Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/19 4:41 a.m.•3 views

Bump for Android vulnerable in handling of implicit intents

Overview Bump for Android is an application that allows users to share information and files. Bump for Android contains a vulnerability in the handling of implicit intents. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5CVSS6.5AI score0.00982EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/19 12:0 a.m.•26 views

JVN#08994136: Bump for Android vulnerable in handling of implicit intents

Bump for Android is an application that allows users to share information and files. Bump for Android contains a vulnerability in the handling of implicit intents. Impact Information such as the owner's name that was obtained from another device may be disclosed. Solution Do not use Bump for...

5CVSS6.1AI score0.00982EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/19 12:0 a.m.•24 views

JVN#61637002: Dotclear vulnerable to cross-site scripting

Dotclear is a weblog software. Dotclear contains a cross-site scripting vulnerability. Impact If a user views a crafted page while logged in, an arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the infomration...

4.3CVSS6AI score0.01187EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/18 11:36 a.m.•2 views

FileMaker Pro fails to verify SSL server certificates

Overview FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-2319. Impact A man-in-the-minddle attack may allow an attacker to...

5.8CVSS6.6AI score0.00521EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/18 11:36 a.m.•2 views

FileMaker Pro vulnerable to cross-site scripting

Overview FileMaker Pro contains an "Instant Web Publishing" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting. NOTE: This vulnerability exists because of an incomplete fix for CVE-2013-3640. Impact An arbitrary script may be executed on the user's web browser...

4.3CVSS6.8AI score0.01792EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/17 6:23 a.m.•4 views

365 Links series vulnerable to cross-site scripting

Overview 365 Links series provided by php365.com are link directory management tools. 365 Links series contain a cross-site scripting vulnerability. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/17 12:0 a.m.•28 views

JVN#36205251: 365 Links series vulnerable to cross-site scripting

365 Links series provided by php365.com are link directory management tools. 365 Links series contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information...

4.3CVSS5.9AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/12 5:0 a.m.•3 views

Help Page in multiple Adobe products vulnerable to cross-site scripting

Overview The Help page provided in multiple Adobe products contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be...

4.3CVSS6.2AI score0.02458EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/12 12:0 a.m.•24 views

JVN#84376800: Help Page in multiple Adobe products vulnerable to cross-site scripting

The Help page provided in multiple Adobe products contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version of the product according to the information provided by the developer...

4.3CVSS5.6AI score0.02458EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/09 6:2 a.m.•2 views

Movable Type vulnerable to cross-site scripting

Overview Movable Type provided by Six Apart, Ltd. contains a cross-site scripting vulnerability. Movable Type contains an issue in processing the management page, which may result in a cross-site scripting vulnerability. Saeki Tominaga reported this vulnerability to IPA. JPCERT/CC coordinated wit...

4CVSS6.1AI score0.00967EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/09 12:0 a.m.•23 views

JVN#73357573: Movable Type vulnerable to cross-site scripting

Movable Type contains an issue in processing the management page, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed or a false form may be displayed on the administrator's web browser. Solution Update the software Update to the latest version...

3.5CVSS5.7AI score0.00967EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/04 7:46 a.m.•1 views

WisePoint vulnerable to session fixation

Overview WisePoint provided by Falcon System Consulting, Inc. contains a session fixation vulnerability. Hiroki Ikemoto of NTT SOFT SERVICE Corp. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker m...

6.8CVSS6.6AI score0.01295EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/04 7:36 a.m.•4 views

EmFTP may insecurely load executable files

Overview EmFTP contains a flaw when loading files, where an unitended executable file may be loaded when attempting to open a file without an extension. For example, if a text file named "exmaple" without an extension and an executable "example.exe" are in the same directory, attemtping to open t...

5.1CVSS7.7AI score0.00354EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/04 12:0 a.m.•37 views

JVN#50367052: EmFTP may insecurely load executable files

EmFTP contains a flaw when loading files, where an unitended executable file may be loaded when attempting to open a file without an extension. For example, if a text file named "exmaple" without an extension and an executable "example.exe" are in the same directory, attemtping to open the file...

4.4CVSS7.3AI score0.00354EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/09/04 12:0 a.m.•28 views

JVN#49672671: WisePoint vulnerable to session fixation

WisePoint provided by Falcon System Consulting, Inc. contains a session fixation vulnerability. Impact An attacker may impersonate a registered user. As a result, information may be disclosed or altered. Solution Update the Software Update to the latest version according to the information provid...

6.8CVSS6.2AI score0.01295EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/29 4:38 a.m.•5 views

Kindle App for Android fails to verify SSL server certificates

Overview Kindle App for Android fails to verify SSL server certificates. Hiroshi Tokumaru of HASH Consulting Corp. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow an...

5.8CVSS6.5AI score0.00521EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/29 12:0 a.m.•25 views

JVN#17637243: Kindle App for Android fails to verify SSL server certificates

Kindle App for Android fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected...

5.8CVSS6.2AI score0.00521EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/26 4:33 a.m.•5 views

MailPoet Newsletters vulnerable to cross-site request forgery

Overview MailPoet Newsletters is a plugin for WordPress. MailPoet Newsletters contains a cross-site request forgery vulnerability. Yoshinori Matsumoto reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a use...

6.8CVSS6.5AI score0.0107EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/26 12:0 a.m.•25 views

JVN#94409737: MailPoet Newsletters vulnerable to cross-site request forgery

MailPoet Newsletters is a plugin for WordPress. MailPoet Newsletters contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, unintended operations may be conducted. Solution Update the Software Update to the latest version according to the...

6.8CVSS6.2AI score0.0107EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/19 3:35 a.m.•3 views

Advance-Flow vulnerable to SQL injection

Overview Advance-Flow provided by OSK Co., LTD contains an issue in processing input data, which may result in SQL injection. Yoshinori Ohta of Business Architects Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...

7.5CVSS7.2AI score0.01164EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/19 12:0 a.m.•36 views

JVN#20812625: Advance-Flow vulnerable to SQL injection

Advance-Flow provided by OSK Co., LTD contains an issue in processing input data, which may result in SQL injection. Impact A user may obtain or alter information on the database. Solution Do not use Advance-Flow The developer has stated that the support of Advance-Flow has been discontinued thus...

7.5CVSS6.8AI score0.01164EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/18 4:32 a.m.•3 views

Cakifo vulnerable to cross-site scripting

Overview Cakifo is a theme for WordPress. Cakifo contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on...

3.5CVSS6.1AI score0.01489EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/18 12:0 a.m.•23 views

JVN#27531188: Cakifo vulnerable to cross-site scripting

Cakifo is a theme for WordPress. Cakifo contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the theme Update to the latest version according to the information provided by the developer. Products Affected Cakifo 1.0 ...

3.5CVSS5.8AI score0.01489EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/15 4:27 a.m.•4 views

Shutter vulnerable to cross-site scripting

Overview Shutter provided by tenfourzero is a web package allowing users to share their photos. Shutter contains a cross-site scripting vulnerability, which can be exploited through the SQL injection vulnerability JVN48039501. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS7.1AI score0.00931EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/15 4:24 a.m.•5 views

Shutter vulnerable to SQL injection

Overview Shutter provided by tenfourzero is a web package allowing users to share their photos. lib/admin.php in Shutter contains a SQL injection vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.5CVSS7.8AI score0.01164EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/15 12:0 a.m.•84 views

JVN#04455183: Shutter vulnerable to cross-site scripting

Shutter provided by tenfourzero is a web package allowing users to share their photos. Shutter contains a cross-site scripting vulnerability, which can be exploited through the SQL injection vulnerability JVN48039501. Impact If an administrator views a malicious page while logged in, an arbitrary...

4.3CVSS6.8AI score0.00931EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/15 12:0 a.m.•57 views

JVN#48039501: Shutter vulnerable to SQL injection

Shutter provided by tenfourzero is a web package allowing users to share their photos. lib/admin.php in Shutter contains a SQL injection vulnerability. Impact If an administrator views a malicious page while logged in, an arbitrary SQL command may be executed. Solution Uninstall the Software...

7.5CVSS7.4AI score0.01164EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/14 3:32 a.m.•1 views

Ameba for Android contains an issue where it fails to verify SSL server certificates

Overview Ameba for Android contains an issue where it fails to verify SSL server certificates. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-minddle attack may allow an attacker...

5.8CVSS6.6AI score0.00819EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/14 12:0 a.m.•27 views

JVN#27702217: Ameba for Android contains an issue where it fails to verify SSL server certificates

Ameba for Android contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the develope...

5.8CVSS6.2AI score0.00819EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/12 5:3 a.m.•1 views

Dominion KX2-101 vulnerable to denial-of-service (DoS)

Overview Dominion KX2-101 provided by Raritan Japan, Inc. contains a denial-of-service DoS vulnerability. Dominion KX2-101 provided by Raritan Japan, Inc. is a KVM-over-IP switch. Dominion KX2-101 contains a denial-of-service DoS vulnerability. Yusuke Okano reported this vulnerability to IPA...

7.8CVSS6.8AI score0.02271EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/12 12:0 a.m.•23 views

JVN#07957080: Dominion KX2-101 vulnerable to denial-of-service (DoS)

Dominion KX2-101 provided by Raritan Japan, Inc. is a KVM-over-IP switch. Dominion KX2-101 contains a denial-of-service DoS vulnerability. Impact By receiving a specially crafted packet, the product may be forced to stop responding. Solution Upgrade to Dominion KX2-101 V2 The vulnerability has be...

7.8CVSS6.4AI score0.02271EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 4:57 a.m.•2 views

Piwigo vulnerable to SQL injection

Overview Piwigo is a software to manage and host image files on the web. Piwigo contains a SQL injection vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

6.5CVSS7.2AI score0.01007EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 4:52 a.m.•3 views

Piwigo vulnerable to cross-site scripting

Overview Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS7AI score0.01792EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 4:49 a.m.•3 views

Piwigo vulnerable to cross-site scripting

Overview Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability when the "Community" plugin is activated and validation on user uploaded photos is disabled. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS6AI score0.01187EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 12:0 a.m.•33 views

JVN#09717399: Piwigo vulnerable to cross-site scripting

Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided by the developer. According to t...

