Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 5:29 a.m.•4 views

Cybozu Garoon fails to restrict access permission in the RSS settings

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in the RSS settings. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information...

6.8CVSS6.5AI score0.0113EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 5:19 a.m.•4 views

Cybozu Garoon vulnerable to SQL injection

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an SQL injection vulnerability CWE-89 due to an issue in "MultiReport" function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc...

8.8CVSS8.1AI score0.01594EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 4:44 a.m.•3 views

Cybozu Garoon vulnerable to directory traversal

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a directory traversal vulnerability CWE-22. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Securit...

6.5CVSS6.7AI score0.02525EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 4:36 a.m.•4 views

Cybozu Garoon vulnerable to cross-site request forgery

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a cross-site request forgery vulnerability CWE-352. Yasuda Yuya reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...

5.3CVSS6.5AI score0.01262EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 3:29 a.m.•3 views

Cybozu Garoon vulnerable to information disclosure

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an information disclosure vulnerability CWE-200. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information...

8.8CVSS6.1AI score0.00818EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 3:22 a.m.•3 views

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability CWE-79 due to an issue in "Messages" function of Cybozu Garoon Keitai. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...

6.1CVSS6.1AI score0.01195EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•35 views

JVN#12281353: Cybozu Garoon vulnerable to cross-site scripting

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability CWE-79 due to an issue in "Messages" function of Cybozu Garoon Keitai. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the...

6.1CVSS6.3AI score0.01195EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•35 views

JVN#13218253: Cybozu Garoon vulnerable to information disclosure

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an information disclosure vulnerability CWE-200. Impact Cybozu Garoon uses HTTPS communication, therefore an attacker can not eavesdrop on communication under normal operations. However, if a user conducts a specific...

8.8CVSS8.2AI score0.00818EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•32 views

JVN#16200242: Cybozu Garoon vulnerable to directory traversal

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a directory traversal vulnerability CWE-22. Impact A user may obtain arbitrary files managed by the product. Solution Update the Software Update to the latest version according to the information provided by the develope...

6.5CVSS6.7AI score0.02525EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•35 views

JVN#17980240: Cybozu Garoon vulnerable to SQL injection

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an SQL injection vulnerability CWE-89 due to an issue in "MultiReport" function. Impact A user may execute arbitrary SQL commands. Solution Update the Software Update to the latest version according to the information...

8.8CVSS9AI score0.01594EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•38 views

JVN#15222211: Cybozu Garoon vulnerable to cross-site request forgery

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, the user may be forced to log out. Solution Update the Software Update to the latest version according to the...

4.3CVSS4.9AI score0.01262EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/19 12:0 a.m.•47 views

JVN#14631222: Cybozu Garoon fails to restrict access permissions

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains following multiple vulnerabilities in restricting access permissions. Access restriction flaw in the RSS settings - CVE-2016-4908 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N|...

4.3CVSS5.2AI score0.0113EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/16 5:11 a.m.•4 views

Mutiple SONY Videoconference Systems do not properly perform authentication

Overview Multiple SONY Videoconference Systems have a default user account which does not require authentication to login to a device CWE-306. This user account has a privilege to view some of the system configuration files. As a result, the device may be manipulated by an attacker with...

8.8CVSS6.8AI score0.00733EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/16 12:0 a.m.•28 views

JVN#42070907: Multiple SONY Videoconference Systems do not properly perform authentication

Multiple SONY Videoconference Systems have a default user account which does not require authentication to login to a device CWE-306. This user account has a privilege to view some of the system configuration files. As a result, the device may be manipulated by an attacker with administrative...

8.8CVSS8.8AI score0.00733EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/13 5:0 a.m.•2 views

Apache ActiveMQ vulnerable to cross-site scripting

Overview Apache ActiveMQ provided by the Apache Software Foundation is a middleware that implements Java Message Service. Apache ActiveMQ contains a stored cross-site scripting vulnerability CWE-79. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA...

6.1CVSS5.9AI score0.06093EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/13 12:0 a.m.•25 views

JVN#78980598: Apache ActiveMQ vulnerable to cross-site scripting

Apache ActiveMQ provided by the Apache Software Foundation is a middleware that implements Java Message Service. Apache ActiveMQ contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update t...

6.1CVSS6.1AI score0.06093EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/12 5:49 a.m.•3 views

Access restriction bypass to delete DBM files in Cybozu Dezie

Overview Cybozu Dezie provided by Cybozu,Inc. contains an access restriction bypass vulnerability to delete DBM Cybozu Dezie proprietary format files. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under th...

7.5CVSS6.8AI score0.01804EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/12 5:49 a.m.•3 views

Access restriction bypass to download DBM files in Cybozu Dezie

Overview Cybozu Dezie provided by Cybozu,Inc. contains an access restriction bypass vulnerability to download DBM Cybozu Dezie proprietary format files. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under...

