Research

List of Vulnerabilities

Publically disclosed vulnerabilities discovered by MBSD researchers

By Published Date
By CVSS Score

CVE: CVE-2021-20713

Description: QND is vulnerable to privilege escalation

CVSS Score: 7.8

Published: 2021/05/21

JVN: JVN#74686032

CVE: CVE-2021-20722

Description: The installers of ScanSnap Manager is vulnerable to loading Dynamic Link Libraries

CVSS Score: 7.8

Published: 2021/05/21

JVN: JVN#65733194

CVE: CVE-2021-20714

Description: WordPress plugin "WP Fastest Cache" is vulnerable to directory traversal

CVSS Score: 3.8

Published: 2021/04/27

JVN: JVN#35240327

CVE: CVE-2021-20680

Description: Multiple Aterm products are vulnerable to Cross-site Scripting

CVSS Score: 6.1

Published: 2021/04/09

JVN: JVN#67456944

CVE: CVE-2021-20708

Description: Multiple Aterm products are vulnerable to OS Command Injection

CVSS Score: 6.8

Published: 2021/04/09

JVN: JVN#29739718

CVE: CVE-2021-20709

Description: Multiple Aterm products are vulnerable to Improper Validation of Integrity Check Value

CVSS Score: 6.8

Published: 2021/04/09

JVN: JVN#29739718

CVE: CVE-2021-20678

Description: WordPress plugin "Paid Memberships Pro" is vulnerable to SQL injection

CVSS Score: 6.3

Published: 2021/03/17

JVN: JVN#08191557

CVE: CVE-2021-20624

Description: Cybozu Office is vulnerable to Operational restrictions bypass vulnerability in Scheduler

CVSS Score: 4.3

Published: 2021/03/15

JVN: JVN#45797538

CVE: CVE-2021-20625

Description: Cybozu Office is vulnerable to Operational restrictions bypass vulnerability in Bulletin Board

CVSS Score: 4.3

Published: 2021/03/15

JVN: JVN#45797538

CVE: CVE-2021-20629

Description: Cybozu Office is vulnerable to Cross-site scripting vulnerability in E-mail

CVSS Score: 4.7

Published: 2021/03/15

JVN: JVN#45797538

CVE: CVE-2021-20674

Description: Installer of MagicConnect Client program is vulnerable to loading Dynamic Link Libraries

CVSS Score: 7.0

Published: 2021/03/11

JVN: JVN#18056666

CVE: CVE-2021-20654

Description: Wekan is vulnerable to cross-site scripting

CVSS Score: 5.4

Published: 2021/02/10

JVN: JVN#80785288

CVE: CVE-2020-5626

Description: Multiple Infoscience Corporation log management tools are vulnerable to OS command injection

CVSS Score: 7.5

Published: 2021/01/27

JVN: JVN#41853173

CVE: CVE-2021-20638

Description: LOGITEC product LAN-W300N/PGRB is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2021/01/26

JVN: JVN#96783542

CVE: CVE-2021-20639

Description: LOGITEC product LAN-W300N/PGRB is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2021/01/26

JVN: JVN#96783542

CVE: CVE-2021-20640

Description: LOGITEC product LAN-W300N/PGRB is vulnerable to Buffer overflow

CVSS Score: 6.8

Published: 2021/01/26

JVN: JVN#96783542

CVE: CVE-2021-20645

Description: ELECOM product WRC-300FEBK-A is vulnerable to Stored cross-site scripting

CVSS Score: 5.4

Published: 2021/01/26

JVN: JVN#47580234

CVE: CVE-2021-20646

Description: ELECOM product WRC-300FEBK-A is vulnerable to Cross-site request forgery

CVSS Score: 4.3

Published: 2021/01/26

JVN: JVN#47580234

CVE: CVE-2021-20619

Description: GROWI is vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2021/01/19

JVN: JVN#57544707

CVE: CVE-2020-5650

Description: WordPress Plugin "Simple Download Monitor" is vulnerable to Cross-site Scripting

CVSS Score: 6.1

Published: 2020/10/21

JVN: JVN#31425618

CVE: CVE-2020-5651

Description: WordPress Plugin "Simple Download Monitor" is vulnerable to SQL Injection

CVSS Score: 5.4

Published: 2020/10/21

JVN: JVN#31425618

CVE: CVE-2019-0233

Description: Apache Struts 2 is vulnerable to denial-of-service (DoS)

CVSS Score: 5.9

Published: 2020/08/25

JVN: JVN#50890770

CVE: CVE-2020-5619

Description: Exment is vulnerable to Stored cross-site scripting in some input fields

CVSS Score: 5.4

Published: 2020/08/21

JVN: JVN#88315581

CVE: CVE-2020-5620

Description: Exment is vulnerable to Stored cross-site scripting in upload files

CVSS Score: 5.4

Published: 2020/08/21

JVN: JVN#88315581

CVE: CVE-2020-5615

Description: Multiple products provided by PHP Factory are vulnerable to Cross-site Request Forgery

CVSS Score: 4.3

Published: 2020/07/31

JVN: JVN#73169744

CVE: CVE-2020-5616

Description: Multiple products provided by PHP Factory are vulerable to Authentication bypass

CVSS Score: 4.8

Published: 2020/07/31

JVN: JVN#73169744

CVE: CVE-2020-5607

Description: SHIRASAGI is vulnerable to open redirect

CVSS Score: 4.7

Published: 2020/07/09

JVN: JVN#55657988

CVE: CVE-2020-5587

Description: Cybozu Garoon is vulnerable to token-related information leakage

CVSS Score: 5.3

Published: 2020/06/29

JVN: JVN#55497111

CVE: CVE-2020-5572

Description: Cybozu products is vulnerable to Credential Disclosure

CVSS Score: 4.6

Published: 2020/05/29

JVN: JVN#78745667

CVE: CVE-2020-5573

Description: Cybozu products is vulnerable to Credential Disclosure

CVSS Score: 4.6

Published: 2020/05/29

JVN: JVN#78745667

CVE: CVE-2020-5537

Description: Cybozu Desktop for Windows is vulnerable to arbitrary code execution

CVSS Score: 8.3

Published: 2020/05/25

JVN: JVN#59552136

CVE: CVE-2020-5579

Description: WordPress Plugin "Paid Memberships Pro" is vulnerable to SQL injection

