Vulnerabilities > Fujitsu

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2022-28806 Out-of-bounds Write vulnerability in Fujitsu products
An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449).
local
low complexity
fujitsu CWE-787
7.2
2022-04-11 CVE-2022-27089 Unquoted Search Path or Element vulnerability in Fujitsu Plugfree Network 7.3.0.3
In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level.
local
low complexity
fujitsu CWE-428
7.2
2021-05-24 CVE-2021-20722 Uncontrolled Search Path Element vulnerability in Fujitsu Scansnap Manager
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an attacker to gain privileges and execute arbitrary code with the privilege of the user invoking the installer via a Trojan horse DLL in an unspecified directory.
4.4
2021-03-17 CVE-2020-17457 Cross-site Scripting vulnerability in Fujitsu Serverview Remote Management
Fujitsu ServerView Suite iRMC before 9.62F allows XSS.
network
fujitsu CWE-79
3.5
2021-02-16 CVE-2021-23840 Integer Overflow or Wraparound vulnerability in multiple products
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform.
network
low complexity
openssl debian tenable oracle mcafee fujitsu CWE-190
5.0
2021-01-27 CVE-2021-3326 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
low complexity
gnu netapp oracle fujitsu CWE-617
5.0
2020-12-14 CVE-2020-8285 Uncontrolled Recursion vulnerability in multiple products
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
5.0
2020-12-14 CVE-2020-8284 A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. 4.3
2020-12-14 CVE-2020-8177 Injection vulnerability in multiple products
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
local
low complexity
haxx debian fujitsu siemens CWE-74
4.6
2020-11-30 CVE-2020-29127 Improper Authentication vulnerability in Fujitsu Eternus Storage Dx200 S4 Firmware
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25.
network
low complexity
fujitsu CWE-287
critical
10.0