VYPR
Vendor

NEC

NEC Corporation is a Japanese multinational information technology corporation headquartered at the NEC Supertower in Minato, Tokyo, Japan. It provides IT and network solutions, including cloud computing, artificial intelligence (AI), Internet of Things (IoT) platform, and telecommunications equipment and software to business enterprises, communications services providers and to government agencies. It is one of the five largest defense contractors in Japan.

Founded 1899
Products
116
CVEs
142
Across products
289
Status
Private

Products

116
View all 116 products →

Recent CVEs

142
View all 142 CVEs →
  • CVE-1999-0043CriDec 4, 1996
    risk 0.67cvss 9.8epss 0.45

    Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

  • CVE-2026-4622CriMar 27, 2026
    risk 0.64cvss 9.8epss 0.01

    OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

  • CVE-2026-4620CriMar 27, 2026
    risk 0.64cvss 9.8epss 0.01

    OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

  • CVE-2026-4619CriMar 27, 2026
    risk 0.64cvss 9.8epss 0.00

    Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.

  • CVE-2025-11546CriNov 7, 2025
    risk 0.60cvss epss 0.00

    CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an…

  • CVE-2024-3016CriMay 14, 2024
    risk 0.59cvss 9.1epss 0.01

    NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.

  • CVE-2016-1168HigApr 1, 2016
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.

  • CVE-2016-1167HigApr 1, 2016
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.

  • CVE-2025-12852HigNov 19, 2025
    risk 0.55cvss epss 0.00

    DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device.

  • CVE-2025-0355HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.01

    Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier,…

  • CVE-2017-12575HigAug 24, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service APIs for access to and setup of the configuration. Some APIs don't require authentication. An attacker could exploit this vulnerability by sending a crafted HTTP request to retrieve…

  • CVE-2016-1145HigJan 30, 2016
    risk 0.49cvss 7.5epss 0.04

    Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2025-0356HigJan 15, 2025
    risk 0.47cvss 7.2epss 0.01

    NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network.

  • CVE-2024-11013HigNov 29, 2024
    risk 0.47cvss 7.2epss 0.01

    Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27, for Ver10.9 up to Ver10.9.14 and UNIVERGE IX-R/IX-V Ver1.2.15 and earlier allows a attacker to inject an arbitrary CLI commands to be executed on the device…

  • CVE-2026-4309MedMar 27, 2026
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.

  • CVE-2026-4621MedMar 27, 2026
    risk 0.36cvss 5.6epss 0.00

    Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.

  • CVE-1999-0011MedApr 8, 1998
    risk 0.36cvss 5.4epss 0.05

    Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

  • CVE-2024-6466MedJan 21, 2025
    risk 0.34cvss 5.3epss 0.00

    NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified.

  • CVE-2025-8153MedSep 17, 2025
    risk 0.33cvss epss 0.00

    Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from Ver.9.5 to Ver.10.7, from Ver.10.8.21 to Ver.10.8.36, from Ver.10.9.11 to Ver.10.9.24, from Ver.10.10.21 to Ver.10.10.31, Ver.10.11.6 and UNIVERGE IX-R/IX-V Ver1.3.16, Ver1.3.21 allows a attacker to inject an…

  • CVE-2025-0354MedJan 15, 2025
    risk 0.31cvss 4.8epss 0.00

    Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to…