Jvn - jvndb.jvn.jp - JVNDB RSS Feed - New Entry
General Information:
Latest News:
PHP OpenID Library vulnerable to XML external entity injection 21 Aug 2013 | 10:26 am
The PHP OpenID Library contains an XML external entity injection vulnerability. Takeshi Terada from Mitsui Bussan Secure Directions, Inc. and Kosuke Ebihara reported this vulnerability to IPA. JPCERT...
Yahoo! Japan Shopping for Android contains an issue where it fails to verify SSL server certificates 19 Aug 2013 | 11:50 am
Yahoo! Japan Shopping for Android provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Zachary Mathis of Proactive Defense (Kobe Digital Labo) repor...
Yafuoku! contains an issue where it fails to verify SSL server certificates 19 Aug 2013 | 11:35 am
Yafuoku! provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates. Zachary Mathis of Proactive Defense (Kobe Digital Labo) reported this vulnerability to...
Cybozu Mailwise vulnerable to information disclosure 13 Aug 2013 | 08:22 am
Cybozu Mailwise contains a vulnerability that may display contents of another email in the subject field.
docomo overseas usage application vulnerability in the connection process 7 Aug 2013 | 11:01 am
docomo overseas usage application provided by NTT DOCOMO contains a vulnerability within the process of connecting to Wi-Fi access points, which may lead to user information being sent unintentionally...
JP1/IT Desktop Management - Manager and Hitachi IT Operations Director vulnerable to privilege escalation 29 Jul 2013 | 09:39 am
JP1/IT Desktop Management - Manager and Hitachi IT Operations Director provided by Hitachi contain a privilege escalation vulnerability. Taizo Tsukamoto of GLOBAL SECURITY EXPERTS inc. reported this ...
WordPress vulnerable to cross-site scripting 26 Jul 2013 | 09:33 am
WordPress contains a cross-site scripting vulnerability due to an issue in the SWFUpload library. ma.la reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information ...
Oracle Enterprise Manager vulnerable to cross-site scripting 22 Jul 2013 | 11:00 am
Oracle Enterprise Manager provided by Oracle contains a cross-site scripting vulnerability. Masashi Shiraishi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Inform...
JBoss RichFaces vulnerable to remote code execution 19 Jul 2013 | 08:32 am
JBoss RichFaces contains a remote code execution vulnerability due to an issue with deserialization. JBoss RichFaces is a framework for integrating Ajax into web applications. JBoss RichFaces applica...
Oracle Outside In vulnerable to denial-of-service (DoS) 17 Jul 2013 | 09:56 am
Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a denial-of-service (DoS) vulnerability. Takahiro Haruyama of Internet Initiative Japan Inc. reported this vul...
