Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kddi vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2016-1136
Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices prior to 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Kddi Home Spot Cube Firmware 2.0
4.7
CVSSv3
CVE-2016-1138
CRLF injection vulnerability on KDDI HOME SPOT CUBE devices prior to 2 allows remote malicious users to inject arbitrary HTTP headers via unspecified vectors.
Kddi Home Spot Cube Firmware 2.0
7.5
CVSSv3
CVE-2016-1139
Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices prior to 2 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Kddi Home Spot Cube Firmware 2.0
6.1
CVSSv3
CVE-2016-1140
KDDI HOME SPOT CUBE devices prior to 2 allow remote malicious users to conduct clickjacking attacks via unspecified vectors.
Kddi Home Spot Cube Firmware 2.0
9.8
CVSSv3
CVE-2024-23978
Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and previous versions. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported.
Kddi Home Spot Cube 2 Firmware V102
7.8
CVSSv3
CVE-2018-0517
Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and previous versions allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Kddi Anshin Net Security
NA
CVE-2007-3692
Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote malicious users to read and download arbitrary files via a .. (dot dot) in the name parameter.
Kddi Ezfactory Download Cgi 1.0
5.4
CVSSv3
CVE-2022-43543
KDDI +Message App, NTT DOCOMO +Message App, and SoftBank +Message App contain a vulnerability caused by improper handling of Unicode control characters. +Message App displays text unprocessed, even when control characters are contained, and the text is shown based on Unicode cont...
Kddi \\+ Message
Docomo \\+ Message
Softbank \\+ Message
5.9
CVSSv3
CVE-2018-0691
Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message App for iOS prior to version 1.1.23, NTT DOCOMO +Message App for Android prior to version 42.40.2800, NTT DOCOMO +Message App for iOS prior to version 1.1.23, KDDI +Message App fo...
Softbank \\+ Message
Kddi \\+ Message
Ntttocomo \\+ Message
Ntt Tocomo \\+ Message
NA
CVE-2013-4710
Android 3.0 up to and including 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote malicious users to execute arbitrary methods of Java objects or cause a denial of service (reboot) via...
Google Android 4.0
Google Android 3.2.6
Google Android 3.2.4
Google Android 3.2.2
Google Android 4.0.4
Google Android 4.0.2
Google Android 3.2
Google Android 3.0
Google Android 4.1.2
Google Android 4.1
Google Android 4.0.3
Google Android 4.0.1
Google Android 3.2.1
Google Android 3.1
2 EDB exploits
2 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »