How to use
JVN iPedia Japanese Version
Database Search
Keyword search:
How to use Search
With Synonym:
Vendor:
128 Technology
7-Zip
A51 D.O.O.
Acyba
Aftab Muni
aki-null
Amazon.com, Inc.
Andrei Lupu
aokitaka
Apache Software Foundation
apps4u@android
Aptana
Arne Brachhold
Artifex Software
ASUS JAPAN Inc.
AsWiki
aten
Atlassian
ATRC
Automattic Inc.
AVAST Software s.r.o.
b2evolution
BackupGuard
Baidu, Inc.
baserCMS Users Community
Bastian Allgeier GmbH
bayashi.net
BEA Systems, Inc.
BestWebSoft
BIGACE
BirdBlog
bit part LLC.
Blackboard, Inc.
Blosxom
Bluestacks
BlueZ Project
Boat Browser
BookStack project
brandroid.org
Bump Technologies, Inc.
ByteDance
C-BOARD Moyuku Project
CA Technologies
Canary Labs
Canna Project.
Canonical
CGI RESCUE
CGI Script Market
CGI's
CGIWrap
Chad Butler
Chama-Net
ChatWork Co,. LTD.
Chris Doerr
Christian Stefanescu
Chyrp
Claris International Inc. (formerly FileMaker, Inc)
Claws Mail
Claybird
ClipBucket
Cloud Native Computing Foundation (CNCF)
CloudBees
COB's Products
CODECABIN_
codedesign
codemiq
Cogent Real-Time Systems Inc.
coliss
COM Meets Ruby
Come on Girls Interface
ConeXware, Inc.
Contest-Gallery
CSWorks
CubeCart Limited
Custom4Web
CutePHP
Cyber-Ark Software
D-Link Systems, Inc.
DAEMON Tools
daifukuya.com
Daikin Holdings Singapore Pte Ltd.
Darksky
Dayz Inc.
DBD::PgPP
DeleGate.org
Delicious Brains
delicious days
Delite Studio
DENX Software Engineering
dFactory
Direct Web Remoting
Django Software Foundation
Dokeos
Dotclear
dotProject
Droidware UK
Drupal
e107.org
Eaden McKee
eBASE
Edcom Inc.
Edgewall Software
EikiSoft
EKAKIN
Electric Sheep Fencing
Electron
Emre Vona
Eric Teubert
ES APP Group
ESET
ESTsoft Corp.
Etomite Project
ETUNA
Evernote Corporation
ExpressTech
eXtplorer
eyeOS Project
F21
Fedora Project
Feed2JS
Fetchmail Project
FFC
FFFTP Project
Final Beta Laboratory
Fla-shop.com
FlaFla...
flashy
FLEUGELz
Flipper Code
FolioVision
FON
FON Wireless Limited
ForgeRock
Free Document Management Software
FreeBSD Project.
FreeNAS Project
FreeStyleWiki Project
FuelPHP
futomi Co.,Ltd.
FXC Inc.
Gapless Player
Geeklog
Gemini Labs
GENEREX
Genivia
Gentoo Foundation, Inc.
GitLab.org
Glarysoft Ltd.
GMO insight Inc.
GMO Payment Gateway, Inc.
GNB
GNU Project
gollum
GoodiWare
Google
GoPivotal
GoPlace!
GRANDIT CORPORATION
Greenplum
Gretech
GTK+ Team
H.Shirouzu
Heartlogic
Hector Cabrera
Hendrik Erz
HiBARA Software
Hibernate
Hiki Development Team
HJ Holdings, Inc.
HTML::Scrubber project
HtmlUnit
Huawei
HumHub
Huseyin Berberoglu
IBM Corporation
Icegram
iChain, Inc.
IDEC
imgboard.com CGI Download Center
Ionic
IPFire
Irfan Skiljan
ISUCON organizers
IVM Development Group
J. Peters
JanRain
Jayj.dk
Jetstar Airways Pty Ltd.
jig.jp co., ltd.
Joomla!
Jordy Meow
Joseph Ernest
Jubatus
Jun.I
jwt-scala project
K's CGI
K2 Software
k5n.us
Kaitai team
KAME Project
Kazuhiro Inaba
KDDI
KDDI and GREE
KENT-WEB
Kingsoft Office Software, Inc.
kkcal
KLab Inc.
kMonos.NET
knadh
LEMON-S PHP
LG Electronics
LHa for UNIX project
Lhaca
Lincoln D. Stein
LINE MUSIC CORPORATION
LINE Corporation
LinPHA
LiteCart.net
Logitech
loudblog.de
LovPop.net
LSI Corporation
LunarNight Laboratory
Lunascape
LXR Project
LYSESOFT
MailPoet
Mandriva, Inc.
Mario Valney
Mark Text
Markdown on Save Improved
MaruUo Factory
Mash room - Free CGI-
Max Foundry, LLC.
MAX s.o.s.
Mayaa
Meneame
Metabase, Inc.
Micco
Mike Castro Demaria
mindrot.org
Minimal Work SRL
MoboTap
MODX
Mojang Studios
mozilla.org contributors
mpop
MQTT.js
MT312
MT4i
Mutt
My First HDML
myLittleTools
N-Media
Nagios Enterprises, LLC
Namazu Project.
Namshi
NARITA Tomio
Naviwebs S.C.
nCrafts
NEC BIGLOBE, Ltd.
NEC Platforms, Ltd.
nendeb
NetCommons Project
NetWebLogic
NewsGator Technologies, Inc.
Nexa Technologies
NextApp, Inc.
NHN Japan
Nike, Inc.
Nofollow Links
NoMachine
Norman
NortonLifeLock Inc.
Ruby Programming Shounendan
NTT TechnoCross Corporation
Nucleus
OHIRA, Shinya
Olive Toast Software Ltd.
onWebChat
open-gorotto project.
Openads
OpenAM Consortium
OpenBSD
OpenEMR
Opengear
OpenJFX Project
OpenPNE
OpenSSL Project
openSUSE project
Opera Software ASA
Orchard Core
osCommerce
OSQA
OSSEC
OTRS
Outlook.com
Overlay Weaver
Overwolf Ltd.
Owen
Owl
PEAK XOOPS
Pebble
Perl CGI's By Mrs.Shiromuku
pgAdmin Project
PgPool Global Development Group
Phorum
php365
phpComasy
phpMyFAQ
phpRechnung
phpspot
phpWebSite
PHP Kobo
Piwigo
Pixelpost.org
Pligg
Plone Foundation
Plume CMS
Plus one
Namazu Project.
PukiWiki Developers Team.
pon software
Popup Maker
PrettyBook
Project Amateras
PukiWiki Developers Team.
PukiWiki Plus!
Pydio
Python Software Foundation
QNAP Systems
Qwikiwiki
R-Company
BlognPlus
RADVISION
rakuto.net
RARLAB
Real Estate Connected
realmag777
Redmine
RedNao
Research Artisan Project
Retty, INC.
Rocomotion
Roundcube.net
RSSOwl
Ruby Version Manager (RVM)
ruby-git
Ruby
rwiki-devel
Saasproject
Sage
Salon booking system
Samba Project
AirDroid
Saurused Ltd.
Schezo
Script*
Security Roots Ltd
SeeLook
Segue Project
SemanticScuttle
Semper Fi Web Design
Sensio Labs
Seo Panel
SerendipityNZ Limited
SetucoCMS project
SHIRASAGI Project
Silex Labs
SilkyPress
Simtech Ltd.
SKIPUserGroup
SKK Openlab
SkyArts.com
Smarty
Snoopy
Social Rocket
Soflyy
Soft3304
SOHO WORKSHOP CAFEMILK
Speed Software
SpiQe Software
SPIRIT
Splunk
Squid-cache.org
Squirrel
SquirrelMail Project
Stefano Lissa & The Newsletter Team
Stranger Studios
strapi
StudioHitori
SugarCRM
SUKIMALAB.COM
support-project.org
SUSE
Y.Swetake (swetake.com)
Sylpheed
tablepress.org
Takuya Matsuyama
Tatsuo Baba
tDiary development project
TEAM DERAEMONS
Tenable, Inc.
tenfourzero
TeraTerm Project
Tetsuya Aoyama
The ADOdb Community
The Cacti Group
The Dojo Foundation
The PHP Group
The phpMyAdmin Project
The Qt Company
ThimPress
thoughtbot, inc.
Tiki Software Community Association
Tips and Tricks HQ
TIS Inc.
TMS-Plugins
Tor World
TP-LINK Technologies
Twinkle Toes Software
TYPE-MOON / Notes Co.,Ltd.
Type74.org
typora
UDON
Ultimate Member Group Ltd
ULTRAPOP.JP
Under Construction, Baby
unDonut
Unicode version of msearch
UPDIR.NET
Usagi Project
USVN Team
utage.org
VeronaLabs
VideoWhisper.com
Vim
Vivaldi Technologies
Vladimir Anokhin
VMware
voidtools
Vtiger
W3 Eden, Inc.
w3m project
Walrus,Digit.
WaspThemes
WassUp
WBCE Team
Web-Dorado
web2py
Webbukkit
Webdados
Webmin Project
Webnus
WebsiteBaker Org
WEB INVENTOR
Wekan project
Wibu-Systems AG
Wiki Modoki
Wikka Development Team
WinSparkle
Wireshark
Wolt
WonderCatStudio
WonderCMS
WonderLink
Woody Rinn
WoodyBells
WordPress.org
WP Booking System
WP Ninjas, LLC.
WP Spell Check
wpdevelop
X.Org Foundation
XFree86 Project
XML-Sitemaps
XnSoft
XOOPS
XOOPS Maniac
Yasutaka ATARASHI
yet another PHP photo album next generation
Yokka
YOP
Yuichiro Okuyama
Yuki Hattori
Zack Scholl
Zen Cart
Zend Technologies Ltd.
Zenphoto
ZenPhoto20
Zimbra, Inc.
ZmartZone IAM
Zoho Corporation
(Multiple Venders)
HP no Mawashimono
K_OKADA
Sky Co., LTD.
kiteya.net
Queue
Kiri
kujirahand
Zero-Channel BBS Plus Developers
Tattyan's HP
chitora
tmtm.org
Nishishi Factory
Happy Linux
PlatHome
MaroyakaCGI
iTD Inc.
AISAN TECHNOLOGY Co., Ltd
ideaman's Inc.
iplogic
AIPHONE CO., LTD.
AquaGardenSoft Co.,Ltd.
Accela Technology
Asial Corporation
Apple Inc.
ATOM tech Inc.
AdSystems Co.,Ltd.
Adobe Systems, Inc.
Allied Telesis
Ariel Networks, Inc.
Aruba Networks, Inc
Alfasado Inc.
Antenna House, Inc.
eAccess Ltd.
Internet Initiative Japan Inc.
InterAct Corp
Intel Corporation
Infoscience
Infoteria Corporation
Wind River Systems
Aimluck,Inc
econosys system
NTT Resonant Inc.
NTT Communications Corporation
NTT Broadband Platform, Inc.
