Lucene search
K

5627 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/24 2:18 a.m.5 views

Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)

Overview Trend Micro Incorporated has released security updates for Trend Micro Internet Security and Trend Micro Maximum Security that contains a fix for a link following local privilege escalation vulnerability CVE-2025-49384, CVE-2025-49385. Trend Micro Incorporated reported this vulnerability...

7.8CVSS6.9AI score0.00146EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/24 12:0 a.m.11 views

JVN#21624250: Inefficient regular expressions in GROWI

GROWI provided by GROWI, Inc. contains the following vulnerability. Inefficient regular expression complexity CWE-1333 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Base Score 4.3 CVE-2025-43880 Impact A logged-in user...

5.3CVSS6.9AI score0.00271EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/24 12:0 a.m.12 views

JVN#39435597: Multiple vulnerabilities in ELECOM wireless LAN routers

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted upload of file with dangerous type CWE-434 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score 4...

9.8CVSS7.9AI score0.02628EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/18 4:42 a.m.3 views

KCM3100 vulnerable to authentication bypass using an alternate path or channel

Overview KCM3100 provided by KAON is a Wi-Fi enabled gateway. KCM3100 contains the following vulnerability. Authentication bypass using an alternate path or channel CWE-288 - CVE-2025-51381 Namihiko Matsumura reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

9.8CVSS6.8AI score0.00631EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/18 12:0 a.m.7 views

JVN#46288336: KCM3100 vulnerable to authentication bypass using an alternate path or channel

KCM3100 provided by KAON is a Wi-Fi enabled gateway. KCM3100 contains the following vulnerability. Authentication bypass using an alternate path or channel CWE-288 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Scor...

9.8CVSS7.2AI score0.00631EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/13 7:9 a.m.3 views

Multiple vulnerabilities in RICOH Streamline NX PC Client

Overview RICOH Streamline NX PC Client provided by Ricoh Company, Ltd. contains multiple vulnerabilities listed below. External control of file name or path CWE-73 - CVE-2025-36506 Path traversal CWE-22 - CVE-2025-46783 Use of less trusted source CWE-348 - CVE-2025-48825 Ricoh Company, Ltd...

9.8CVSS7.2AI score0.00776EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/13 12:0 a.m.26 views

JVN#27937557: Multiple vulnerabilities in RICOH Streamline NX PC Client

RICOH Streamline NX PC Client provided by Ricoh Company, Ltd. contains multiple vulnerabilities listed below. External control of file name or path CWE-73 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Base Score 6.5...

9.8CVSS7.8AI score0.00776EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/12 6:56 a.m.4 views

UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

Overview UpdateNavi provided by Fujitsu Client Computing Limited contains the following vulnerability. Improper restriction of communication channel to intended endpoints CWE-923 Shu Yoshikoshi of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.1CVSS6.8AI score0.00109EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/12 12:0 a.m.6 views

JVN#17860456: UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints

UpdateNavi provided by Fujitsu Client Computing Limited contains the following vulnerability. Improper restriction of communication channel to intended endpoints CWE-923 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Bas...

7.1CVSS7.1AI score0.00109EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/06 4:56 a.m.3 views

Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery

Overview Multiple surveillance cameras provided by i-PRO Co., Ltd. contain the following vulnerability. Cross-Site Request Forgery CSRF CWE-352 - CVE-2025-36513 Diego Giubertoni of Nozomi Networks Inc. reported this vulnerability to i-PRO Co., Ltd. and coordinated. After the coordination was...

5.1CVSS6.4AI score0.00126EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/06 12:0 a.m.9 views

JVN#10964289: Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery

Multiple surveillance cameras provided by i-PRO Co., Ltd. contain the following vulnerability. Cross-Site Request Forgery CSRF CWE-352 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3 CVE-2025-36513 Impact I...

5.1CVSS6.6AI score0.00126EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/03 6:35 a.m.3 views

TimeWorks vulnerable to path traversal

Overview The web server module of TimeWorks provided by Keiyo System Co., LTD contains the following vulnerability. Path traversal CWE-22 - CVE-2025-41428 Masamu Asato of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

6.9CVSS6.7AI score0.00574EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/03 5:40 a.m.4 views

Improper file access permission settings in PC Time Tracer

Overview PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below. Incorrect default permissions CWE-276 - CVE-2025-46355 Ruslan Sayfiev and Masahiro Kawada of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

7.3CVSS6.5AI score0.00139EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/03 12:0 a.m.13 views

JVN#37075430: TimeWorks vulnerable to path traversal

The web server module of TimeWorks provided by Keiyo System Co., LTD contains the following vulnerability. Path traversal CWE-22 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score 5.3 CVE-2025-41428 Impact Arbitra...

