview Fluentd provided by Cloud Native Computing Foundation CNCF contains an escape sequence injection vulnerability. Fluentd is an open source data collector provided by Cloud Native Computing Foundation CNCF. The parse Filter Plugin for Fluentd contains an escape sequence injection...

10CVSS7.7AI score0.04581EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 4:40 a.m.3 views

Qt for Android environment variables alteration

Overview Qt for Android contains an information alteration vulnerability. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may alter environem...

6.8CVSS7.3AI score0.00576EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 4:40 a.m.3 views

Qt for Android vulnerable to OS command injection

Overview Qt for Android provided by The Qt Company contains an OS command injection vulnerability CWE-78. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

9.8CVSS7.7AI score0.01958EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 2:46 a.m.3 views

Cross-site Scripting Vulnerability in JP1/Service Support and JP1/Integrated Management - Service Support

Overview A cross-site scripting vulnerability was found in JP1/Service Support and JP1/Integrated Management - Service Support. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasur...

4.1CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 12:0 a.m.88 views

JVN#27342829: Qt for Android environment variables alteration

Qt for Android contains an information alteration vulnerability. Impact A remote attacker may alter environemt variables of the apps created using Qt. As a result, arbitrary code may be executed. Solution Update the Software Update to the latest version of software according to the information...

6.8CVSS6AI score0.00576EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/11 12:0 a.m.62 views

JVN#67389262: Qt for Android vulnerable to OS command injection

Qt for Android provided by The Qt Company contains an OS command injection vulnerability CWE-78. Impact A remote attacker may execute an arbitrary OS command. Solution Update the Software Update to the latest version of software according to the information provided by the developer. Apply the...

9.8CVSS9AI score0.01958EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/06 5:42 a.m.3 views

The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries

Overview The installer of The Public Certification Service for Individuals "The JPKI user's software" provided by Japan Agency for Local Authority Information Systems J-LIS contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that...

9.3CVSS7AI score0.01029EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/06 12:0 a.m.82 views

JVN#30352845: The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries

The installer of The Public Certification Service for Individuals "The JPKI user's software" provided by Japan Agency for Local Authority Information Systems J-LIS contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary cod...

9.3CVSS7.7AI score0.01029EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/01 7:17 a.m.4 views

Multiple vulnerabilities in multiple Buffalo broadband routers

Overview BBR-4HG and BBR-4MG provided by BUFFALO INC. are wireless LAN routers. BBR-4HG and BBR-4MG contain multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2017-10896 Improper Input Validation CWE-20 - CVE-2017-10897 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions,...

6.1CVSS6.5AI score0.00713EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/01 5:59 a.m.3 views

Cross-site Scripting Vulnerability in JP1/Operations Analytics

Overview A cross-site scripting vulnerability was found in JP1/Operations Analytics. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.1CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/12/01 12:0 a.m.82 views

JVN#65994435: Multiple vulnerabilities in multiple Buffalo broadband routers

BBR-4HG and BBR-4MG provided by BUFFALO INC. are wireless LAN routers. BBR-4HG and BBR-4MG contain multiple vulnerabilities listed below. Cross-site Scripting CWE-79 - CVE-2017-10896 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2|...

6.1CVSS5.6AI score0.00713EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/30 6:50 a.m.5 views

Movable Type plugin A-Member and A-Reserve vulnerable to SQL injection

Overview A-Member and A-Reserve provided by ARK-Web co., ltd. are plugins for Movable Type which provide functions to build a membership website or a reservation website. A-Member and A-Reserve contain SQL injection CWE-89 vulnerability due to the issue in processing cookie values. Yuuta Watanabe...

9.8CVSS7.4AI score0.01269EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/30 6:45 a.m.4 views

Multiple vulnerabilities in Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1

Overview Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 provided by Princeton Ltd. is a Wi-Fi storage. Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 contains multiple vulnerabilities listed below. Improper Access Restriction CWE-284 - CVE-2017-10900 Buffer Overflow CWE-119 -...

10CVSS7.5AI score0.02553EPSS
Exploits0References15
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/30 12:0 a.m.77 views

JVN#98295787: Multiple vulnerabilities in Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1

Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 provided by Princeton Ltd. is a Wi-Fi storage. Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 contains multiple vulnerabilities listed below. Improper Access Restriction CWE-284 - CVE-2017-10900 Version| Vector| Score ---|---|--- CVSS v3|...

10CVSS9.3AI score0.02553EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/30 12:0 a.m.57 views

JVN#78501037: Movable Type plugin A-Member and A-Reserve vulnerable to SQL injection

A-Member and A-Reserve provided by ARK-Web co., ltd. are plugins for Movable Type which provide functions to build a membership website or a reservation website. A-Member and A-Reserve contain SQL injection CWE-89 vulnerability due to the issue in processing cookie values. Impact An attacker who...