F-Secure Inc.
MOTEX Inc.
ELECOM CO.,LTD.
Autodesk, Inc.
Open CAD Format Council
Open Source Solution Technology Corporation
Nagasaki Prefectural Government
OPT, Inc
OMRON SOCIAL SOLUTIONS Co.,Ltd.
OMRON Corporation
OMRON Corporation
Oracle Corporation
OliveDesign
Orangesoft Inc.
guide-park.com
Gundam Cult QQQ
GungHo Online Entertainment, Inc.
kynoslogic
Charamin steering committee
Canon
Canon IT Solutions Inc.
KINGSOFT, INC.
QUICK-SOLUTION.COM
QualitySoft Corporation
kujirahand
COOKPAD Inc.
GREE, Inc.
Glue Software Corporation
Corel Corporation
Kobe Beauty.
KOKUYO S&T Co.,Ltd.
Cognos ULC
Konica Minolta Business Solutions Japan Co., Ltd.
COMICSMART INC.
Collne Inc.
Concrete5
SiteBridge Inc.
sidefeed, Inc
Cyber Clean Center
CyberSolutions
Cybertrust Japan Co., Ltd.
Sybase, Inc.
Cybozu, Inc.
silex technology
SapporoWorks
Sun Microsystems, Inc.
Cisco Systems, Inc.
System Consultants Co.,Ltd.
Sysphonic Co., Ltd.
Six Apart, Ltd.
Shift Tech Inc.
Symantec Corporation
Sharp NEC Display Solutions, Ltd.
Sharp Corporation
Schneider Electric
thinkingreed
SYNCK GRAPHICA
Things
J's Communication Co., Ltd.
JustSystems Corporation
Juniper Networks, Inc.
Studyplus
SPACETAG INC.
SEIKO EPSON CORPORATION
Century Systems Co., Ltd.
SOURCENEXT CORPORATION
Sony Business Solution
Sony Video & Sound Products Inc.
Sony Corporation
Sophos Ltd.
SoftAgency Co., Ltd.
SoftBank Technology Corp.
SoftBank
Turbolinux, Inc.
D-Link Japan K.K.
D-CIRCLE inc.
Digital Arts Inc.
Dell
TOYOTA MOTOR CORPORATION
TripodWorks CO.,LTD
TransWARE Co.
Trend Micro, Inc.
New Media Development Association
NETGEAR
Netscape
NetMove Corporation
High Norm
HyperNikkiSystem Project
Hal Networks
BUFFALO INC.
PERSOL CAREER CO., LTD.
Panasonic Communications Co., Ltd
Panasonic Corporation
Hewlett-Packard Development Company,L.P
Hewlett Packard Enterprise Co.
B21Soft
PC-EGG Co.,Ltd.
FANUC CORPORATION
Falcon System Consulting
Fenrir Inc.
FreeBit Co., Ltd.
Friendly Lab
Brother Industries
Blue Coat Systems, Inc.
PLANEX COMMUNICATIONS INC.
Verizon Media
Veritas Technologies LLC.
Homepage Decorator
BOKUBLOCK INC.
Microsoft Corporation
McAfee
Metro,Inc.
Yahoo Japan Corporation
Yamaha Corporation
UNIMO Technology Co., Ltd
YMIRLINK Inc.
Life Sciences Computing Corporation
Livedoor
Raritan
Ricoh Co., Ltd
Ricksoft Inc.
RIMARTS
REMISE Corporation
Let's PHP!
Red Hat, Inc.
Logitec Corp.
Japan Construction Information Center
Uchu Ninja Neko-dan
Kazuho Oku
Yokogawa Rental & Lease Corporation
Yokogawa Test & Measurement Corporation
Yokogawa Electric Corporation
Twilight Frontier
Gaku
Rakuten Card Co., Ltd.
Rakuten Mobile, Inc.
Rakuten, Inc.
Rakuten Securities, Inc.
asken Inc.
CMONOS Co. Ltd.
HOUSE GATE inc.
JAL Information Technology Co,. Ltd
JIRANSOFT JAPAN, INC.
T-MEDIA HOLDINGS Co., Ltd.
XACK Co., Ltd.
A-Stage Inc.
DMM.com Labo Co.,Ltd.
DMM.com Securities Co.,Ltd.
NI Consulting
NTT DATA Smart Sourcing Corporation
NTT DOCOMO, INC.
OSK Co., LTD
SBI SECURITIES Co.,Ltd.
SODA
WESEEK, Inc.
IBC Iwate Broadcasting
AKINDO SUSHIRO CO., LTD.
Gurunavi, Inc.
Tsukurito, Inc.
Hatena Co., Ltd.
Mahoroba Kobo, Inc.
Mizuho Bank, Ltd.
Yuko Yuko Corporation
ARK-Web co., ltd
I-O DATA DEVICE, INC.
ICON CORPORATION
ICZ Corporation
IVY WE CO.,LTD.
ActiveFusions Co., Ltd.
Adways Inc.
ALMAS
EC-CUBE CO.,LTD.
IID, Inc.
Igreks Inc.
Intercom, Inc.
InBody Japan
Weathernews Inc.
WEBSQUARE Co.,Ltd.
WEBLOGIC CORPORATION.
A.T.WORKS, Inc.
EXTRUN Ltd.
S-Link, Inc.
NTT DATA
NTT DATA INTRAMART CORPORATION
NTT PC Communications Incorporated
M-System Co., Ltd.
Emurasoft, Inc.
OPTiM Corporation
Kajitori Corporation
KAWAI BUSINESS SOFTWARE
KING JIM CO.,LTD.
Cuore
CREATE SD CO., LTD.
Glamo Inc.
glucose inc.
K-Opticom Corporation
Coderium
COREMOBILE Inc.
Corega Inc
Contec
Cyber-Will Inc.
CyberAgent, Inc.
Cyber Security Cloud , Inc.
Seeds Co.,Ltd.
Seed Inc.
shiro8.net
GU.CO.,LTD.
Jane, Inc.
JTEKT ELECTRONICS CORPORATION
Jimoty, Inc.
SKYARC System
SQUARE ENIX CO., LTD.
SecureBrain Corporation
Seven & i Food Systems Co.,Ltd.
CELSYS,Inc.
Sony Interactive Entertainment inc.
SOFTCREATE CORP.
Soliton Systems K.K.
T-JOY CO.,LTD
T&D Corporation
Techno Project Japan Co.
DeNA Co.,Ltd.
DOS Co., Ltd.
Webservice-DIC
DHC Corporation
DWANGO Co., Ltd.
Nitori Holdings Co., LTD.
Newphoria Corporation
NEOJAPAN,Inc.
Network Applied Communication Laboratory Ltd.
Hammock Corporation
NAMCO BANDAI Games Inc.
HINIARATA Co.,Ltd.
PM9, Inc.
PIXELA CORPORATION
First Net Japan Inc
Photosynth Inc.
BOOK WALKER Co.,Ltd.
Princeton Ltd.
PRESENTCAST INC.
MICRONET CORP.
MIND CO.,LTD.
Money Forward, Inc.
mixi, Inc.
Mercari Co., Ltd.
Yappli, Inc.
Uniqlo
YODOBASHI CAMERA CO.,LTD.
RAKUS Co, Ltd.
RECRUIT CO.,LTD.
Label Gate Co., Ltd.
LocationValue Inc.
ICHIRAN INC.
Hisanaga Electric Co.Ltd
Bank of Tokyo-Mitsubishi UFJ
TEIKOKU DATABANK, LTD.
The Tokyo Star Bank, Limited
UCHIDA YOKO CO., LTD.
Hitachi Solutions, Ltd.
THE HYAKUGO BANK, LTD.
FUJITSU BROAD SOLUTION & CONSULTING INC.
Ministry of the Environment
Kanrikogaku Kenkyusho, Ltd.
Ichiro Maruta
Kinaga project
KYOCERA Document Solutions
KYOCERA Corporation
Kagaminokuni
Isamu Kaneko
KeitaiSite net
Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)
Hiroshi Yuki
THE FURUKAWA ELECTRIC CO., LTD.
Japan Air Self-Defense Force (JASDF)
Naoki Takahashi
National Tax Agency JAPAN
Ministry of Land, Infrastructure, Transport and Tourism
Geospatial Information Authority of Japan
Tomoki Sanaki
Hiroaki Sakai
Mitsui Sumitomo Insurance Co., Ltd.
Mitsubishi Electric
Takumi Yamada
Susumu Terao
Akky
Hiroyuki Oyama
HTML Dwarf
Takenori Matsuura
ZUKEN ELMIC,INC
NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION
ALL NIPPON AIRWAYS CO., LTD
Arihiro Kurata
Ministry of Internal Affairs and Communications
RaidenHTTPD.com
TAGAWA Takao
Yosuke Okouchi
Ogaki Kyoritsu bank Ltd.
Japan Agency for Local Authority Information Systems
Ayaka Ikezawa
Yoshihito Takemura
Masahiko Watanabe
TOSHIBA
TOSHIBA TEC
Toshiba Electronic Devices & Storage Corporation
TOSHIBA LIGHTING & TECHNOLOGY CORPORATION
NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION
East Japan Railway Company
Ichi Fujimoto
The Seasar Foundation
INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA)
Nara Institute of Science and Technology
NISSAN SECURITIES CO., LTD.
NIPPON ANNTENA Co.,Ltd.
KENTUCKY FRIED CHICKEN JAPAN LTD.
NIPPON CONTROL SYSTEM Corporation.
Nippon Television Network Corporation
Japan Total System Co.,Ltd.
Microsoft Japan Co., Ltd.
Nihon Unisys, Ltd.
WAM!NET Japan K.K.
ORCA Management Organization Co., Ltd
Japan Atomic Energy Agency
Nippon Institute of Agroinformatics
NEC Corporation
Japan Pension Service
Hitachi, Ltd
Hitachi Software Engineering Co.,Ltd
Hitachi Cable
Nintendo Co., Ltd
Ministry of Agriculture, Forestry and Fisheries
Feitian Japan Co., Ltd.
FUJISOFT INCORPORATED
FUJIFILM Business Innovation Corp. (former Fuji Xerox Co., Ltd.)
FUJITSU
FUJITSU KYUSHU SYSTEMS
Fuji Electric Co., Ltd.
Fuktommy.com
Ministry of Education, Culture, Sports, Science and Technology (MEXT)
Mikio Hirabayashi
The Ministry of Justice
Acquisition, Technology & Logistics Agency (ATLA)
Honda Motor Co.,Ltd.
Daisuke Minato
YUME NO MACHI SOUZOU IINKAI CO.,LTD
Free CGI Moo
MEIKYO ELECTRIC CO.,LTD.
Toshinobu Kimura
Hisayuki Nomura
Yayoi Co., Ltd
NorenzPRO
AKABEi SOFT2
CGENE
appleple inc.
ANGLERSNET Co,.Ltd.
IkaIka Software Co., Ltd.
Epoch Ltd.
MT Systems Co., Ltd.
CREAR Corporation
Saitoh Kikaku
C3
Be Graph Co.,Ltd.
Bluemoon inc.
Neuroinformatics Japan Center, RIKEN Center for Brain Science
Product:
- Choose a Vendor -
Date Public:
01
02
03
04
05
06
07
08
09
10
11
12
/
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
-
01
02
03
04
05
06
07
08
09
10
11
12
/
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
Date Last Updated:
01
02
03
04
05
06
07
08
09
10
11
12
/
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
-
01
02
03
04
05
06
07
08
09
10
11
12
/
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
CVSS Severity
(CVSSv3):
Critical:(9.0-10.0)
High:(7.0-8.9)
Medium:(4.0-6.9)
Low:(0.1-3.9)
None:(0)
CVSS Severity
(CVSSv2):
High:(7.0-10.0)
Medium:(4.0-6.9)
Low:(0.0-3.9)
CWE:
CWE-1 : Location
CWE-15 : External Control of System or Configuration Setting
CWE-16 : Configuration
CWE-17 : Code
CWE-18 : Source Code
CWE-19 : Data Handling
CWE-20 : Improper Input Validation
CWE-21 : Pathname Traversal and Equivalence Errors
CWE-22 : Path Traversal
CWE-23 : Relative Path Traversal
CWE-29 : Path Traversal : '/../filename'
CWE-35 : Path Traversal : '.../...//'
CWE-36 : Absolute Path Traversal
CWE-59 : Link Following
CWE-61 : UNIX Symbolic Link (Symlink) Following
CWE-64 : Windows Shortcut Following (.LNK)
CWE-73 : External Control of File Name or Path
CWE-74 : Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-75 : Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
CWE-77 : Command Injection
CWE-78 : OS Command Injection
CWE-79 : Cross-site Scripting
CWE-80 : Basic XSS
CWE-87 : Improper Neutralization of Alternate XSS Syntax
CWE-88 : Argument Injection or Modification
CWE-89 : SQL Injection
CWE-90 : Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
CWE-91 : XML Injection (aka Blind XPath Injection)
CWE-93 : Improper Neutralization of CRLF Sequences ('CRLF Injection')
CWE-94 : Code Injection
CWE-96 : Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-98 : PHP Remote File Inclusion
CWE-99 : Improper Control of Resource Identifiers ('Resource Injection')
CWE-112 : Missing XML Validation
CWE-113 : HTTP Response Splitting
CWE-115 : Misinterpretation of Input
CWE-116 : Improper Encoding or Escaping of Output
CWE-117 : Improper Output Neutralization for Logs
CWE-118 : Improper Access of Indexable Resource ('Range Error')
CWE-119 : Buffer Errors
CWE-120 : Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-121 : Stack-based Buffer Overflow
CWE-122 : Heap-based Buffer Overflow
CWE-123 : Write-what-where Condition
CWE-124 : Buffer Underwrite ('Buffer Underflow')
CWE-125 : Out-of-bounds Read
CWE-126 : Buffer Over-read
CWE-129 : Improper Validation of Array Index
CWE-130 : Improper Handling of Length Parameter Inconsistency
CWE-131 : Incorrect Calculation of Buffer Size
CWE-134 : Uncontrolled Format String
CWE-150 : Improper Neutralization of Escape, Meta, or Control Sequences
CWE-158 : Improper Neutralization of Null Byte or NUL Character
CWE-170 : Improper Null Termination
CWE-171 : Cleansing, Canonicalization, and Comparison Errors
CWE-172 : Encoding Error
CWE-178 : Improper Handling of Case Sensitivity
CWE-184 : Incomplete Blacklist
CWE-185 : Incorrect Regular Expression
CWE-189 : Numeric Errors
CWE-190 : Integer Overflow or Wraparound
CWE-191 : Integer Underflow (Wrap or Wraparound)
CWE-193 : Off-by-one Error
CWE-194 : Unexpected Sign Extension
CWE-197 : Numeric Truncation Error
CWE-199 : Information Management Errors
CWE-200 : Information Exposure
CWE-201 : Insertion of Sensitive Information Into Sent Data
CWE-202 : Exposure of Sensitive Information Through Data Queries
CWE-203 : Observable Discrepancy
CWE-204 : Response Discrepancy Information Exposure
CWE-208 : Information Exposure Through Timing Discrepancy
CWE-209 : Information Exposure Through an Error Message
CWE-212 : Improper Removal of Sensitive Information Before Storage or Transfer
CWE-214 : Invocation of Process Using Visible Sensitive Information
CWE-216 : Containment Errors (Container Errors)
CWE-228 : Improper Handling of Syntactically Invalid Structure
CWE-229 : Improper Handling of Values
CWE-240 : Improper Handling of Inconsistent Structural Elements
CWE-242 : Use of Inherently Dangerous Function
CWE-248 : Uncaught Exception
CWE-250 : Execution with Unnecessary Privileges
CWE-252 : Unchecked Return Value
CWE-254 : Security Features
CWE-255 : Credentials Management
CWE-256 : Unprotected Storage of Credentials
CWE-257 : Storing Passwords in a Recoverable Format
CWE-259 : Use of Hard-coded Password
CWE-260 : Password in Configuration File
CWE-261 : Weak Encoding for Password
CWE-264 : Permissions
CWE-266 : Incorrect Privilege Assignment
CWE-269 : Improper Privilege Management
CWE-270 : Privilege Context Switching Error
CWE-271 : Privilege Dropping / Lowering Errors
CWE-273 : Improper Check for Dropped Privileges
CWE-275 : Permission Issues
CWE-276 : Incorrect Default Permissions
CWE-279 : Incorrect Execution-Assigned Permissions
CWE-281 : Improper Preservation of Permissions
