Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/17 7:26 a.m.3 views

RMI Vulnerability in Hitachi Tuning Manager

Overview A RMI Vulnerability was found in Hitachi Tuning Manager. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

10CVSS6.7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/17 7:26 a.m.2 views

Information Disclosure Vulnerability in Hitachi Global Link Manager

Overview An Information Disclosure Vulnerability was found in Hitachi Global Link Manager. Impact Information might be disclosed. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

3.5CVSS6.4AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/17 12:0 a.m.82 views

JVN#54795166: Home unit KX-HJB1000 contains multiple vulnerabilities

Home unit KX-HJB1000 provided by Panasonic Corporation is a control system for home network. Home unit KX-HJB1000 contains multiple vulnerabilities listed below. Improper access control - CVE-2017-2131 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base...

8.8CVSS7AI score0.01248EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 7:43 a.m.2 views

HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries

Overview HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that this vulnerability is different from JVN58909026. Eili Masami of Tachibana Lab. report...

9.3CVSS6.8AI score0.01008EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 7:43 a.m.4 views

Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Overview Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Eili Masami of Tachibana Lab. reported this...

9.3CVSS7AI score0.01008EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 7:43 a.m.2 views

HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries

Overview HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that this vulnerability is different from JVN55516206. Yuji Tounai of NTT Communications...

9.3CVSS6.8AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 5:28 a.m.1 views

Cybozu Office fails to restrict access permissions

Overview Cybozu Office fails to restrict access permissions. Cybozu Office provided by Cybozu, Inc. fails to restrict access permissions CWE-284 due to an issue in "Cabinet" function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and...

4.3CVSS6.8AI score0.00618EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 12:0 a.m.62 views

JVN#14658424: Cybozu Office fails to restrict access permissions

Cybozu Office provided by Cybozu, Inc. fails to restrict access permissions CWE-284 due to an issue in "Cabinet" function. Impact A user who can login to Cybozu Office may perform arbitrary operations to the folder where the user does not have acces with its privilege. Solution Update the Softwar...

4.3CVSS4.6AI score0.00618EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 12:0 a.m.50 views

JVN#55516206: HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries

HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the user running HIBUN Confidential File...

9.3CVSS7.6AI score0.01008EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 12:0 a.m.60 views

JVN#58909026: HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries

HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileges of the user running HIBUN Confidential File...

9.3CVSS7.6AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/11 12:0 a.m.61 views

JVN#94056834: Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files

Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Impact Arbitrary code may be executed with the...

9.3CVSS7.8AI score0.01008EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/10/03 2:18 a.m.4 views

Self-Decrypting Confidential Files created by JP1/HIBUN may insecurely load Dynamic Link Libraries

Overview Self-decrypting confidential files created by JP1/HIBUN contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor...

7.8CVSS6.9AI score
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/29 4:54 a.m.3 views

Install program and Installer of i-filter 6.0 may insecurely load Dynamic Link Libraries and invoke executable files

Overview i-filter 6.0 provided by Digital Arts Inc. is web filtering and parental control software. The install program is designed to download the installer via the internet and execute it. The i-filter 6.0 install program and installer contain the following vulnerabilities. Eili Masami of...

9.3CVSS7.4AI score0.01781EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/29 4:54 a.m.4 views

Marp vulnerable to improper access control in JavaScript execution

Overview Marp is a tool to create a presentation PDF with Markdown. Marp executes JavaScript inside the Markdown contents. Marp allows JavaScript to access local resources and files CWE-284. Keitaro Yamazaki of Kyoto University reported this vulnerability to IPA. JPCERT/CC coordinated with the...

6.8CVSS6.3AI score0.00519EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/26 6:37 a.m.4 views

jwt-scala fails to verify token signatures

Overview jwt-scala contains a vulnerability where it fails to verify token signatures correctly. jwt-scala is a Scala library to handle JSON Web Token JWT. jwt-scala contains a vulnerability where it fails to verify token signatures correctly due to improper processing of JWT headers. Toshiharu...

5.3CVSS6.9AI score0.00583EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/21 6:58 a.m.4 views

InterScan Web Security Virtual Appliance vulnerable to code injection

Overview InterScan Web Security Virtual Appliance provided by Trend Micro Incorporated contains code injection vulnerability. Impact Arbitrary code may be executed by a user who logged-in to the management screen of the product as an administrator. Solution Apply the Patch Apply the patch accordi...