CVSS Score: 4.7

Published: 2020/05/19

JVN: JVN#20248858

CVE: CVE-2020-11055

Description: BookStack is vulnerable to cross-site scripting

CVSS Score: 5.4

Published: 2020/05/13

JVN: JVN#41035278

CVE: CVE-2020-5574

Description: Movable Type is vulnerable to HTML attribute value injection

CVSS Score: 4.7

Published: 2020/05/13

JVN: JVN#28806943

CVE: CVE-2020-5575

Description: Movable Type is vulnerable to Cross-site scripting due to a flaw in processing multiple query strings

CVSS Score: 6.1

Published: 2020/05/13

JVN: JVN#28806943

CVE: CVE-2020-5576

Description: Movable Type is vulnerable to Cross-site request forgery

CVSS Score: 4.3

Published: 2020/05/13

JVN: JVN#28806943

CVE: CVE-2020-5577

Description: Movable Type is vulnerable to Unrestricted upload of file with specific extentions

CVSS Score: 6.3

Published: 2020/05/13

JVN: JVN#28806943

CVE: CVE-2020-1606

Description: Junos OS is vulnerable to directory traversal

CVSS Score: 5.4

Published: 2020/01/10

JVN: JVN#07375820

CVE: CVE-2020-1607

Description: Junos OS is vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2020/01/10

JVN: JVN#21753370

CVE: CVE-2019-6033

Description: a-blog cms is vulnerable to Reflected cross-site scripting

CVSS Score: 6.1

Published: 2019/12/20

JVN: JVN#10377257

CVE: CVE-2019-6034

Description: a-blog cms is vulnerable to Script injection due to a flaw in processing cookie

CVSS Score: 6.1

Published: 2019/12/20

JVN: JVN#10377257

CVE: CVE-2019-6019

Description: STAMP Workbench installer is vulnerable to insecurely loading Dynamic Link Libraries

CVSS Score: 7.8

Published: 2019/11/26

JVN: JVN#19386781

CVE: CVE-2019-6024

Description: Rakuma App is vulnerable to authentication information disclosure

CVSS Score: 4.7

Published: 2019/11/07

JVN: JVN#41566067

CVE: CVE-2019-6011

Description: WordPress Plugin "wpDataTables Lite" is vulnerable to Cross-site Scripting

CVSS Score: 6.1

Published: 2019/10/11

JVN: JVN#14776551

CVE: CVE-2019-6012

Description: WordPress Plugin "wpDataTables Lite" is vulnerable to SQL Injection

CVSS Score: 7.2

Published: 2019/10/11

JVN: JVN#14776551

CVE: CVE-2019-6016

Description: EC-CUBE module "REMISE Payment module (2.11, 2.12 and 2.13)" provided by REMISE Corporation is vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2019/10/07

JVN: JVN#59436681

CVE: CVE-2019-6017

Description: EC-CUBE module "REMISE Payment module (2.11, 2.12 and 2.13)" provided by REMISE Corporation is vulnerable to information disclosure

CVSS Score: 5.3

Published: 2019/10/07

JVN: JVN#59436681

CVE: CVE-2019-6003

Description: EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" is vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2019/08/07

JVN

CVE: CVE-2019-5985

Description: Hikari Denwa router/Home GateWay is vulnerable to Cross-site Scripting

CVSS Score: 6.1

Published: 2019/06/27

JVN: JVN#43172719

CVE: CVE-2019-5986

Description: Hikari Denwa router/Home GateWay is vulnerable to Cross-site Request Forgery

CVSS Score: 6.5

Published: 2019/06/27

JVN: JVN#43172719

CVE: CVE-2019-5965

Description: Joruri Mail is vulnerable to Open Redirect

CVSS Score: 4.7

Published: 2019/06/07

JVN: JVN#58052567

CVE: CVE-2019-5966

Description: Joruri Mail is vulnerable to Session Management

CVSS Score: 5.4

Published: 2019/06/07

JVN: JVN#58052567

CVE: CVE-2019-0188

Description: Apache Camel is vulnerable to XML external entity injection (XXE)

CVSS Score: 5.8

Published: 2019/05/22

JVN: JVN#71498764

CVE: CVE-2019-5934

Description: Cybozu Garoo is vulnerable to SQL injection

CVSS Score: 6.0

Published: 2019/04/25

JVN: JVN#58849431

CVE: CVE-2019-5945

Description: Cybozu Garoon is vulnerable to Information disclosure

CVSS Score: 5.3

Published: 2019/04/25

JVN: JVN#58849431

CVE: CVE-2019-5927

Description: "an" App for iOS is vulnerable to directory traversal

CVSS Score: 4.7

Published: 2019/03/19

JVN: JVN#60497148

CVE: CVE-2019-5923

Description: iChain Insurance Wallet App for iOS is vulnerable to directory traversal

CVSS Score: 4.7

Published: 2019/03/12

JVN: JVN#11622218

CVE: CVE-2019-5921

Description: Windows 7 is vulnerable to Application Directory (App Dir) DLL planting

CVSS Score: 7.8

Published: 2019/02/28

JVN: JVN#69181574

CVE: CVE-2019-5910

Description: HOUSE GATE App for iOS is vulnerable to directory traversal

CVSS Score: 4.7

Published: 2019/01/24

JVN: JVN#98505783

CVE: CVE-2018-16202

Description: cordova-plugin-ionic-webview is vulnerable to path traversal

CVSS Score: 4.7

Published: 2018/12/21

JVN: JVN#69812763

CVE: CVE-2018-16197

Description: Toshiba Lighting & Technology Corporation Home gateway is vulnerable to Improper access control

CVSS Score: 6.3

Published: 2018/12/19

JVN: JVN#99810718

CVE: CVE-2018-16198

Description: Toshiba Lighting & Technology Corporation Home gateway is vulnerable to Hidden functionality

CVSS Score: 8.8

Published: 2018/12/19

JVN: JVN#99810718

CVE: CVE-2018-16199

Description: Toshiba Lighting & Technology Corporation Home gateway is vulnerable to Cross-site scripting

CVSS Score: 6.1

Published: 2018/12/19

JVN: JVN#99810718

CVE: CVE-2018-16200

Description: Toshiba Lighting & Technology Corporation Home gateway is vulnerable to OS command injection

CVSS Score: 8.8

Published: 2018/12/19

JVN: JVN#99810718

CVE: CVE-2018-16201

Description: Toshiba Lighting & Technology Corporation Home gateway is vulnerable to Hard-coded credentials

CVSS Score: 8.8

Published: 2018/12/19

JVN: JVN#99810718

CVE: CVE-2018-16170

Description: Cybozu Remote Service is vulnerable to Directory traversal in used device management screen

CVSS Score: 9.6

Published: 2018/12/10

JVN: JVN#23161885

CVE: CVE-2018-16171

Description: Cybozu Remote Service is vulnerable to Directory traversal in client certificates registration function

CVSS Score: 7.5

Published: 2018/12/10

JVN: JVN#23161885

CVE: CVE-2018-0688

Description: Multiple SEIKO EPSON printers and scanners is vulnerable to Open Redirect

CVSS Score: 4.7

Published: 2018/12/06

JVN: JVN#89767228

CVE: CVE-2018-0689

Description: Multiple SEIKO EPSON printers and scanners is vulnerable to HTTP header injection

CVSS Score: 4.7

Published: 2018/12/06

JVN: JVN#89767228

CVE: CVE-2018-0676

Description: Panasonic BN-SDWBP3 is vulnerable to Improper Authentication

CVSS Score: 8.8

Published: 2018/11/20

JVN: JVN#65082538

CVE: CVE-2018-0677

Description: Panasonic BN-SDWBP3 is vulnerable to OS Command Injection

CVSS Score: 6.8

Published: 2018/11/20

JVN: JVN#65082538

CVE: CVE-2018-0678

Description: Panasonic BN-SDWBP3 is vulnerable to Buffer Overflow

CVSS Score: 6.8

Published: 2018/11/20

JVN: JVN#65082538

CVE: CVE-2018-0674

Description: AttacheCase is vulnerable to arbitrary script execution

CVSS Score: 7.8

Published: 2018/08/31

JVN: JVN#02037158

CVE: CVE-2018-0675

Description: AttacheCase is vulnerable to arbitrary script execution

CVSS Score: 7.8

Published: 2018/08/31

JVN: JVN#02037158

CVE: CVE-2018-0666

Description: Multiple Yamaha network devices are vulnerable to script injection

CVSS Score: 4.3

Published: 2018/08/29

JVN: JVN#69967692

CVE: CVE-2018-0657

Description: EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE are vulnerable to Cross-site scripting

CVSS Score: 6.1

Published: 2018/08/09

JVN: JVN#06372244

CVE: CVE-2018-0658

Description: EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE are vulnerable to Input validation bypass

CVSS Score: 3.8

Published: 2018/08/09

JVN: JVN#06372244

CVE: CVE-2018-0661

Description: I-O DATA network camera products contain multiple vulnerabilities

CVSS Score: 6.3

Published: 2018/08/07

JVN: JVN#83701666

CVE: CVE-2018-0662

Description: I-O DATA network camera products contain multiple vulnerabilities

CVSS Score: 4.3

Published: 2018/08/07

JVN: JVN#83701666

CVE: CVE-2018-0663

Description: I-O DATA network camera products contain multiple vulnerabilities

CVSS Score: 4.7

Published: 2018/08/07

JVN: JVN#83701666

CVE: CVE-2018-0659

Description: AttacheCase is vulnerable to directory traversal

CVSS Score: 3.3

Published: 2018/08/06

JVN: JVN#62121133

CVE: CVE-2018-0660

Description: AttacheCase is vulnerable to directory traversal

CVSS Score: 3.3

Published: 2018/08/06

JVN: JVN#62121133

CVE: CVE-2018-0625

Description: Aterm WG1200HP is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#00401783

CVE: CVE-2018-0626

Description: Aterm WG1200HP is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#00401783

CVE: CVE-2018-0627

Description: Aterm WG1200HP is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#00401783

CVE: CVE-2018-0628

Description: Aterm WG1200HP is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#00401783

CVE: CVE-2018-0629

Description: Aterm W300P is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#26629618

CVE: CVE-2018-0630

Description: Aterm W300P is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#26629618

CVE: CVE-2018-0631

Description: Aterm W300P is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#26629618

CVE: CVE-2018-0632

Description: Aterm W300P is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#26629618

CVE: CVE-2018-0633

Description: Aterm W300P is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#26629618

CVE: CVE-2018-0634

Description: HC100RC is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0635

Description: HC100RC is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0636

Description: HC100RC is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0637

Description: HC100RC is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0638

Description: HC100RC is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0639

Description: HC100RC is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0640

Description: HC100RC is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0641

Description: HC100RC is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2018/07/12

JVN: JVN#84825660

CVE: CVE-2018-0618

Description: Mailman is vulnerable to cross-site scripting

CVSS Score: 4.8

Published: 2018/06/28

JVN: JVN#00846677

CVE: CVE-2018-0569

Description: baserCMS is vulnerable to Command injection

CVSS Score: 6.3

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-0570

Description: baserCMS is vulnerable to Cross-site scripting

CVSS Score: 5.4

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-0571

Description: baserCMS is vulnerable to Unrestricted Upload of File with Dangerous Type in upload file management function

CVSS Score: 4.3

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-0572

Description: baserCMS is vulnerable to Restrict access permissions failure in contents management function

CVSS Score: 4.3

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-0573

Description: baserCMS is vulnerable to Restrict access permissions failture for a content with a period being public is expired management function

CVSS Score: 5.3

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-0574

Description: baserCMS is vulnerable to Cross-site scripting in theme management function

CVSS Score: 6.1

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-0575

Description: baserCMS is vulnerable to Restrict access permissions failure in the function to attach files in mail form

CVSS Score: 5.3

Published: 2018/05/22

JVN: JVN#67881316

CVE: CVE-2018-1147

Description: Nessus is vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2018/05/21

JVN: JVN#96954395

CVE: CVE-2018-0592

Description: Microsoft OneDrive is vulnerable to Application Directory (App Dir) DLL planting

CVSS Score: 7.8

Published: 2018/05/17

JVN: JVN#91151862

CVE: CVE-2018-0593

Description: The installer of Microsoft OneDrive is vulnerable to Application Directory (App Dir) DLL planting

CVSS Score: 7.8

Published: 2018/05/17

JVN: JVN#91151862

CVE: CVE-2018-0596

Description: The installer of Visual Studio Community is vulnerable to Application Directory (App Dir) DLL planting

CVSS Score: 7.8

Published: 2018/05/17

JVN: JVN#91151862

CVE: CVE-2018-0585

Description: WordPress plugin "Ultimate Member" is vulnerable to Cross-site Scripting

CVSS Score: 5.4

Published: 2018/05/10

JVN: JVN#28804532

CVE: CVE-2018-0586

Description: WordPress plugin "Ultimate Member" is vulnerable to Directory Traversal in the shortcodes function

CVSS Score: 5.0

Published: 2018/05/10

JVN: JVN#28804532

CVE: CVE-2018-0587

Description: WordPress plugin "Ultimate Member" is vulnerable to Arbitrary File Upload