CWE-283 : Unverified Ownership
CWE-284 : Improper Access Control
CWE-285 : Improper Authorization
CWE-287 : Improper Authentication
CWE-288 : Authentication Bypass Using an Alternate Path or Channel
CWE-290 : Authentication Bypass by Spoofing
CWE-294 : Authentication Bypass by Capture-replay
CWE-295 : Improper Certificate Validation
CWE-297 : Improper Validation of Certificate with Host Mismatch
CWE-299 : Improper Check for Certificate Revocation
CWE-300 : Channel Accessible by Non-Endpoint
CWE-302 : Authentication Bypass by Assumed-Immutable Data
CWE-303 : Incorrect Implementation of Authentication Algorithm
CWE-304 : Missing Critical Step in Authentication
CWE-305 : Authentication Bypass by Primary Weakness
CWE-306 : Missing Authentication for Critical Function
CWE-307 : Improper Restriction of Excessive Authentication Attempts
CWE-310 : Cryptographic Issues
CWE-311 : Missing Encryption of Sensitive Data
CWE-312 : Cleartext Storage of Sensitive Information
CWE-315 : Cleartext Storage of Sensitive Information in a Cookie
CWE-316 : Cleartext Storage of Sensitive Information in Memory
CWE-319 : Cleartext Transmission of Sensitive Information
CWE-320 : Key Management Errors
CWE-321 : Use of Hard-coded Cryptographic Key
CWE-322 : Key Exchange without Entity Authentication
CWE-325 : Missing Required Cryptographic Step
CWE-326 : Inadequate Encryption Strength
CWE-327 : Use of a Broken or Risky Cryptographic Algorithm
CWE-328 : Use of Weak Hash
CWE-329 : Not Using a Random IV with CBC Mode
CWE-330 : Use of Insufficiently Random Values
CWE-331 : Insufficient Entropy
CWE-332 : Insufficient Entropy in PRNG
CWE-334 : Small Space of Random Values
CWE-335 : Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
CWE-338 : Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CWE-345 : Insufficient Verification of Data Authenticity
CWE-346 : Origin Validation Error
CWE-347 : Improper Verification of Cryptographic Signature
CWE-349 : Acceptance of Extraneous Untrusted Data With Trusted Data
CWE-350 : CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action
CWE-352 : Cross-Site Request Forgery
CWE-353 : Missing Support for Integrity Check
CWE-354 : Improper Validation of Integrity Check Value
CWE-357 : Insufficient UI Warning of Dangerous Operations
CWE-358 : Improperly Implemented Security Check for Standard
CWE-359 : Exposure of Private Personal Information to an Unauthorized Actor
CWE-361 : Time and State
CWE-362 : Race Condition
CWE-364 : Signal Handler Race Condition
CWE-367 : Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-369 : Divide By Zero
CWE-371 : State Issues
CWE-377 : Insecure Temporary File
CWE-378 : Creation of Temporary File With Insecure Permissions
CWE-379 : Creation of Temporary File in Directory with Incorrect Permissions
CWE-384 : Session Fixation
CWE-385 : Covert Timing Channel
CWE-388 : Error Handling
CWE-398 : Code Quality
CWE-399 : Resource Management Errors
CWE-400 : Uncontrolled Resource Consumption ('Resource Exhaustion')
CWE-401 : Missing Release of Memory after Effective Lifetime
CWE-404 : Improper Resource Shutdown or Release
CWE-405 : Asymmetric Resource Consumption (Amplification)
CWE-406 : Insufficient Control of Network Message Volume (Network Amplification)
CWE-407 : Algorithmic Complexity
CWE-410 : Insufficient Resource Pool
CWE-412 : Unrestricted Externally Accessible Lock
CWE-413 : Improper Resource Locking
CWE-415 : Double Free
CWE-416 : Use After Free
CWE-417 : Channel and Path Errors
CWE-425 : Direct Request ('Forced Browsing')
CWE-426 : Untrusted Search Path
CWE-427 : Uncontrolled Search Path Element
CWE-428 : Unquoted Search Path or Element
CWE-434 : Unrestricted Upload of File with Dangerous Type
CWE-435 : Improper Interaction Between Multiple Correctly-Behaving Entities
CWE-436 : Interpretation Conflict
CWE-441 : Unintended Proxy or Intermediary ('Confused Deputy')
CWE-444 : Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
CWE-451 : User Interface (UI) Misrepresentation of Critical Information
CWE-453 : Insecure Default Variable Initialization
CWE-455 : Non-exit on Failed Initialization
CWE-457 : Use of Uninitialized Variable
CWE-459 : Incomplete Cleanup
CWE-470 : Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
CWE-471 : Modification of Assumed-Immutable Data (MAID)
CWE-472 : External Control of Assumed-Immutable Web Parameter
CWE-476 : NULL Pointer Dereference
CWE-485 : Insufficient Encapsulation
CWE-489 : Active Debug Code
CWE-494 : Download of Code Without Integrity Check
CWE-497 : Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE-502 : Deserialization of Untrusted Data
CWE-506 : Embedded Malicious Code
CWE-507 : Trojan Horse
CWE-521 : Weak Password Requirements
CWE-522 : Insufficiently Protected Credentials
CWE-523 : Unprotected Transport of Credentials
CWE-525 : Use of Web Browser Cache Containing Sensitive Information
CWE-527 : Exposure of Version-Control Repository to an Unauthorized Control Sphere