9CVSS7.2AI score0.03196EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/14 12:0 a.m.69 views

JVN#75929834: Install program and Installer of i-フィルター 6.0 may insecurely load Dynamic Link Libraries and invoke executable files

i-フィルター 6.0 provided by Digital Arts Inc. is web filtering and parental control software. The install program is designed to download the installer via the internet and execute it. The i-フィルター 6.0 install program and installer contain the following vulnerabilities. Lead to insecurely loading...

9.3CVSS8.1AI score0.01781EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/12 5:35 a.m.2 views

Wi-Fi STATION L-02F fails to restrict access permissions

Overview Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. fails to restrict access permissions. Japan Computer Emergency Response Team Coordination Center Global Coordination Division Cyber Metrics Line Information Security Analyst Keisuke Shikano reported this vulnerability to IPA. JPCERT/CC...

7.5CVSS6.7AI score0.01585EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/12 5:34 a.m.13 views

Backdoor access issue in Wi-Fi STATION L-02F

Overview Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. contains a backdoor access issue. Japan Computer Emergency Response Team Coordination Center Global Coordination Division Cyber Metrics Line Information Security Analyst Keisuke Shikano reported this vulnerability to IPA. JPCERT/CC...

10CVSS7.4AI score0.02846EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/12 12:0 a.m.46 views

JVN#03044183: Wi-Fi STATION L-02F fails to restrict access permissions

Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. fails to restrict access permissions. Impact An unauthenticated remote attacker may access the web interface of the device through internet and obtain the stored setting information. Solution Apply an Update Apply the update according to the...

7.5CVSS7.5AI score0.01585EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/12 12:0 a.m.64 views

JVN#68922465: Backdoor access issue in Wi-Fi STATION L-02F

Wi-Fi STATION L-02F provided by NTT DOCOMO, INC. contains a backdoor access issue. Impact An unauthenticated remote attacker may access the device with the administrative privilege and perform an unintended operation. The reporter has conducted a test and confirmed that an attacker can log in to...

10CVSS9.8AI score0.02846EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/11 6:19 a.m.4 views

SEIL Series routers vulnerable to denial-of-service (DoS)

Overview The IPsec/IKE function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing certain packets. Internet Initiative Japan Inc. reported this vulnerability to IPA to notify users of its solution through JV...

5.3CVSS6.8AI score0.01524EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/11 5:55 a.m.6 views

Installer of FENCE-Explorer may insecurely load Dynamic Link Libraries and invoke executable files

Overview FENCE-Explorer provided by FUJITSU BROAD SOLUTION & CONSULTING Inc. is a tool to view and edit a file in "FENCE Briefcase" which is created by FENCE-Pro and other FENCE series software. Installer of FENCE-Explorer contains an issue with the search path for DLL/executable files, which may...

9.3CVSS6.8AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/11 12:0 a.m.68 views

JVN#76692689: SEIL Series routers vulnerable to denial-of-service (DoS)

The IPsec/IKE function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing certain packets. Impact Receiving a specially crafted packet may result in a temporary failure of the device's encrypted communication...

4.3CVSS4.1AI score0.01524EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/11 12:0 a.m.65 views

JVN#57205588: Installer of FENCE-Explorer may insecurely load Dynamic Link Libraries and invoke executable files

FENCE-Explorer provided by FUJITSU BROAD SOLUTION & CONSULTING Inc. is a tool to view and edit a file in "FENCE Briefcase" which is created by FENCE-Pro and other FENCE series software. Installer of FENCE-Explorer contains an issue with the search path for DLL/executable files, which may lead to...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/08 5:14 a.m.4 views

Multiple vulnerabilities in CG-WLR300NM

Overview CG-WLR300NM provided by Corega Inc. is a wireless LAN router. CG-WLR300NM contains multiple vulnerabilities listed below. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

7.7CVSS7.8AI score0.00823EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/08 12:0 a.m.101 views

JVN#00719891: Multiple vulnerabilities in CG-WLR300NM

CG-WLR300NM provided by Corega Inc. is a wireless LAN router. CG-WLR300NM contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2017-10813 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2|...

7.7CVSS7.7AI score0.00823EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/09/04 3:14 a.m.3 views

Denial-of-service (DoS) Vulnerability in JP1 and Hitachi IT Operations Director

Overview A vulnerability to denial-of-service attacks was found in JP1 and Hitachi IT Operations Director. Impact An attacker may conduct denial-of-service attacks. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5.3CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/31 7:35 a.m.4 views

Multiple Fuji Xerox products may insecurely load Dynamic Link Libraries

Overview Installers of multiple products, and DocuWorks self-extracting documents provided by Fuji Xerox Co.,Ltd. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/31 12:0 a.m.72 views

JVN#09769017: Multiple Fuji Xerox products may insecurely load Dynamic Link Libraries

Installers of multiple products, and DocuWorks self-extracting documents provided by Fuji Xerox Co.,Ltd. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the administrative...