5.3CVSS6.8AI score0.01706EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/12 12:0 a.m.•46 views

JVN#16781735: Multiple access restriction bypass vulnerabilities in Cybozu Dezie

Cybozu Dezie contains multiple access restriction bypass vulnerabilities listed below. Access restriction bypass to download DBM files - CVE-2016-7832 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:N/A:N| Bas...

7.5CVSS6.6AI score0.01804EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/08 2:33 a.m.•5 views

The Bank of Tokyo-Mitsubishi UFJ for Android vulnerable to SSL/TLS downgrade attack

Overview The Bank of Tokyo-Mitsubishi UFJ for Android may be exploited by SSL/TLS downgrade attack. The Bank of Tokyo-Mitsubishi UFJ for Android provided by The Bank of Tokyo-Mitsubishi UFJ, Ltd. tries to communicate with a server via TLS v1.2. However, when a response from the server indicates S...

4.3CVSS6.5AI score0.00816EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/07 5:44 a.m.•4 views

Sleipnir for Mac vulnerable to URL spoofing

Overview Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.1CVSS6.5AI score0.00831EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/07 12:0 a.m.•30 views

JVN#28151745: Sleipnir for Mac vulnerable to URL spoofing

Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition. Impact The displayed URL may be forged to conduct phishing attacks. Solution Update the Software Update to the latest version according to the information provided by the developer...

6.1CVSS6.1AI score0.00831EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/05 6:2 a.m.•7 views

ManageEngine Password Manager Pro fails to restrict access permissions

Overview ManageEngine Password Manager Pro provided by Zoho Corporation fails to restrict access permissions. Impact A user may gain unauthorized access to other users' password entry history. Solution Update the Software This vulnerability has been addressed in Password Manager Pro 8.4.0 Build...

6.8CVSS6.8AI score0.0332EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/05 6:2 a.m.•2 views

Keitai Kit for Movable Type vulnerable to OS command injection

Overview Keitai Kit for Movable Type contains an OS command injection vulnerability. Keitai Kit for Movable Type provided by ideaman's Inc. contains an OS command injection vulnerability CWE-78. CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...

7.5CVSS7.5AI score
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/05 5:33 a.m.•9 views

Multiple SONY network cameras vulnerable to sensitive information disclosure

Overview Multiple SONY network cameras contain a sensitive information disclosure vulnerability. SEC Consult reported this vulnerability to Sony, and Sony reported this vulnerability to JPCERT/CC to notify the solution to users through JVN. JPCERT/CC and Sony coordinated for the publication of th...

8.8CVSS6.3AI score0.03901EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/05 5:32 a.m.•4 views

ManageEngine Password Manager Pro vulnerable to cross-site request forgery

Overview ManageEngine Password Manager Pro contains a cross-site request forgery vulnerability. ManageEngine Password Manager Pro provided by Zoho Corporation contains a cross-site request forgery vulnerability CWE-352. CWE-352: Cross-Site Request Forgery CSRF...

8CVSS6.6AI score0.01043EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/05 4:52 a.m.•5 views

SaAT Netizen fails to properly verify downloaded installation and update files

Overview SaAT Netizen contains a vulnerability where files downloaded for installation or an update are not properly verified. The SaAT Netizen installer and SaAT Netizen contain a vulnerability where downloaded files are not properly verified during the installation or update process...

8.1CVSS6.7AI score0.00572EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 5:46 a.m.•4 views

WNC01WH vulnerable to directory traversal due to an issue in processing POST request

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains a directory traversal vulnerability due to an issue in processing POST request. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

6.5CVSS6.7AI score0.02219EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 5:45 a.m.•4 views

WNC01WH vulnerable to directory traversal due to an issue in processing commands

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains a directory traversal vulnerability due to an issue in processing commands. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

6.5CVSS6.6AI score0.02219EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 5:44 a.m.•3 views

WNC01WH vulnerable to enabling debug option

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains an enabling debug option vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...

8.8CVSS6.5AI score0.01578EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 5:43 a.m.•4 views

WNC01WH vulnerable to stored cross-site scripting

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains a stored cross-site scripting vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6AI score0.0048EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 5:43 a.m.•4 views

WNC01WH vulnerable to cross-site request forgery

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains a cross-site request forgery vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

8.8CVSS6.5AI score0.00977EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 5:43 a.m.•5 views

WNC01WH vulnerable to denial-of-service (DoS)

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains a denial-of-service DoS vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.5CVSS6.5AI score0.0175EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/02 12:0 a.m.•56 views

JVN#40613060: Multiple vulnerabilities in WNC01WH

WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains multiple vulnerabilities listed below. Denial-of-service DoS - CVE-2016-7821 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H| Base Score: 6.5 CVSS v2| AV:N/AC:H/Au:N/C:N/I:N/A:C| Base...