CWE-532 : Information Exposure Through Log Files
CWE-534 : Information Exposure Through Debug Log Files
CWE-538 : File and Directory Information Exposure
CWE-539 : Use of Persistent Cookies Containing Sensitive Information
CWE-540 : Inclusion of Sensitive Information in Source Code
CWE-548 : Exposure of Information Through Directory Listing
CWE-552 : Files or Directories Accessible to External Parties
CWE-565 : Reliance on Cookies without Validation and Integrity Checking
CWE-567 : Unsynchronized Access to Shared Data in a Multithreaded Context
CWE-573 : Improper Following of Specification by Caller
CWE-590 : Free of Memory not on the Heap
CWE-598 : Information Exposure Through Query Strings in GET Request
CWE-601 : URL Redirection to Untrusted Site ('Open Redirect')
CWE-602 : Client-Side Enforcement of Server-Side Security
CWE-603 : Use of Client-Side Authentication
CWE-605 : Multiple Binds to the Same Port
CWE-610 : Externally Controlled Reference to a Resource in Another Sphere
CWE-611 : Improper Restriction of XML External Entity Reference
CWE-613 : Insufficient Session Expiration
CWE-617 : Reachable Assertion
CWE-620 : Unverified Password Change
CWE-639 : Authorization Bypass Through User-Controlled Key
CWE-640 : Weak Password Recovery Mechanism for Forgotten Password
CWE-641 : Improper Restriction of Names for Files and Other Resources
CWE-642 : External Control of Critical State Data
CWE-643 : Improper Neutralization of Data within XPath Expressions ('XPath Injection')
CWE-644 : Improper Neutralization of HTTP Headers for Scripting Syntax
CWE-645 : CWE-645: Overly Restrictive Account Lockout Mechanism
CWE-648 : Incorrect Use of Privileged APIs
CWE-649 : Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
CWE-657 : Violation of Secure Design Principles
CWE-662 : Improper Synchronization
CWE-664 : Improper Control of a Resource Through its Lifetime
CWE-665 : Improper Initialization
CWE-667 : Improper Locking
CWE-668 : Exposure of Resource to Wrong Sphere
CWE-669 : Incorrect Resource Transfer Between Spheres
CWE-670 : Always-Incorrect Control Flow Implementation
CWE-672 : Operation on a Resource after Expiration or Release
CWE-674 : Uncontrolled Recursion
CWE-676 : Use of Potentially Dangerous Function
CWE-681 : Incorrect Conversion between Numeric Types
CWE-682 : Incorrect Calculation
CWE-688 : Function Call With Incorrect Variable or Reference as Argument
CWE-693 : Protection Mechanism Failure
CWE-694 : Use of Multiple Resources with Duplicate Identifier
CWE-697 : Incorrect Comparison
CWE-703 : Improper Check or Handling of Exceptional Conditions
CWE-704 : Incorrect Type Conversion or Cast
CWE-706 : Use of Incorrectly-Resolved Name or Reference
CWE-707 : Improper Neutralization
CWE-708 : Incorrect Ownership Assignment
CWE-710 : Improper Adherence to Coding Standards
CWE-732 : Incorrect Permission Assignment for Critical Resource
CWE-749 : Exposed Dangerous Method or Function
CWE-754 : Improper Check for Unusual or Exceptional Conditions
CWE-755 : Improper Handling of Exceptional Conditions
CWE-757 : Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CWE-759 : Use of a One-Way Hash without a Salt
CWE-760 : Use of a One-Way Hash with a Predictable Salt
CWE-763 : Release of Invalid Pointer or Reference
CWE-767 : Access to Critical Private Variable via Public Method
CWE-769 : File Descriptor Exhaustion
CWE-770 : Allocation of Resources Without Limits or Throttling
CWE-772 : Missing Release of Resource after Effective Lifetime
CWE-774 : Allocation of File Descriptors or Handles Without Limits or Throttling
CWE-775 : Missing Release of File Descriptor or Handle after Effective Lifetime
CWE-776 : Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-784 : Reliance on Cookies without Validation and Integrity Checking in a Security Decision
CWE-787 : Out-of-bounds Write
CWE-788 : Access of Memory Location After End of Buffer
CWE-789 : Memory Allocation with Excessive Size Value
CWE-798 : Use of Hard-coded Credentials
CWE-799 : Improper Control of Interaction Frequency
CWE-805 : Buffer Access with Incorrect Length Value
CWE-807 : Reliance on Untrusted Inputs in a Security Decision
CWE-820 : Missing Synchronization
CWE-821 : Incorrect Synchronization
CWE-822 : Untrusted Pointer Dereference
CWE-823 : Use of Out-of-range Pointer Offset
CWE-824 : Access of Uninitialized Pointer
CWE-829 : Inclusion of Functionality from Untrusted Control Sphere
CWE-833 : Deadlock
CWE-834 : Excessive Iteration
CWE-835 : Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-836 : Use of Password Hash Instead of Password for Authentication
CWE-838 : Inappropriate Encoding for Output Context
CWE-843 : Access of Resource Using Incompatible Type ('Type Confusion')
CWE-862 : Missing Authorization
CWE-863 : Incorrect Authorization
CWE-908 : Use of Uninitialized Resource
CWE-909 : Missing Initialization of Resource
CWE-912 : Hidden Functionality
CWE-913 : Improper Control of Dynamically-Managed Code Resources
