Vulnerabilities > Justsystems

DATE CVE VULNERABILITY TITLE RISK
2023-10-19 CVE-2023-34366 Use After Free vulnerability in Justsystems products
A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372.
local
low complexity
justsystems CWE-416
7.8
2023-10-19 CVE-2023-38127 Integer Overflow or Wraparound vulnerability in Justsystems products
An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372.
local
low complexity
justsystems CWE-190
7.8
2023-10-19 CVE-2023-38128 Out-of-bounds Write vulnerability in Justsystems products
An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372.
local
low complexity
justsystems CWE-787
7.8
2023-10-19 CVE-2023-35126 Out-of-bounds Write vulnerability in Justsystems products
An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008.
local
low complexity
justsystems CWE-787
7.8
2023-04-05 CVE-2022-43664 Use After Free vulnerability in Justsystems Ichitaro 2022 1.0.1.57600
A use-after-free vulnerability exists within the way Ichitaro Word Processor 2022, version 1.0.1.57600, processes protected documents.
local
low complexity
justsystems CWE-416
7.8
2023-04-05 CVE-2022-45115 Heap-based Buffer Overflow vulnerability in Justsystems Ichitaro 2022 1.0.1.57600
A buffer overflow vulnerability exists in the Attribute Arena functionality of Ichitaro 2022 1.0.1.57600.
local
low complexity
justsystems CWE-122
7.8
2023-04-05 CVE-2023-22291 Free of Memory not on the Heap vulnerability in Justsystems Ichitaro 2022 1.0.1.57600
An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600.
local
low complexity
justsystems CWE-590
7.8
2023-04-05 CVE-2023-22660 Heap-based Buffer Overflow vulnerability in Justsystems Ichitaro 2022 1.0.1.57600
A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types.
local
low complexity
justsystems CWE-122
7.8
2022-08-16 CVE-2022-36344 Unquoted Search Path or Element vulnerability in Justsystems products
An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others.
network
low complexity
justsystems CWE-428
critical
9.8
2022-05-30 CVE-2022-1542 Cross-site Scripting vulnerability in Justsystems HPB Dashboard
The HPB Dashboard WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
network
low complexity
justsystems CWE-79
4.8