CVSS Score: 5.3

Published: 2018/05/10

JVN: JVN#28804532

CVE: CVE-2018-0588

Description: WordPress plugin "Ultimate Member" is vulnerable to Directory Traversal in the AJAX function

CVSS Score: 7.2

Published: 2018/05/10

JVN: JVN#28804532

CVE: CVE-2018-0589

Description: WordPress plugin "Ultimate Member" is vulnerable to Access Restriction Bypass in the "Forms" page

CVSS Score: 4.3

Published: 2018/05/10

JVN: JVN#28804532

CVE: CVE-2018-0590

Description: WordPress plugin "Ultimate Member" is vulnerable to Access Restriction Bypass due to an issue in processing "Role"

CVSS Score: 4.3

Published: 2018/05/10

JVN: JVN#28804532

CVE: CVE-2018-0583

Description: RT-AC1200HP is vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2018/05/09

JVN: JVN#34562916

CVE: CVE-2018-1142

Description: Tenable Appliance is vulnerable to cross-site scripting

CVSS Score: 5.4

Published: 2018/04/12

JVN: JVN#71255137

CVE: CVE-2018-0554

Description: WZR-1750DHP2 is vulnerable to Missing Authentication for Critical Function

CVSS Score: 8.8

Published: 2018/03/29

JVN: JVN#93397125

CVE: CVE-2018-0555

Description: WZR-1750DHP2 is vulnerable to Buffer Overflow

CVSS Score: 5.0

Published: 2018/03/29

JVN: JVN#93397125

CVE: CVE-2018-0556

Description: WZR-1750DHP2 is vulnerable to OS Command Injection

CVSS Score: 6.3

Published: 2018/03/29

JVN: JVN#93397125

CVE: CVE-2017-10852

Description: CG-WGR1200 is vulnerable to Buffer Overflow

CVSS Score: 8.8

Published: 2018/03/09

JVN: JVN#15201064

CVE: CVE-2017-10853

Description: CG-WGR1200 is vulnerable to Buffer Overflow

CVSS Score: 8.8

Published: 2018/03/09

JVN: JVN#15201064

CVE: CVE-2017-10854

Description: CG-WGR1200 is vulnerable to Authentication bypass

CVSS Score: 8.8

Published: 2018/03/09

JVN: JVN#15201064

CVE: CVE-2018-0521

Description: WXR-1900DHP2 is vulnerable to Missing Authentication for Critical Function

CVSS Score: 8.8

Published: 2018/02/26

JVN: JVN#97144273

CVE: CVE-2018-0522

Description: WXR-1900DHP2 is vulnerable to Buffer Overflow

CVSS Score: 5.0

Published: 2018/02/26

JVN: JVN#97144273

CVE: CVE-2018-0523

Description: WXR-1900DHP2 is vulnerable to OS Command Injection

CVSS Score: 6.3

Published: 2018/02/26

JVN: JVN#97144273

CVE: CVE-2018-0514

Description: MP Form Mail CGI eCommerce Edition vulnerable to OS command injection

CVSS Score: 5.6

Published: 2018/02/08

JVN: JVN#15462187

CVE: CVE-2018-0512

Description: Multiple I-O DATA network devices incorporating "MagicalFinder" vulnerable to OS command injection

CVSS Score: 6.8

Published: 2018/02/06

JVN: JVN#36048131

CVE: CVE-2017-10896

Description: Multiple broadband routers provided by BUFFALO INC. are vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2017/12/01

JVN: JVN#65994435

CVE: CVE-2017-10897

Description: Multiple broadband routers provided by BUFFALO INC. contain improper input validation

CVSS Score: 4.5

Published: 2017/12/01

JVN: JVN#65994435

CVE: CVE-2017-10900

Description: Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 is vulnerable to improper Access Restriction

CVSS Score: 7.3

Published: 2017/11/30

JVN: JVN#98295787

CVE: CVE-2017-10901

Description: Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 is vulnerable to buffer overflow

CVSS Score: 7.5

Published: 2017/11/30

JVN: JVN#98295787

CVE: CVE-2017-10902

Description: Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 is vulnerable to OS Command Injection

CVSS Score: 9.8

Published: 2017/11/30

JVN: JVN#98295787

CVE: CVE-2017-10903

Description: Wireless mobile storage "Digizo ShAirDisk" PTW-WMS1 contains improper Authentication

CVSS Score: 9.8

Published: 2017/11/30

JVN: JVN#98295787

CVE: CVE-2017-10886

Description: CS-Cart Japanese Edition vulnerable to cross-site scripting

CVSS Score: 5.4

Published: 2017/11/13

JVN: JVN#29602086

CVE: CVE-2017-10875

Description: I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS)

CVSS Score: 3.5

Published: 2017/11/06

JVN: JVN#87886530

CVE: CVE-2017-2131

Description: Home unit KX-HJB1000 has improper access control

CVSS Score: 5.3

Published: 2017/10/17

JVN: JVN#54795166

CVE: CVE-2017-2132

Description: Home unit KX-HJB1000 allows deletion of an arbitrary file in the specific directory

CVSS Score: 6.5

Published: 2017/10/17

JVN: JVN#54795166

CVE: CVE-2017-2133

Description: Home unit KX-HJB1000 is vulnerable to SQL injection

CVSS Score: 4.7

Published: 2017/10/17

JVN: JVN#54795166

CVE: CVE-2017-10813

Description: CG-WLR300NM provided by Corega Inc. is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2017/09/08

JVN: JVN#00719891

CVE: CVE-2017-10814

Description: CG-WLR300NM provided by Corega Inc. is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2017/09/08

JVN: JVN#00719891

CVE: CVE-2017-10832

Description: "Dokodemo eye Smart HD" SCR02HD is vulnerable to OS command injection

CVSS Score: 9.8

Published: 2017/08/23

JVN: JVN#87410770

CVE: CVE-2017-10833

Description: "Dokodemo eye Smart HD" SCR02HD is vulnerable to improper access restriction

CVSS Score: 6.4

Published: 2017/08/23

JVN: JVN#87410770

CVE: CVE-2017-10834

Description: "Dokodemo eye Smart HD" SCR02HD is vulnerable to directory traversal

CVSS Score: 4.3

Published: 2017/08/23

JVN: JVN#87410770

CVE: CVE-2017-10835

Description: "Dokodemo eye Smart HD" SCR02HD is vulnerable to arbitrary PHP code execution

CVSS Score: 8.8

Published: 2017/08/23

JVN: JVN#87410770

CVE: CVE-2017-2228

Description: Teikihoukokusho Sakuseishien Tool may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2017/08/17

JVN: JVN#53292345

CVE: CVE-2017-10811

Description: WCR-1166DS vulnerable to OS command injection

CVSS Score: 6.8

Published: 2017/08/08

JVN: JVN#05340005

CVE: CVE-2017-2280

Description: I-O DATA WN-AX1167GR contains hard-coded credentials

CVSS Score: 8.8

Published: 2017/07/27

JVN: JVN#01312667

CVE: CVE-2017-2281

Description: I-O DATA WN-AX1167GR is vulnerable to OS command injection

CVSS Score: 8.8

Published: 2017/07/27

JVN: JVN#01312667

CVE: CVE-2017-2282

Description: I-O DATA WN-AX1167GR is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2017/07/27

JVN: JVN#01312667

CVE: CVE-2017-2283

Description: I-O DATA WN-G300R31 uses hard-coded credentials

CVSS Score: 8.8

Published: 2017/07/27

JVN: JVN#51410509

CVE: CVE-2017-2335

Description: Multiple cross-site scripting vulnerabilities in ScreenOS

CVSS Score: 8.4

Published: 2017/07/24

JVN: JVN#74247807

CVE: CVE-2017-2336

Description: Multiple cross-site scripting vulnerabilities in ScreenOS

CVSS Score: 8.4

Published: 2017/07/24

JVN: JVN#74247807

CVE: CVE-2017-2337

Description: Multiple cross-site scripting vulnerabilities in ScreenOS

CVSS Score: 8.4

Published: 2017/07/24

JVN: JVN#74247807

CVE: CVE-2017-2338

Description: Multiple cross-site scripting vulnerabilities in ScreenOS

CVSS Score: 8.4

Published: 2017/07/24

JVN: JVN#74247807

CVE: CVE-2017-2339

Description: Multiple cross-site scripting vulnerabilities in ScreenOS

CVSS Score: 8.4

Published: 2017/07/24

JVN: JVN#74247807

CVE: CVE-2017-2275

Description: SONY Portable Wireless Server WG-C10 is vulnerable to OS command injection

CVSS Score: 6.8

Published: 2017/07/19

JVN: JVN#14151222

CVE: CVE-2017-2276

Description: SONY Portable Wireless Server WG-C10 is vulnerable to buffer overflow

CVSS Score: 6.8

Published: 2017/07/19

JVN: JVN#14151222

CVE: CVE-2017-2277

Description: SONY Portable Wireless Server WG-C10 fails to restrict access permissions

CVSS Score: 7.3

Published: 2017/07/19

JVN: JVN#77412145

CVE: CVE-2017-10178

Description: Oracle WebLogic Server has HTTP Header Injection Vulnerability

CVSS Score: 6.1

Published: 2017/07/18

JVN

CVE: CVE-2016-7221

Description: Microsoft IME may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2017/07/07

JVN: JVN#21627267

CVE: CVE-2017-2232

Description: Installer of Shinseiyou Sougou Soft provided by The Ministry of Justice may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2017/06/30

JVN: JVN#23389212

CVE: CVE-2017-2234

Description: Toshiba Lighting & Technology Corporation Home gateway has a non-documented developer's screen.

CVSS Score: 2.4

Published: 2017/06/27

JVN: JVN#85901441

CVE: CVE-2017-2235

Description: Toshiba Lighting & Technology Corporation Home gateway has improper access control.

CVSS Score: 5.4

Published: 2017/06/27

JVN: JVN#85901441

CVE: CVE-2017-2236

Description: Toshiba Lighting & Technology Corporation Home gateway has hard-coded credentials.

CVSS Score: 8.8

Published: 2017/06/27

JVN: JVN#85901441

CVE: CVE-2017-2237

Description: Toshiba Lighting & Technology Corporation Home gateway vulnerable to OS command injection.

CVSS Score: 6.8

Published: 2017/06/27

JVN: JVN#85901441

CVE: CVE-2017-2238

Description: Toshiba Lighting & Technology Corporation Home gateway vulnerable to cross-site request forgery.

CVSS Score: 7.1

Published: 2017/06/27

JVN: JVN#85901441

CVE: CVE-2017-2225

Description: Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2017/06/26

JVN: JVN#01775119

CVE: CVE-2017-2183

Description: OS command injection in Clock Settings

CVSS Score: 6.8

Published: 2017/06/20

JVN: JVN#24348065

CVE: CVE-2017-2184

Description: Buffer overflow in WebUI

CVSS Score: 8.8

Published: 2017/06/20

JVN: JVN#24348065

CVE: CVE-2017-2185

Description: OS command injection in WebUI

CVSS Score: 6.8

Published: 2017/06/20

JVN: JVN#24348065

CVE: CVE-2017-2186

Description: Improper autentication in WebUI

CVSS Score: 6.5

Published: 2017/06/20

JVN: JVN#24348065

CVE: CVE-2017-2223

Description: Multiple I-O DATA network camera products vulnerable to cross-site request forgery

CVSS Score: 7.1

Published: 2017/06/20

JVN: JVN#65411235

CVE: CVE-2017-2194

Description: Source code security studying tool iCodeChecker vulnerable to cross-site scripting

CVSS Score: 5.0

Published: 2017/06/13

JVN: JVN#25078144

CVE: CVE-2017-2216

Description: Cross-site scripting vulnerability in WordPress plugin "WordPress Download Manager"

CVSS Score: 6.1

Published: 2017/06/13

JVN: JVN#79738260

CVE: CVE-2017-2217

Description: Open redirect vulnerability in WordPress plugin "WordPress Download Manager"

CVSS Score: 4.7

Published: 2017/06/13

JVN: JVN#79738260

CVE: CVE-2017-7759

Description: Android intent URLs can cause navigation to local file system

CVSS Score: -

Published: 2017/06/13

JVN: -

CVE: CVE-2017-2215

Description: Installer of "Setup file of advance preparation" may insecurely load Dinamic Link Libraries

CVSS Score: 7.8

Published: 2017/06/09

JVN: JVN#34508179

CVE: CVE-2017-2214

Description: AppCheck may insecurely invoke an executable file

CVSS Score: 7.8

Published: 2017/06/07

JVN: JVN#99737748

CVE: CVE-2017-2173

Description: Empirical Project Monitor - eXtended vulnerable to cross-site scripting

CVSS Score: 5.4

Published: 2017/05/19

JVN: JVN#85512750

CVE: CVE-2017-2174

Description: Empirical Project Monitor - eXtended vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2017/05/19

JVN: JVN#11326581

CVE: CVE-2017-2161

Description: FlashAir fails to restrict access permissions in PhotoShare

CVSS Score: 3.5

Published: 2017/05/16

JVN: JVN#46372675

CVE: CVE-2017-2162

Description: FlashAir do not set credential information in PhotoShare

CVSS Score: 4.3

Published: 2017/05/16

JVN: JVN#81820501

CVE: CVE-2017-2164

Description: The installer of SOY CMS vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2017/05/11

JVN: JVN#51978169

CVE: CVE-2017-2122

Description: Nessus vulnerable to cross-site scripting

CVSS Score: 5.4

Published: 2017/05/09

JVN: JVN#87760109

CVE: CVE-2017-2157

Description: The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2017/05/09

JVN: JVN#39605485

CVE: CVE-2017-5466

Description: Origin confusion when reloading isolated data:text/html URL

CVSS Score: -

Published: 2017/04/19

JVN: -

CVE: CVE-2017-2137

Description: NETGEAR ProSAFE Plus Configuration Utility vulnerable to improper access control

CVSS Score: 3.4

Published: 2017/04/18

JVN: JVN#08740778

CVE: CVE-2017-2148

Description: WN-AC1167GR vulnerable to cross-site scripting

CVSS Score: 4.3

Published: 2017/04/14

JVN: JVN#01537659

CVE: CVE-2017-2136

Description: WordPress plugin "WP Statistics" vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2017/04/13

JVN: JVN#62392065

CVE: CVE-2017-2147

Description: WordPress plugin "WP Statistics" vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2017/04/13

JVN: JVN#77253951

CVE: CVE-2017-2138

Description: CS-Cart Japanese Edition vulnerable to cross-site request forgery

CVSS Score: 4.3

Published: 2017/04/10

JVN: JVN#87770873

CVE: CVE-2017-2139

Description: CS-Cart Japanese Edition fails to restrict access permissions

CVSS Score: 5.3

Published: 2017/04/10

JVN: JVN#14396697

CVE: CVE-2017-2141

Description: OS command injection in WN-G300R3

CVSS Score: 6.8

Published: 2017/04/10

JVN: JVN#81024552

CVE: CVE-2017-2142

Description: Stack based buffer overflow in WN-G300R3

CVSS Score: 8.8

Published: 2017/04/10

JVN: JVN#81024552

CVE: CVE-2017-2143

Description: CS-Cart Japanese Edition fails to restrict access permissions

CVSS Score: 5.3

Published: 2017/04/10

JVN: JVN#25598952

CVE: CVE-2017-2123

Description: OneThird CMS vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2017/03/07

JVN: JVN#49408248

CVE: CVE-2017-2111

Description: I-O DATA network camera products HTTP header injection vulnerability

CVSS Score: 4.7

Published: 2017/03/02

JVN: JVN#46830433

CVE: CVE-2017-2112

Description: I-O DATA network camera products OS command injection vulnerability

CVSS Score: 8.8

Published: 2017/03/02

JVN: JVN#46830433

CVE: CVE-2017-2113

Description: I-O DATA network camera products buffer overflow vulnerability

CVSS Score: 8.8

Published: 2017/03/02

JVN: JVN#46830433

CVE: CVE-2016-8737

Description: Apache Brooklyn contains a cross-site request forgery vulnerability

CVSS Score: 4.3

Published: 2017/02/15

JVN: JVN#55489964

CVE: CVE-2017-3165

Description: Apache Brooklyn contains cross-site scripting vulnerabilities

CVSS Score: 5.4

Published: 2017/02/15

JVN: JVN#55489964

CVE: CVE-2016-6592

Description: Norton Download Manager may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2017/02/10

JVN: JVN#40667528

CVE: CVE-2017-2106

Description: Multiple cross-site scripting vulnerabilities in Webmin

CVSS Score: 6.1

Published: 2017/02/09

JVN: JVN#34207650

CVE: CVE-2016-7838

Description: Wireshark for Windows issue where an arbitrary file may be deleted

CVSS Score: 3.6

Published: 2016/12/26

JVN: JVN#90813656

CVE: CVE-2016-6810

Description: Apache ActiveMQ vulnerable to cross-site scripting

CVSS Score: 4.8

Published: 2016/12/13

JVN: JVN#78980598

CVE: CVE-2016-7821

Description: Multiple vulnerabilities in WNC01WH

CVSS Score: 6.5

Published: 2016/12/02

JVN: JVN#40613060

CVE: CVE-2016-7822

Description: Multiple vulnerabilities in WNC01WH

CVSS Score: 7.1

Published: 2016/12/02

JVN: JVN#40613060

CVE: CVE-2016-7823

Description: Multiple vulnerabilities in WNC01WH

CVSS Score: 4.3

Published: 2016/12/02

JVN: JVN#40613060

CVE: CVE-2016-7824

Description: Multiple vulnerabilities in WNC01WH

CVSS Score: 6.8

Published: 2016/12/02

JVN: JVN#40613060

CVE: CVE-2016-7825

Description: Multiple vulnerabilities in WNC01WH

CVSS Score: 2.0

Published: 2016/12/02

JVN: JVN#40613060

CVE: CVE-2016-7826

Description: Multiple vulnerabilities in WNC01WH

CVSS Score: 6.1

Published: 2016/12/02

JVN: JVN#40613060

CVE: CVE-2016-7819

Description: Multiple I-O DATA network camera products multiple vulnerabilities

CVSS Score: 6.8

Published: 2016/11/30

JVN: JVN#25059363

CVE: CVE-2016-7820

Description: Multiple I-O DATA network camera products multiple vulnerabilities

CVSS Score: 6.8

Published: 2016/11/30

JVN: JVN#25059363

CVE: CVE-2016-7813

Description: DERAEMON-CMS vulnerable to cross-site scripting

CVSS Score: 4.7

Published: 2016/11/15

JVN: JVN#75396659

CVE: CVE-2016-7809

Description: CG-WLR300NX vulnerable to cross-site request forgery

CVSS Score: 7.1

Published: 2016/11/11

JVN: JVN#23823838

CVE: CVE-2016-7810

Description: CG-WLR300NX vulnerable to cross-site scripting

CVSS Score: 4.3

Published: 2016/11/11

JVN: JVN#92237169

CVE: CVE-2016-7811

Description: CG-WLR300NX fails to restrict access permissions

CVSS Score: 6.8

Published: 2016/11/11

JVN: JVN#23549283

CVE: CVE-2016-7804

Description: Installer of 7-Zip for Windows may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2016/10/26

JVN: JVN#76780067

CVE: CVE-2016-4900

Description: Installer of Evernote for Windows may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2016/10/19

JVN: JVN#03251132

CVE: -

Description: Microsoft Windows based applications may insecurely load dynamic libraries

CVSS Score: -

Published: 2016/10/13

JVN: JVNVU#707943

CVE: CVE-2016-4891

Description: SetucoCMS contains multiple vulnerabilities.

CVSS Score: 5.4

Published: 2016/10/07

JVN: JVN#80157683

CVE: CVE-2016-4892

Description: SetucoCMS contains multiple vulnerabilities.

CVSS Score: 6.1

Published: 2016/10/07

JVN: JVN#80157683

CVE: CVE-2016-4896

Description: SetucoCMS contains multiple vulnerabilities.

CVSS Score: 4.2

Published: 2016/10/07

JVN: JVN#80157683

CVE: CVE-2016-4877

Description: baserCMS and bundled multiple plugins (Blog, Mail, Feed, and Uploader) contain multiple vulnerabilities. A user in Administrative group may be tricked to insert an arbitrary script in an administration page. The stored script may be executed on the user's web browser when another user in Administrative group accesses the administration page.

CVSS Score: 5.4

Published: 2016/09/29

JVN: JVN#92765814

CVE: CVE-2016-4879

Description: baserCMS and bundled multiple plugins (Blog, Mail, Feed, and Uploader) contain multiple vulnerabilities. When any of those plugins "Blog", "Mail", or "Feed" is enabled and a logged-in user in Administrative group accesses a malicious URL, the user may be forced to conduct unintended operations on the baserCMS server.

CVSS Score: 4.3

Published: 2016/09/29

JVN: JVN#92765814

CVE: CVE-2016-4880

Description: baserCMS and bundled multiple plugins (Blog, Mail, Feed, and Uploader) contain multiple vulnerabilities. A user in Administrative group may be tricked to insert an arbitrary script in an administration page. The stored script may be executed on the user's web browser when another user in Administrative group accesses the administration page.

CVSS Score: 5.4

Published: 2016/09/29

JVN: JVN#92765814

CVE: CVE-2016-4881

Description: baserCMS and bundled multiple plugins (Blog, Mail, Feed, and Uploader) contain multiple vulnerabilities. When any of those plugins "Blog", "Mail", or "Feed" is enabled and a logged-in user in Administrative group accesses a malicious URL, the user may be forced to conduct unintended operations on the baserCMS server

CVSS Score: 4.3

Published: 2016/09/29

JVN: JVN#92765814

CVE: CVE-2016-4849

Description: Geeklog IVYWE edition contains a cross-site scripting vulnerability

CVSS Score: 6.1

Published: 2016/08/19

JVN: JVN#09836883

CVE: CVE-2016-4846

Description: Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2016/08/17

JVN: JVN#45583702

CVE: CVE-2016-4834

Description: Vtiger CRM does not properly restrict access to application data

CVSS Score: 5.4

Published: 2016/07/20

JVN: JVN#01956993

CVE: CVE-2016-4831

Description: LINE for Windows may insecurely load Dynamic Link Libraries

CVSS Score: 7.8

Published: 2016/07/08

JVN: JVN#51565015

CVE: CVE-2016-4430

Description: Multiple vulnerabilities in Apache Struts 2:Cross-site request forgery

CVSS Score: 3.1

Published: 2016/06/20

JVN: JVN#45093481

CVE: CVE-2016-4431

Description: Multiple vulnerabilities in Apache Struts 2:Input validation bypass

CVSS Score: 5.6

Published: 2016/06/20

JVN: JVN#45093481

CVE: CVE-2016-4433

Description: Multiple vulnerabilities in Apache Struts 2:Validation bypass in Getter method

CVSS Score: 5.6

Published: 2016/06/20

JVN: JVN#45093481

CVE: CVE-2016-4815

Description: Multiple Buffalo wireless LAN routers vulnerable to directory traversal

CVSS Score: 6.5

Published: 2016/05/27

JVN: JVN#81698369

CVE: CVE-2016-4816

Description: Multiple Buffalo wireless LAN routers vulnerable to information disclosure

CVSS Score: 4.3

Published: 2016/05/27

JVN: JVN#75813272

CVE: CVE-2016-1222

Description: php-contact-form vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2016/05/24

JVN: JVN#85112513

CVE: CVE-2016-1211

Description: Web Mailing List vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2016/05/19

JVN: JVN#43076390

CVE: CVE-2016-1178

Description: a-blog cms vulnerable to session management

CVSS Score: 4.8

Published: 2016/05/16

JVN: JVN#03975805

CVE: CVE-2016-1179

Description: a-blog cms vulnerable to cross-site scripting

CVSS Score: 4.7

Published: 2016/05/16

JVN: JVN#73166466

CVE: CVE-2016-1207

Description: WN-G300R Series vulnerable to cross-site scripting

CVSS Score: 4.3

Published: 2016/05/12

JVN: JVN#22978346

CVE: CVE-2016-4585

Description: A cross-site scripting issue existed in Safari URL redirection. This issue was addressed through improved URL validation on redirection.

CVSS Score: -

Published: 2016/05/11

JVN: -

CVE: CVE-2016-1169

Description: baserCMS plugin "Recruit Plugin" multiple vulnerabilities/ baserCMS plugin "Menubook Plugin" multiple vulnerabilities baserCMS plugin "Casebook Plugin" multiple vulnerabilities

CVSS Score: 6.1

Published: 2016/04/06

JVN: JVN#13288761 / JVN#26627848 / JVN#55801246

CVE: CVE-2016-1170

Description: baserCMS plugin "Recruit Plugin" multiple vulnerabilities baserCMS plugin "Menubook Plugin" multiple vulnerabilities baserCMS plugin "Casebook Plugin" multiple vulnerabilities

CVSS Score: 6.1

Published: 2016/04/06

JVN: JVN#13288761 / JVN#26627848 / JVN#55801246

CVE: CVE-2016-1167

Description: Aterm WG300HP vulnerable to cross-site request forgery

CVSS Score: 4.3

Published: 2016/03/30

JVN: JVN#82020528

CVE: CVE-2016-1168

Description: Aterm WF800HP vulnerable to cross-site request forgery

CVSS Score: 7.1

Published: 2016/03/30

JVN: JVN#07818796

CVE: CVE-2016-1158

Description: Multiple Corega wireless LAN routers vulnerable to cross-site request forgery

CVSS Score: 7.1

Published: 2016/03/02

JVN: JVN#59349382

CVE: CVE-2016-1134

Description: Multiple Buffalo network devices vulnerable to cross-site request forgery

CVSS Score: 4.3

Published: 2016/01/22

JVN: JVN#09268287

CVE: CVE-2016-1135

Description: Multiple Buffalo network devices vulnerable to cross-site scripting

CVSS Score: 6.1

Published: 2016/01/22

JVN: JVN#49225722

CVE: CVE-2016-1142

Description: acmailer vulnerable to OS command injection

CVSS Score: 4.7

Published: 2016/01/15

JVN: JVN#50899877

CVE: CVE-2016-1864

Description: An issue existed in URL redirection when XSS auditor was used in block mode. This issue was addressed through improved URL navigation.