8.8CVSS6.5AI score0.02219EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/01 4:40 a.m.•5 views

The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries

Overview The installers of multiple Japan Pension Service software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

7.8CVSS7.3AI score0.00956EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/12/01 12:0 a.m.•34 views

JVN#08868688: The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries

The installers of multiple Japan Pension Service software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact This vulnerability can be exploited when the following condition is met. If this vulnerability is exploited, an arbitrary code m...

7.8CVSS7.8AI score0.00956EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/30 6:17 a.m.•4 views

Multiple I-O DATA network camera products vulnerable to buffer overflow

Overview Multiple network camera products provided by I-O DATA DEVICE, INC. contain buffer overflow vulnerability. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9CVSS7.5AI score0.03252EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/30 6:17 a.m.•3 views

Multiple I-O DATA network camera products vulnerable to OS command injection

Overview Multiple network camera products provided by I-O DATA DEVICE, INC. contain OS command injection vulnerability. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

9CVSS7.6AI score0.02199EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/30 12:0 a.m.•58 views

JVN#25059363: Multiple I-O DATA network camera products multiple vulnerabilities

Multiple network camera products provided by I-O DATA DEVICE, INC. contain multiple vulnerabilities listed below. OS Command injection CWE-78 - CVE-2016-7819 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H| Base Score: 6.8 CVSS v2|...

9CVSS7.7AI score0.03252EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/28 4:47 a.m.•5 views

kintone mobile for Android fails to verify SSL server certificates

Overview kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates in WebView. Note that this vulnerability is different from JVN91816422. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc...

5.9CVSS6.5AI score0.00728EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/28 12:0 a.m.•28 views

JVN#20252219: kintone mobile for Android fails to verify SSL server certificates

kintone mobile for Android provided by Cybozu, Inc. fails to verify SSL server certificates in WebView. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provid...

5.9CVSS5.5AI score0.00728EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/25 4:54 a.m.•5 views

Simple keitai chat vulnerable to cross-site scripting

Overview Simple keitai chat provided by LEMON-S PHP contains reflected and stored cross-site scripting vulnerabilities CWE-79. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.1CVSS6.2AI score0.00872EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/25 12:0 a.m.•30 views

JVN#05493467: Simple keitai chat vulnerable to cross-site scripting

Simple keitai chat provided by LEMON-S PHP contains reflected and stored cross-site scripting vulnerabilities CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Simple keitai chat Simple keitai chat is no longer being developed or maintained. It is...

6.1CVSS6.3AI score0.00872EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/15 4:41 a.m.•3 views

DERAEMON-CMS vulnerable to cross-site scripting

Overview DERAEMON-CMS provided by TEAM DERAEMONS is a content management system CMS. install.php in DERAEMON-CMS contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing of the parameters hostname, database and username. Satoshi Ogawa of Mitsui Bussan Secure Directions, In...

6.1CVSS6AI score0.01195EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/15 12:0 a.m.•28 views

JVN#75396659: DERAEMON-CMS vulnerable to cross-site scripting

DERAEMON-CMS provided by TEAM DERAEMONS is a content management system CMS. install.php in DERAEMON-CMS contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing of the parameters hostname, database and username. Impact An arbitrary script may be executed on the user's web...

6.1CVSS6AI score0.01195EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/11 5:50 a.m.•4 views

CG-WLR300NX fails to restrict access permissions

Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX fails to restrict access permissions. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

8.8CVSS6.6AI score0.00889EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/11 5:49 a.m.•6 views

CG-WLR300NX vulnerable to cross-site scripting

Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX contains a cross-site scripting vulnerability CWE-79. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.8CVSS6AI score0.00765EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/11 5:49 a.m.•4 views

CG-WLR300NX vulnerable to cross-site request forgery

Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX contains a cross-site request forgery vulnerability CWE-352. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

8.8CVSS6.5AI score0.00913EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/11 5:45 a.m.•6 views

Multiple Corega wireless LAN routers vulnerable to cross-site scripting

Overview Multiple Corega wireless LAN routers contain a cross-site scripting vulnerability CWE-79. Yutaka Kokubu and Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. and Shuya Ueki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

6.1CVSS6.2AI score0.01195EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/11/11 4:51 a.m.•4 views

Multiple I-O DATA network camera products vulnerable to information disclosure

Overview Multiple network camera products provided by I-O DATA DEVICE, INC. contain an information disclosure vulnerability CWE-200. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

7.5CVSS6.5AI score0.02663EPSS
Exploits0References5
Total number of security vulnerabilities5625