Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN98975951/index.html https://chrome.google.com/webstore/detail/5000%E5%85%86%E5%86%86%E3%82%B3%E3%83%B3%E3%83%90%E3%83%BC%E3%82%BF%E3%83%BC/mgaphgebhfgmkahikdhdomnnpelbijmo
The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Date published...
Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an administrative privilege to execute arbitrary code or obtain sensitive information. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN33124193/index.html https://www.zenphoto.org/news/zenphoto-1.5
Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN92265618/index.html https://linecorp.com/en/security/article/172
Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN93226941/index.html https://github.com/h2o/h2o/issues/1775
SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN27978559/index.html
Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN27978559/index.html
Pixelpost v1.7.3 and earlier allows remote code execution via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN27978559/index.html
Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN60978548/index.html Site Reviews
Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN16471686/index.html Email Subscribers by Icegram...
Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN79301396/index.html https://github.com/yak1ex/axpdfium/wiki/JVN%2379301396%28en%29
Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Date published : 2018-06-26...
Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Date published : 2018-06-26 http://jvn.jp/en/jp/JVN81196185/index.html https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/
Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Date published : 2018-06-26...