CVSS Score: -

Published: 2016/01/13

JVN: -

CVE: CVE-2015-5661

Description: AirDroid for Android vulnerable in handling of implicit intents

CVSS Score: 2.6

Published: 2015/10/16

JVN: JVN#37825153

CVE: CVE-2015-6059

Description: Scripting Engine Information Disclosure Vulnerability

CVSS Score

Published: 2015/10/15

JVN

CVE: CVE-2015-5652

Description: Python for Windows may insecurely load dynamic libraries

CVSS Score: 6.8

Published: 2015/10/01

JVN: JVN#49503705

CVE: CVE-2015-2992

Description: Apache Struts vulnerable to cross-site scripting

CVSS Score: 4.3

Published: 2015/09/04

JVN: JVN#88408929

CVE: CVE-2014-1972

Description: Apache Tapestry deserializes untrusted data

CVSS Score: 6.8

Published: 2015/08/20

JVN: JVN#17611367

CVE: CVE-2015-4034

Description: Samsung Garaxy S5 MethodSpec Deserialization of Untrusted Data Remote Code Execution Vulnerability

CVSS Score: -

Published: 2015/06/30

JVN

CVE: CVE-2015-2308

Description: Symfony vulnerable to code injection

CVSS Score: 6.8

Published: 2015/06/23

JVN: JVN#19578958

CVE: CVE-2015-1758

Description: LoadLibrary function in Microsoft Windows fails to validate input properly

CVSS Score: 7.6

Published: 2015/06/09

JVN: JVN#18146081

CVE: -

Description: CakePHP RequestHandlerComponent vulnerability

CVSS Score: -

Published: 2015/06/01

JVN

CVE: CVE-2015-0279

Description: JBoss RichFaces vulnerable to remote Java code execution

CVSS Score: 7.5

Published: 2015/04/14

JVN: JVN#56297719

CVE: CVE-2014-3197

Description: Information Leak in XSS Auditor

CVSS Score: -

Published: 2015/03/12

JVN

CVE: CVE-2014-6328

Description: Internet Explorer XSS Filter Bypass Vulnerability

CVSS Score: -

Published: 2015/03/12

JVN

CVE: CVE-2014-6345

Description: Internet Explorer Cross-domain Information Disclosure Vulnerability

CVSS Score: -

Published: 2015/03/12

JVN

CVE: CVE-2014-6346

Description: Internet Explorer Cross-domain Information Disclosure Vulnerability

CVSS Score: -

Published: 2015/03/12

JVN

CVE: CVE-2014-7939

Description: Same-origin-bypass in V8

CVSS Score: -

Published: 2015/03/12

JVN

CVE: CVE-2014-5325

Description: Direct Web Remoting (DWR) vulnerable to XML external entity injection

CVSS Score: 5.8

Published: 2014/11/14

JVN: JVN#91502163

CVE: CVE-2014-5326

Description: Direct Web Remoting (DWR) vulnerable to cross-site scripting

CVSS Score: 4.3

Published: 2014/11/14

JVN: JVN#52422792

CVE: CVE-2014-5320

Description: Bump for Android vulnerable in handling of implicit intents

CVSS Score: 2.6

Published: 2014/09/19

JVN: JVN#08994136

CVE: CVE-2014-3896

Description: Acmailer contains a cross-site request forgery vulnerability

CVSS Score: 5.1

Published: 2014/07/29

JVN: JVN#42511610

CVE: CVE-2014-3578

Description: Spring Framework vulnerable to directory traversal

CVSS Score: 5.0

Published: 2014/06/13

JVN: JVN#49154900

CVE: CVE-2014-0815

Description: Opera browser for Android issue in handling intent scheme URL's

CVSS Score: 4.3

Published: 2014/02/06

JVN: JVN#23256725

CVE: CVE-2013-2251

Description: Apache Struts vulnerable to remote command execution

CVSS Score: 7.5

Published: 2013/09/06

JVN: JVN#33504150

CVE: CVE-2013-4701

Description: PHP OpenID Library vulnerable to XML external entity injection

CVSS Score: 6.4

Published: 2013/08/21

JVN: JVN#24713981

CVE: CVE-2013-2165

Description: JBoss RichFaces vulnerable to remote code execution

CVSS Score: 6.8

Published: 2013/07/19

JVN: JVN#38787103

CVE: CVE-2013-2248

Description: Multiple Open Redirection Vulnerabilities

CVSS Score: -

Published: 2013/07/19

JVN

CVE: CVE-2013-2251

Description: Apache Struts vulnerable to remote command execution

CVSS Score: -

Published: 2013/07/19

JVN: JVN#33504150

CVE: CVE-2013-3646

Description: Cybozu Live for Android vulnerable to arbitrary Java method execution

CVSS Score: 5.8

Published: 2013/06/18

JVN: JVN#63428218

CVE: CVE-2013-3647

Description: Cybozu Live for Android vulnerable in the WebView class

CVSS Score: 2.6

Published: 2013/06/18

JVN: JVN#19740283

CVE: CVE-2013-3642

Description: Angel Browser vulnerable in the WebView class

CVSS Score: 2.6

Published: 2013/06/11

JVN: JVN#79301570

CVE: CVE-2013-3643

Description: Galapagos Browser vulnerable in the WebView class

CVSS Score: 2.6

Published: 2013/06/11

JVN: JVN#99813183

CVE: -

Description: Internet Explorer vulnerable to information disclosure

CVSS Score: 2.6

Published: 2013/06/07

JVN: JVN#63901692

CVE: -

Description: Safari information disclosure vulnerability

CVSS Score: 2.6

Published: 2013/05/31

JVN: JVN#07354844