9.8CVSS9.7AI score0.01269EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/29 5:54 a.m.5 views

StreamRelay.net.exe and sDNSProxy.exe vulnerable to denial-of-service (DoS)

Overview StreamRelay.net.exe and sDNSProxy.exe fail to properly process ICMP Port Unreachable message CWE-703. Tomoki Sanaki reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Tomoki Sanaki coordinated under the Information Security Early Warning...

7.5CVSS6.7AI score0.015EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/29 12:0 a.m.73 views

JVN#71291160: StreamRelay.net.exe and sDNSProxy.exe vulnerable to denial-of-service (DoS)

StreamRelay.net.exe and sDNSProxy.exe fail to properly process ICMP Port Unreachable message CWE-703. Impact A remote attacker may be able to cause a denial-of-service DoS condition. Solution Update the Software Update to the latest version according to the information provided by the developer...

7.5CVSS7.3AI score0.015EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/28 2:26 a.m.6 views

QND Advance/Standard vulnerable to directory traversal

Overview QND Advance/Standard provided by QualitySoft Corporation contains a directory traversal vulnerability. QND Advance/Standard provided by QualitySoft Corporation contains a directory traversal vulnerability CWE-22 in an administrative server due to the issue in processing input from an age...

9.4CVSS7AI score0.02323EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/22 4:51 a.m.4 views

PWR-Q200 vulnerable to DNS cache poisoning attacks

Overview PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Toshifumi Sakaguchi reported this vulnerability to IPA. JPCERT/CC coordinated with...

7.5CVSS6.6AI score0.01323EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/22 12:0 a.m.62 views

JVN#73141967: PWR-Q200 vulnerable to DNS cache poisoning attacks

PWR-Q200 provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION is a mobile WiFi router. PWR-Q200 is vulnerable to DNS cache poisoning attacks as DNS queries are done with a fixed source port CWE-330. Impact The DNS responses spoofed by a remote attacker may result in any device on the LAN...

7.5CVSS7.5AI score0.01323EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/21 6:40 a.m.7 views

The installer of Media Go and Music Center for PC may insecurely load Dynamic Link Libraries

Overview Media Go and Music Center for PC provided by Sony Group are file management tools. The installer of Media Go and Music Center for PC contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. and Shun Suza...

9.3CVSS6.9AI score0.01029EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/21 12:0 a.m.66 views

JVN#08517069: The installer of Media Go and Music Center for PC may insecurely load Dynamic Link Libraries

Media Go and Music Center for PC provided by Sony Group are file management tools. The installer of Media Go and Music Center for PC contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the...

9.3CVSS7.6AI score0.01029EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/16 5:3 a.m.3 views

Robotic appliance COCOROBO vulnerable to session management

Overview Robotic appliance COCOROBO provided by Sharp Corporation is a robot with cleaning function. Robotic appliance COCOROBO contains a vulnerability in session management CWE-639. Kiyotaka ATSUMI of IoT Technology Laboratory, Cyber Grid Japan, LAC Co., Ltd. reported this vulnerability to IPA...

4.6CVSS6.7AI score0.00421EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/16 12:0 a.m.39 views

JVN#76382932: Robotic appliance COCOROBO vulnerable to session management

Robotic appliance COCOROBO provided by Sharp Corporation is a robot with cleaning function. Robotic appliance COCOROBO contains a vulnerability in session management CWE-639. Impact An attacker on the same LAN may impersonate a user to accessing product. As a result, there is a possibility that a...

4.6CVSS4.7AI score0.00421EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/14 6:19 a.m.3 views

Multiple vulnerabilities in BOOK WALKER for Windows/Mac

Overview BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries. Also BOOK WALKER for Windows/Mac contain a vulnerability which may le...

9.3CVSS6.3AI score0.01059EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/14 4:26 a.m.5 views

WordPress plugin "TablePress" vulnerable to improper restriction of XML external entity (XXE) references

Overview The WordPress plugin "TablePress" is a plugin to create and manage tables on WordPress site. TablePress contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA...

5CVSS6.8AI score0.01058EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/14 12:0 a.m.81 views

JVN#05398317: WordPress plugin "TablePress" vulnerable to improper restriction of XML external entity (XXE) references

The WordPress plugin "TablePress" is a plugin to create and manage tables on WordPress site. TablePress contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Impact An arbitrary file on the server may be accessed by users who can access the...

4.3CVSS4.5AI score0.01058EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/14 12:0 a.m.75 views

JVN#18420340: Multiple vulnerabilities in BOOK WALKER for Windows/Mac

BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries. Also BOOK WALKER for Windows/Mac contain a vulnerability which may lead to...