6.9CVSS7.1AI score0.00574EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/03 12:0 a.m.10 views

JVN#05562338: Improper file access permission settings in PC Time Tracer

PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below. Incorrect default permissions CWE-276 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.0 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Base Score 7.3 CVE-2025-46355 Impact Arbitrary...

7.3CVSS6.8AI score0.00139EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/30 6:57 a.m.5 views

Multiple vulnerabilities in wivia 5

Overview wivia 5 provided by UCHIDA YOKO CO., LTD. contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2025-41385 Cross-site Scripting CWE-79 - CVE-2025-41406 Client-Side Enforcement of Server-Side Security CWE-602 - CVE-2025-47697 Shogo Iyota of GMO Cybersecurity by...

7.5CVSS7.3AI score0.0124EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/30 12:0 a.m.12 views

JVN#51394666: Multiple vulnerabilities in wivia 5

wivia 5 provided by UCHIDA YOKO CO., LTD. contains multiple vulnerabilities listed below. OS Command Injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H Base Score 6.7 CVE-2025-41385 Cross-site Scripting CWE-...

7.5CVSS8AI score0.0124EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/26 5:22 a.m.3 views

Mailform Pro CGI generating error messages containing sensitive information

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains a vulnerability listed below. Generation of error message containing sensitive information CWE-209 - CVE-2025-41441 Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

9.8CVSS6.6AI score0.00935EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/26 12:0 a.m.37 views

JVN#39546799: Mailform Pro CGI generating error messages containing sensitive information

Mailform Pro CGI provided by SYNCK GRAPHICA contains a vulnerability listed below. Generation of error message containing sensitive information CWE-209 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Base Score 3.7...

6.3CVSS6.8AI score0.00338EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/23 6:36 a.m.4 views

Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox'

Overview The optional feature 'Anti-Virus & Sandbox' of i-FILTER provided by Digital Arts Inc. validates pattern files improperly. Improper pattern file validation CWE-348 - CVE-2025-47149 Digital Arts Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC...

6.9CVSS6.6AI score0.00148EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/23 12:0 a.m.9 views

JVN#68079883: Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox'

The optional feature 'Anti-Virus & Sandbox' of i-FILTER provided by Digital Arts Inc. validates pattern files improperly. Improper pattern file validation CWE-348 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score...

6.9CVSS5.3AI score0.00148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/22 6:3 a.m.5 views

Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers

Overview Production Printers, Office/Small Office Multifunction Printers, and Laser Printers provided by Canon Inc. do not implement sufficient protection on credential information CWE-522. CVE-2025-3078, CVE-2025-3079 Canon Inc. reported these vulnerabilities to JPCERT/CC to notify users of the...

8.7CVSS6.8AI score0.00618EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/16 5:32 a.m.73 views

Multiple vulnerabilities in V-SFT

Overview V-SFT provided by FUJI ELECTRIC CO., LTD. contains multiple vulnerabilities listed below. Free of Pointer not at Start of Buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function CWE-761 CVE-2025-47749 Out-of-bounds Write in VS6MemInIF!settemptypedefault function CWE-787...

8.4CVSS7.1AI score0.00211EPSS
Exploits0References18
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/15 9:27 a.m.3 views

Multiple vulnerabilities in I-O DATA network attached hard disk 'HDL-T Series'

Overview Network attached hard disk 'HDL-T Series' provided by I-O DATA DEVICE, INC. contains multiple vulnerabilities. OS command injection CWE-78 Affected when 'Remote Link3 function' is enabled CVE-2025-32002 Missing authentication for critical function CWE-306 CVE-2025-32738 Chuya Hayakawa an...

9.8CVSS8.3AI score0.01705EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/15 9:11 a.m.5 views

Multiple vulnerabilities in a-blog cms

Overview a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Path traversal CWE-22 CVE-2025-27566 This is an issue with insufficient path validation in the backup feature, and exploitation requires the administrator privilege Cross-site scripting CWE-79...

9.8CVSS6.6AI score0.00463EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/15 7:14 a.m.3 views

Pgpool-II vulnerable to authentication bypass by primary weakness

Overview Pgpool-II provided by PgPool Global Development Group contains the following vulnerability. Authentication bypass by primary weakness CWE-305 - CVE-2025-46801 PgPool Global Development Group reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...

9.8CVSS6.7AI score0.00791EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/15 12:0 a.m.14 views

JVN#06238225: Pgpool-II vulnerable to authentication bypass by primary weakness

Pgpool-II provided by PgPool Global Development Group contains the following vulnerability. Authentication bypass by primary weakness CWE-305 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8 CVE-2025-46801...

9.8CVSS7AI score0.00791EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/14 2:30 a.m.11 views

Panasonic IR Control Hub vulnerable to Unauthorised firmware loading

Overview IR Control Hub provided by Panasonic contains a vulnerability that may lead to loading of unauthorized firmware. IR Control Hub provided by Panasonic verifies the hash value of the loading firmware when booting, but it keeps booting with the firmware even when it detects that the hash...

7.5CVSS6.6AI score0.00209EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/12 9:0 a.m.5 views

Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Overview Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs multifunction printers. Web Image Monitor contains the vulnerability listed below. Reflected cross-site scripting CWE-79 - CVE-2025-41393 Juan Pablo Gomez Postigo of Sprocket...

6.1CVSS6.1AI score0.00639EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/12 8:52 a.m.4 views

Multiple vulnerabilities in GL-MT2500 and GL-MT2500A

Overview GL-MT2500 and GL-MT2500A provided by GL.iNet contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2024-57391 Inefficient regular expression complexity CWE-1333 - CVE-2025-2811 Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to...

7.5CVSS7.5AI score0.0034EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/05/12 12:0 a.m.17 views

JVN#20474768: Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs multifunction printers. Web Image Monitor contains the vulnerability listed below. Reflected cross-site scripting CWE-79 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N...

6.1CVSS6.1AI score0.00639EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/30 2:46 a.m.19 views

Improper access permission settings in multiple SEIKO EPSON printer drivers for Windows OS

Overview Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. Incorrect default permissions CWE-276 - CVE-2025-42598 Private security researcher Erkan Ekici reported this vulnerabili...

8.4CVSS7.4AI score0.00169EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/30 1:38 a.m.46 views

Security Update for Trend Micro Trend Vision One (April 2025)

Overview Trend Micro Incorporated has released the security update for the administration console of Trend Vision One. This update addressed the following vulnerabilities: CVE-2025-31282, CVE-2025-31283, CVE-2025-31284, CVE-2025-31285, CVE-2025-31286 Trend Micro Incorporated reported these...

9CVSS7.1AI score0.00413EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/25 4:49 a.m.5 views

Multiple vulnerabilities in Quick Agent

Overview Quick Agent provided by SIOS Technology, Inc. is a Windows application for the following Ricoh MFPs' multifunction printers scan solutions. Quick Scan Easy FAX Speedoc Smart eco FAX Quick Agent contains multiple vulnerabilities listed below. Path traversal vulnerability in the file uploa...

9.2CVSS7.6AI score0.00777EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/25 12:0 a.m.23 views

JVN#82536398: Multiple vulnerabilities in Quick Agent

Quick Agent provided by SIOS Technology, Inc. is a Windows application for the following Ricoh MFPs' multifunction printers scan solutions. Quick Scan Easy FAX Speedoc Smart eco FAX Quick Agent contains multiple vulnerabilities listed below. Path traversal vulnerability in the file upload functio...

9.2CVSS7.6AI score0.00777EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/24 4:50 a.m.5 views

i-PRO Configuration Tool vulnerable to use of hard-coded cryptographic key

Overview i-PRO Configuration Tool provided by i-PRO Co., Ltd. contains a vulnerability below. Use of hard-coded cryptographic key CWE-321 Diego Giubertoni of Nozomi Networks Inc. reported this vulnerability to i-PRO Co., Ltd. and coordinated. After the coordination was completed, i-PRO Co., Ltd...

6.8CVSS6.5AI score0.0015EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/24 12:0 a.m.14 views

JVN#84627857: i-PRO Configuration Tool vulnerable to use of hard-coded cryptographic key

i-PRO Configuration Tool provided by i-PRO Co., Ltd. contains a vulnerability below. Use of hard-coded cryptographic key CWE-321 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score: 6.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Base Score: 5.5 CVE-2025-32730 Impact...

6.8CVSS6.7AI score0.0015EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/18 7:50 a.m.8 views

Active! mail vulnerable to stack-based buffer overflow

Overview Active! mail provided by QUALITIA CO., LTD. contains a stack-based buffer overflow vulnerability CWE-121. The developer states that attacks exploiting the vulnerability has been observed. QUALITIA CO., LTD. reported this vulnerability to JPCERT/CC to notify users of its solution through...