4.3CVSS6.7AI score0.01792EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 12:0 a.m.•23 views

JVN#87962145: Piwigo vulnerable to SQL injection

Piwigo is a software to manage and host image files on the web. Piwigo contains a SQL injection vulnerability. Impact An authenticated attacker may obtain information stored in the database. Solution Apply a patch Apply the patch according to the information provided by the developer. According t...

6.5CVSS6.4AI score0.01007EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/08 12:0 a.m.•32 views

JVN#80310172: Piwigo vulnerable to cross-site scripting

Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability when the "Community" plugin is activated and validation on user uploaded photos is disabled. Impact When a user views a specially crafted image, arbitrary JavaScript may be execute...

4.3CVSS5.8AI score0.01187EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/06 6:22 a.m.•5 views

GOM Player vulnerable to denial-of-service (DoS)

Overview GOM Player provided by Gretech contains a denial-of-service DoS vulnerability due to an issue in processing an image file. Security Engineering Laboratory, IT Security CenterISEC, IPA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.3CVSS6.5AI score0.01523EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/06 12:0 a.m.•27 views

JVN#32726697: GOM Player vulnerable to denial-of-service (DoS)

GOM Player provided by Gretech contains a denial-of-service DoS vulnerability due to an issue in processing an image file. Impact When processing a specially crafted image file, the player may not be launched. Solution Update the Software Update to the latest version according to the information...

4.3CVSS6.2AI score0.01523EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/01 6:42 a.m.•3 views

ServerView Operations Manager vulnerable to cross-site scripting

Overview ServerView Operations Manager provided by FUJITSU LIMITED is server management software. ServerView Operations Manager contains a cross-site scripting vulnerability. TAIZO TSUKAMOTO of GLOBAL SECURITY EXPERTS inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

4.3CVSS6.1AI score0.01792EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/01 12:0 a.m.•37 views

JVN#22534185: ServerView Operations Manager vulnerable to cross-site scripting

ServerView Operations Manager provided by FUJITSU LIMITED is server management software. ServerView Operations Manager contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version...

4.3CVSS5.9AI score0.01792EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/30 6:11 a.m.•1 views

Outlook.com for Android contains an issue where it fails to verify SSL server certificates

Overview Outlook.com for Android contains an issue where it fails to verify SSL server certificates. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-minddle attack may allow an...

4CVSS6.6AI score0.02887EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/30 12:0 a.m.•29 views

JVN#72950786: Outlook.com for Android contains an issue where it fails to verify SSL server certificates

Outlook.com for Android contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...

4CVSS6AI score0.02887EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 5:24 a.m.•2 views

Multiple I-O DATA IP Cameras vulnerable to authentication bypass

Overview Multiple IP Cameras provided by I-O DATA contain an authentication bypass vulnerability. Impact An attacker who can access the product may be able to gain access to configuration and credential information. As a result, the attacker may take control of the product. Solution Apply an upda...

6.4CVSS7.1AI score0.02199EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 5:20 a.m.•2 views

PerlMailer vulnerable to cross-site scripting

Overview PerlMailer from Homepage Decorator is a mail form CGI which is used to send mail from a form on a web page. PerlMailer CGI scripts contain a cross-site scripting vulnerability. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the vendors under Information...

4.3CVSS6.3AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 5:15 a.m.•3 views

acmailer contains a cross-site request forgery vulnerability

Overview Several cgi programs in acmailer contain a cross-site request forgery vulnerability. Kazuki Hirota of Keio University Keiji Takeda Research Group reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a...

6.8CVSS6.6AI score0.00924EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 12:0 a.m.•30 views

JVN#85748534: PerlMailer vulnerable to cross-site scripting

PerlMailer from Homepage Decorator is a mail form CGI which is used to send mail from a form on a web page. PerlMailer CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

4.3CVSS6.1AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 12:0 a.m.•42 views

JVN#94592501: Multiple I-O DATA IP Cameras vulnerable to authentication bypass

Multiple IP Cameras provided by I-O DATA contain an authentication bypass vulnerability. Impact An attacker who can access the product may be able to gain access to configuration and credential information. As a result, the attacker may take control of the product. Solution Apply an update Update...

6.4CVSS6.9AI score0.02199EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/29 12:0 a.m.•35 views

JVN#42511610: acmailer contains a cross-site request forgery vulnerability

Several cgi programs in acmailer contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, information registered in the product may be altered or deleted, or in some cases, the authorization privilege can be stolen. Solution Update the Software...

6.8CVSS6.3AI score0.00924EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/25 5:44 a.m.•10 views

Arbitrary program execution vulnerability in TrendLink ActiveX control

Overview TrendLink provided by Canary Labs is a tool to help visualize data for analysis. The SaveToFile method provided in the ActiveX control in TrendLink contains a vulnerability where file creation is not properly restricted. Security Research and Service Institute - Information and...

8.5CVSS7.2AI score0.0129EPSS
Exploits0References6
Total number of security vulnerabilities5625