9.3CVSS6AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/13 6:30 a.m.2 views

CS-Cart Japanese Edition vulnerable to cross-site scripting

Overview CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition contains a cross-site scripting vulnerabulity CWE-79. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.4CVSS6.1AI score0.00538EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/13 12:0 a.m.65 views

JVN#29602086: CS-Cart Japanese Edition vulnerable to cross-site scripting

CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition contains a cross-site scripting vulnerabulity CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

5.4CVSS5.4AI score0.00538EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/09 3:29 a.m.4 views

Installer of HYPER SBI may insecurely load Dynamic Link Libraries

Overview HYPER SBI provided by SBI SECURITIES Co.,Ltd. is a trading tool. Installer of HYPER SBI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuto Iso of NTT Security Japan KK reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS6.9AI score0.01029EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/09 12:0 a.m.82 views

JVN#71284826: Installer of HYPER SBI may insecurely load Dynamic Link Libraries

HYPER SBI provided by SBI SECURITIES Co.,Ltd. is a trading tool. Installer of HYPER SBI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer...

9.3CVSS7.7AI score0.01029EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/06 4:48 a.m.3 views

I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)

Overview LAN DISK Connect provided by I-O DATA DEVICE, INC. contains a denial-of-service DoS vulnerability CWE-119 due to a flaw in processing certain packets. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

7.5CVSS6.5AI score0.01234EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/06 4:48 a.m.7 views

Wi-Fi STATION L-02F vulnerable to buffer overflow

Overview Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. contains a buffer overflow vulnerability. Daisuke Makita and Hayato Ushimaru of National Institute of Information and Communications Technology, Jumpei Shimamura of clwit, Inc. and Katsunari Yoshioka of Yokohama National University reporte...

10CVSS8AI score0.0231EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/06 12:0 a.m.65 views

JVN#87886530: I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)

LAN DISK Connect provided by I-O DATA DEVICE, INC. contains a denial-of-service DoS vulnerability CWE-119 due to a flaw in processing certain packets. Impact Receiving a specially crafted packet may result in a denial-of-service DoS condition. Solution Update the Firmware Apply the latest firmwar...

7.5CVSS7.4AI score0.01234EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/06 12:0 a.m.75 views

JVN#23367475: Wi-Fi STATION L-02F vulnerable to buffer overflow

Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. contains a buffer overflow vulnerability CWE-121. Impact Receiving crafted packets sent by a remote attacker may cause a buffer overflow condition. As a result, the attacker may execute arbitrary code with the root previlege. Solution Apply an Upda...

10CVSS9.9AI score0.0231EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/02 4:57 a.m.3 views

Installer of "Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Easy Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

7.8CVSS6.8AI score0.00911EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/02 12:0 a.m.74 views

JVN#97243511: Installer of ”Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries

Installer of "Flets Easy Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the...

7.8CVSS7.7AI score0.00911EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/01 6:36 a.m.3 views

OpenAM (Open Source Edition) vulnerable to authentication bypass

Overview OpenAM Open Source Edition contains an authentication bypass vulnerability. Yasushi Iwakata of Open Source Solution Technology Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A user may...

8.1CVSS6.8AI score0.02625EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/11/01 12:0 a.m.75 views

JVN#79546124: OpenAM (Open Source Edition) vulnerable to authentication bypass

OpenAM Open Source Edition contains an authentication bypass vulnerability. Impact A user may bypass login authentication and access contents for which permissions are not granted. Solution Apply the Patch Patch for this vulnerabiity has been released by Open Source Solution Technology Corporatio...

8.1CVSS8.2AI score0.02625EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/25 3:17 a.m.5 views

Memory corruption vulnerability in Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro

Overview Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro contain a memory corruption vulnerability. Impact If a user opens a specially crafted Rakuraku Hagaki file or Rakuraku Hagaki Select for Ichitaro file, arbitrary code may be executed with the privilege of running the application...

7.8CVSS7.3AI score0.01312EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/18 5:22 a.m.2 views

XXE Vulnerability in Hitachi Command Suite

Overview An XXE XML External Entity Vulnerability was found in Hitachi Command Suite. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

8.1CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/17 8:22 a.m.3 views

Home unit KX-HJB1000 contains multiple vulnerabilities

Overview Home unit KX-HJB1000 provided by Panasonic Corporation is a control system for home network. Home unit KX-HJB1000 contains multiple vulnerabilities listed below. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

8.8CVSS6.8AI score0.01248EPSS
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/17 8:1 a.m.4 views

Information Disclosure Vulnerability in Hitachi Automation Director

Overview An Information Disclosure Vulnerability was found in Hitachi Automation Director. Impact Information might be disclosed. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

3.5CVSS6.4AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/17 7:58 a.m.2 views

Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor

Overview Multiple vulnerabilities have been found in Hitachi Infrastructure Analytics Advisor. Cross-site Scripting Access Control For Access Control, Hitachi Data Center Analytics v8.0.0, v8.0.2, v8.1.0, and v8.1.3 will be affected. Impact Regarding the impact of the vulnerability, please refer ...

7.5CVSS6.6AI score
Exploits0References3
Total number of security vulnerabilities5625