9.8CVSS8.1AI score0.03084EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/18 12:0 a.m.31 views

JVN#22348866: Active! mail vulnerable to stack-based buffer overflow

Active! mail provided by QUALITIA CO., LTD. contains a stack-based buffer overflow vulnerability CWE-121. The developer states that attacks exploiting the vulnerability has been observed. Impact Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead t...

9.8CVSS8AI score0.03084EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/11 4:52 a.m.4 views

TP-Link Deco BE65 Pro vulnerable to OS command injection

Overview Deco BE65 Pro provided by TP-LINK contains an OS command injection vulnerability CWE-78. Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An arbitrary OS command may be executed by the user who can log...

8CVSS7.4AI score0.01711EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/10 6:36 a.m.3 views

Multiple vulnerabilities in BizRobo!

Overview BizRobo! is an RPA Robotic Process Automation software provided by OPEN, Inc. Users compile an automation flow using DesignStudio, a development application that runs on Windows, and create robot files. A web application Management Console is provided to schedule RPA execution and to che...

9.8CVSS7.1AI score0.84362EPSS
Exploits5References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/10 12:0 a.m.19 views

JVN#30641875: Multiple vulnerabilities in BizRobo!

BizRobo! is an RPA Robotic Process Automation software provided by OPEN, Inc. Users compile an automation flow using DesignStudio, a development application that runs on Windows, and create robot files. A web application Management Console is provided to schedule RPA execution and to check the...

9.8CVSS7.3AI score0.84362EPSS
Exploits5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/09 5:55 a.m.8 views

Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (April 2025)

Overview Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Apex Central 2019 Information Disclosure due to...

7.8CVSS6.6AI score0.00299EPSS
Exploits0References11
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/07 8:44 a.m.4 views

Multiple vulnerabilities in Inaba Denki Sangyo Wi-Fi AP UNIT 'AC-WPS-11ac series'

Overview Wi-Fi AP UNIT 'AC-WPS-11ac series' provided by Inaba Denki Sangyo Co., Ltd. contain multiple vulnerabilities listed below. Incorrect privilege assignment in the WEB UI the setting page CWE-266 - CVE-2025-23407 OS command injection in the WEB UI the setting page CWE-78 - CVE-2025-25053...

9.8CVSS8AI score0.00959EPSS
Exploits0References17
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/03 3:29 a.m.4 views

WinRAR vulnerable to the symbolic link based "Mark of the Web" check bypass

Overview WinRAR provided by RARLAB contains a vulnerability that bypasses the "Mark of the Web" CWE-356 security warning function for files when opening a symbolic link that points to an executable file. In the initial Windows configuration, only administrators have the privilege to create symbol...

6.8CVSS7.1AI score0.01233EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/03 12:0 a.m.46 views

JVN#59547048: WinRAR vulnerable to the symbolic link based "Mark of the Web" check bypass

WinRAR provided by RARLAB contains a vulnerability that bypasses the "Mark of the Web" CWE-356 security warning function for files when opening a symbolic link that points to an executable file. In the initial Windows configuration, only administrators have the privilege to create symbolic links...

6.8CVSS7.5AI score0.01233EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/02 6:12 a.m.6 views

Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products

Overview HMI ViewJet C-more series and HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contain multiple vulnerabilities listed below. Improper Restriction of Rendered UI Layers or Frames CWE-1021 - CVE-2025-24310 Allocation of Resources Without Limits or Throttling CWE-770 -...

7.2CVSS7AI score0.00974EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/02 6:5 a.m.9 views

Out-of-bounds Write vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers

Overview Out-of-bounds Write vulnerabilities were found in Canon printer drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers. Out-of-bounds Write vulnerability on curve segmentation CWE-787 - CVE-2025-0234 Out-of-bounds Write vulnerability on image...

9.4CVSS7.2AI score0.00788EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/02 12:0 a.m.19 views

JVN#17260367: Multiple vulnerabilities in JTEKT ELECTRONICS CORPORATION's products

HMI ViewJet C-more series and HMI GC-A2 series provided by JTEKT ELECTRONICS CORPORATION contain multiple vulnerabilities listed below. Improper Restriction of Rendered UI Layers or Frames CWE-1021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3 CVE-2025-24310 Allocation of Resources...

6.5CVSS7.5AI score0.00575EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/04/01 5:20 a.m.22 views

WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization

Overview WordPress plugin "Welcart e-Commerce" provided by Welcart Inc. contains an untrusted data deserialization vulnerability CWE-502. Hiroshi Sawada of CrowdStrike Holdings, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

8.8CVSS7.1AI score0.0043EPSS
Exploits0References5
Total number of security vulnerabilities5627