Vulnerabilities > Fujitsu > High

DATE CVE VULNERABILITY TITLE RISK
2021-02-16 CVE-2021-23840 Integer Overflow or Wraparound vulnerability in multiple products
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform.
7.5
2021-01-27 CVE-2021-3326 Reachable Assertion vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
network
low complexity
gnu netapp oracle fujitsu debian CWE-617
7.5
2020-12-14 CVE-2020-8285 Uncontrolled Recursion vulnerability in multiple products
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
7.5
2020-12-14 CVE-2020-8177 Injection vulnerability in multiple products
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
local
low complexity
haxx debian fujitsu siemens splunk CWE-74
7.8
2020-06-04 CVE-2020-13817 Use of Insufficiently Random Values vulnerability in multiple products
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets.
network
high complexity
ntp netapp opensuse fujitsu CWE-330
7.4
2019-10-24 CVE-2019-18201 Cleartext Transmission of Sensitive Information vulnerability in Fujitsu Lx390 Firmware
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices.
network
low complexity
fujitsu CWE-319
7.5
2019-05-17 CVE-2018-16156 Untrusted Search Path vulnerability in Fujitsu Paperstream IP (Twain) 1.42.0.5685
In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe.
local
low complexity
fujitsu CWE-426
7.8
2018-07-24 CVE-2017-3210 Configuration vulnerability in multiple products
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution.
local
low complexity
portrait fujitsu hp philips CWE-16
7.8
2017-11-13 CVE-2016-8610 A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. 7.5
2017-09-15 CVE-2017-10855 Untrusted Search Path vulnerability in Fujitsu Fence-Explorer 8.4.1
Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
fujitsu CWE-426
7.8