CWE-915 : Improperly Controlled Modification of Dynamically-Determined Object Attributes
CWE-916 : Use of Password Hash With Insufficient Computational Effort
CWE-917 : Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CWE-918 : Server-Side Request Forgery (SSRF)
CWE-920 : Improper Restriction of Power Consumption
CWE-921 : Storage of Sensitive Data in a Mechanism without Access Control
CWE-922 : Insecure Storage of Sensitive Information
CWE-924 : Improper Enforcement of Message Integrity During Transmission in a Communication Channel
CWE-940 : Improper Verification of Source of a Communication Channel
CWE-941 : Incorrectly Specified Destination in a Communication Channel
CWE-942 : Overly Permissive Cross-domain Whitelist
CWE-943 : Improper Neutralization of Special Elements in Data Query Logic
CWE-1004 : Sensitive Cookie Without 'HttpOnly' Flag
CWE-1021 : Improper Restriction of Rendered UI Layers or Frames
CWE-1022 : Use of Web Link to Untrusted Target with window.opener Access
CWE-1076 : Insufficient Adherence to Expected Conventions
CWE-1104 : Use of Unmaintained Third Party Components
CWE-1187 : Use of Uninitialized Resource
CWE-1188 : Insecure Default Initialization of Resource
CWE-1220 : Insufficient Granularity of Access Control
CWE-1236 : Improper Neutralization of Formula Elements in a CSV File
CWE-1278 : Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
CWE-1284 : Improper Validation of Specified Quantity in Input
CWE-1286 : Improper Validation of Syntactic Correctness of Input
CWE-1287 : Improper Validation of Specified Type of Input
CWE-1299 : Missing Protection Mechanism for Alternate Hardware Interface
CWE-1321 : Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-1333 : Inefficient Regular Expression Complexity
CWE-1336 : Improper Neutralization of Special Elements Used in a Template Engine
CWE-1392 : Use of Default Credentials
CWE-Other : No Mapping
CWE-nocwe : No Mapping
CWE-noinfo : No Mapping
CWE-DesignError : No Mapping
What is CWE?
※「Vendor/Product search」button is available only in the Microsoft Edge(ie mode).
Results 1-20 of 20
1
ID
Title
CVSSv3
CVSSv2
Date
Public
Date Last
Updated
JVNDB-2023-000025
(JVN#62420378)
TP-Link T2600G-28SQ uses vulnerable SSH host keys
5.3
4.6
2023/03/17
2023/03/17
JVNDB-2023-000024
(JVN#64453490)
Android App "Wolt Delivery: Food and more" uses a hard-coded API key for an external service
4.0
2.1
2023/03/13
2023/03/13
JVNDB-2023-000021
(JVN#57224029)
Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
7.5
5.0
2023/03/01
2023/03/10
JVNDB-2023-001308
(JVNVU#96824262)
Multiple vulnerabilities in Buffalo network devices
6.5
-
2023/03/07
2023/03/08
JVNDB-2023-000022
(JVN#82424996)
Multiple vulnerabilities in SEIKO EPSON printers/network interface Web Config
4.8
3.5
2023/03/08
2023/03/08
JVNDB-2023-000013
(JVN#11257333)
Ichiran App vulnerable to improper server certificate verification
6.5
4.0
2023/02/06
2023/03/06
JVNDB-2023-001304
(JVNVU#94966432)
Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software
7.8
-
2023/03/03
2023/03/06
JVNDB-2023-000023
(JVN#19872280)
Multiple vulnerabilities in PostgreSQL extension module pg_ivm
5.4
5.5
2023/03/06
2023/03/06
JVNDB-2023-001291
(JVNVU#96882769)
Multiple vulnerabilities in Trend Micro Maximum Security
-
-
2023/03/01
2023/03/03
JVNDB-2023-001292
(JVNVU#96221942)
Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service
-
-
2023/03/01
2023/03/02
JVNDB-2023-001269
File and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center
6.6
-
2023/02/28
2023/03/01
JVNDB-2023-000019
(JVN#04785663)
Multiple cross-site scripting vulnerabilities in EC-CUBE
5.4
3.5
2023/02/28
2023/02/28
JVNDB-2023-000020
(JVN#78253670)
web2py development tool vulnerable to open redirect
4.7
2.6
2023/02/28
2023/02/28
JVNDB-2023-000018
(JVN#18765463)
Multiple cross-site scripting vulnerabilities in SHIRASAGI
5.4
3.5
2023/02/22
2023/02/22
JVNDB-2023-000016
(JVN#60263237)
(JVNTA#91240916)
The installers of ELECOM Camera Assistant and QuickFileDealer may insecurely load Dynamic Link Libraries
7.8
6.8
2023/02/14
2023/02/14
JVNDB-2023-000017
(JVN#00712821)
Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools
2.5
1.2
2023/02/14
2023/02/14
JVNDB-2023-000015
(JVN#98612206)
Multiple vulnerabilities in PLANEX COMMUNICATIONS Network Camera CS-WMV02G
6.1
2.6
2023/02/13
2023/02/13
JVNDB-2023-001215
(JVNVU#99551468)
Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers
5.9
-
2023/02/10
2023/02/13
JVNDB-2023-000014
(JVN#60320736)
NEC PC Settings Tool vulnerable to missing authentication for critical function
8.8
6.8
2023/02/10
2023/02/10
JVNDB-2023-001212
(JVNVU#98917488)
Multiple vulnerabilities in JTEKT ELECTRONICS Screen Creator Advance 2
7.8
-
2023/02/03
2023/02/08
Results 1-20 of 20
1
JVN
HOME
What is JVN ?
Instructions
List of Vulnerability Report
VN_JP
VN_JP(Unreachable)
VN_VU
TA
TRnotes
JVN iPedia
Search
What is JVN iPedia?
How to Use?
MyJVN
JVNJS/RSS
Vendor List
List of unreachable developers
Contact
