Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2016-06-19 https://esupport.trendmicro.com/support/vb/solution/ja-jp/1113880.aspx http://jvn.jp/en/jp/JVN48789425/index.html
Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors. Date published : 2016-06-19 https://esupport.trendmicro.com/support/vb/solution/ja-jp/1113880.aspx http://jvn.jp/en/jp/JVN48789425/index.html
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775. Date published : 2016-06-19 https://support.cybozu.com/ja-jp/article/9303 http://jvn.jp/en/jp/JVN37121456/index.html
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776. Date published :...
Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. Date published : 2016-06-19 https://support.cybozu.com/ja-jp/article/8987...
Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors. Date published : 2016-06-19 https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03 http://jvn.jp/en/jp/JVN14749391/index.html
Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors. Date published : 2016-06-19 https://garoon.cybozu.co.jp/support/update/package/421sp1.html#03 http://jvn.jp/en/jp/JVN14749391/index.html
EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account...
EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges. Date...
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows...
I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors. Date published : 2016-06-18 http://www.iodata.jp/support/information/2016/etx-r/ http://jvn.jp/en/jp/JVN96052093/index.html
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users. Date published : 2016-06-18 http://www.iodata.jp/support/information/2016/etx-r/ http://jvn.jp/en/jp/JVN61317238/index.html
The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13f through 3.16b, DX Library for Gnu C++ 3.13f through 3.16b, and DX Library for Visual C++ 3.13f through 3.16b allows remote attackers...
lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted...