Monthly Archive: June 2020

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information...

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an...

Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. 1.94Y and earlier, CW Configurator Ver. 1.010L and earlier, EM Software Development Kit (EM Configurator) Ver. 1.010L and...

Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. 1.94Y and earlier, CW Configurator Ver. 1.010L and earlier, EM Software Development Kit (EM Configurator) Ver. 1.010L and earlier, GT Designer3 (GOT2000) Ver....

Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote attackers to execute an arbitrary command via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN40039627/index.html https://www.e-tax.nta.go.jp/topics/topics_200618.htm

Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36410/

Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36409/

Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36453/

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36432/

Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36433/

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report’s data via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36408/

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36455/

Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36393

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors. Date published : 2020-06-30 https://jvn.jp/en/jp/JVN55497111/index.html https://kb.cybozu.support/article/36391