9.3CVSS7.6AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/30 6:10 a.m.5 views

Installer of "Remote Support Tool (Enkaku Support Tool)" may insecurely load Dynamic Link Libraries

Overview Installer of "Remote Support Tool Enkaku Support Tool" provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili...

9.3CVSS6.8AI score0.01231EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/30 12:0 a.m.55 views

JVN#26115441: Installer of ”Remote Support Tool (Enkaku Support Tool)” may insecurely load Dynamic Link Libraries

Installer of ”Remote Support Tool Enkaku Support Tool” provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary...

9.3CVSS7.7AI score0.01231EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/28 4:46 a.m.3 views

Denial-of-service (DoS) Vulnerability in HiRDB

Overview A vulnerability to denial-of-service attacks was found in HiRDB. Impact A vulnerability to denial-of-service attacks was found in HiRDB. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5.3CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 6:2 a.m.2 views

Installer of "Flets Install Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Install Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 6:2 a.m.4 views

Installer of "Flets Azukeru for Windows Auto Backup Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Azukeru for Windows Auto Backup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability...

9.3CVSS6.8AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:52 a.m.3 views

Installer of "Flets Setsuzoku Tool" may insecurely load Dynamic Link Libraries

Overview Installer of "Flets Setsuzoku Tool"provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:50 a.m.8 views

Multiple vulnerabilities in baserCMS

Overview baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2017-10842 Arbitary files may be deleted - CVE-2017-10843 Arbitary PHP code execution - CVE-2017-10844 Shoji Baba reported the vulnerabilities to IPA. JPCERT/CC...

9.8CVSS8.9AI score0.01766EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:50 a.m.2 views

Installer of Optimal Guard may insecurely load Dynamic Link Libraries

Overview Installer of Optimal Guard provided by OPTiM Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

9.3CVSS6.8AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:50 a.m.3 views

Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries

Overview The installer and the self-extracting archive containing the installer of "Security Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of...

9.3CVSS6.9AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 5:50 a.m.2 views

Installer of "Security Kinou Mihariban" may insecurely load Dynamic Link Libraries

Overview Installer of "Security Kinou Mihariban" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC...

9.3CVSS6.8AI score0.01059EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.75 views

JVN#36303528: Installer and self-extracting archive containing the installer of "Security Setup Tool" may insecurely load Dynamic Link Libraries

The installer and the self-extracting archive containing the installer of "Security Setup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.64 views

JVN#87540575: Installer of Optimal Guard may insecurely load Dynamic Link Libraries

Installer of Optimal Guard provided by OPTiM Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest installer...

9.3CVSS7.6AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.190 views

JVN#78151490: Multiple vulnerabilities in baserCMS

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2017-10842 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 7.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5...

9.8CVSS9.2AI score0.01766EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.73 views

JVN#14926025: Installer of ”Flets Install Tool” may insecurely load Dynamic Link Libraries

Installer of "Flets Install Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installe...

9.3CVSS7.6AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.79 views

JVN#11601216: Installer of "Security Kinou Mihariban" may insecurely load Dynamic Link Libraries

Installer of "Security Kinou Mihariban" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.86 views

JVN#22272314: Installer of "Flets Setsuzoku Tool" may insecurely load Dynamic Link Libraries

Installer of "Flets Setsuzoku Tool"provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/25 12:0 a.m.87 views

JVN#14658714: Installer of "Flets Azukeru for Windows Auto Backup Tool" may insecurely load Dynamic Link Libraries

Installer of "Flets Azukeru for Windows Auto Backup Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the us...

9.3CVSS7.7AI score0.01059EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/24 5:3 a.m.1 views

Multiple vulnerabilities in WebCalendar

Overview WebCalendar provided by k5n.us contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-10840 Directory traversal CWE-22 - CVE-2017-10841 The following researchers reported vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information...

6.1CVSS6.3AI score0.02353EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/24 5:3 a.m.3 views

Multiple vulnerabilities in SEO Panel

Overview SEO Panel provided by SEO Panel contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2017-10838 SQL injection CWE-89 - CVE-2017-10839 ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...

8.8CVSS7.2AI score0.01071EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/08/24 5:3 a.m.1 views

WordPress plugin "BackupGuard" vulnerable to cross-site scripting

Overview The WordPress plugin "BackupGuard" provided by BackupGuard contains a reflected cross-site scripting vulnerability CWE-79. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary scri...

6.1CVSS5.9AI score0.00923EPSS
Exploits0References6
Total number of security vulnerabilities5625