Latest Fujitsu Vulnerabilities

CVE-2023-4096
Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order t...
Fujitsu Arconte Aurea=1.5.0.0
CVE-2023-4095
User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to obtain a list of registered users in the application, obtaining the n...
Fujitsu Arconte Aurea=1.5.0.0
CVE-2023-4093
Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the ...
Fujitsu Arconte Aurea=1.5.0.0
CVE-2023-4094
ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. In add...
Fujitsu Arconte Aurea=1.5.0.0
CVE-2023-4092
SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data (insert/updat...
Fujitsu Arconte Aurea=1.5.0.0
CVE-2023-39903
An issue was discovered in Fujitsu Software Infrastructure Manager (ISM) before 2.8.0.061. The ismsnap component (in this specific case at /var/log/fujitsu/ServerViewSuite/ism/FirmwareManagement/Firmw...
Fujitsu Software Infrastructure Manager<2.8.0.061
CVE-2023-39379
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configu...
Fujitsu Software Infrastructure Manager=2.8.0.060
Fujitsu Software Infrastructure Manager=2.8.0.060
Fujitsu Software Infrastructure Manager=2.8.0.060
CVE-2023-38555
Fujitsu Si-r 30b Firmware
Fujitsu Si-r 30b
Fujitsu Si-r 130b Firmware
Fujitsu Si-r 130b
Fujitsu Si-r 90brin Firmware
Fujitsu Si-r 90brin
and 26 more
CVE-2023-38433
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the...
Fujitsu Ip-he950e Firmware>=v01l001<=v01l053
Fujitsu Ip-he950e
Fujitsu Ip-he950d Firmware>=v01l001<=v01l053
Fujitsu Ip-he950d
Fujitsu Ip-he900e Firmware>=v01l001<=v01l010
Fujitsu Ip-he900e
and 16 more
CVE-2022-31794
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is ab...
Fujitsu Eternus Cs8000 Firmware<8.1
Fujitsu Eternus Cs8000 Firmware=8.1
Fujitsu Eternus Cs8000
CVE-2022-29516
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, I...
Fujitsu Ipcom Ex2 Nw 1100 Firmware<v01l05_nf0501
Fujitsu Ipcom Ex2 Nw 1100
Fujitsu Ipcom Ex2 Nw 3500 Firmware<v01l05_nf0501
Fujitsu Ipcom Ex2 Nw 3500
Fujitsu Ipcom Ex2 Nw 3200 Firmware<v01l05_nf0501
Fujitsu Ipcom Ex2 Nw 3200
and 86 more
CVE-2022-28806
An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), ...
Fujitsu Lifebook A3510 Firmware<1.09
Fujitsu Lifebook A3510
Fujitsu Lifebook U9310 Firmware<2.17
Fujitsu Lifebook U9310
Fujitsu Lifebook U7511 Firmware<2.30
Fujitsu Lifebook U7511
and 18 more
CVE-2022-27089
In Fujitsu PlugFree Network <= 7.3.0.3, an Unquoted service path in PFNService.exe software allows a local attacker to potentially escalate privileges to system level.
Fujitsu PlugFree Network<=7.3.0.3
CVE-2021-20722
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7.0L20 and the Software Download Installer prior to WinSSInst2JP.exe and WinSSInst2iX1500JP.exe allows an a...
Fujitsu Scansnap Manager<7.0l20
CVE-2020-17457
Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticated attacker can store an XSS payload in the PSCU_FILE_INIT field of a Save Configuration XML document. The payload is triggered in ...
Fujitsu Serverview Remote Management<9.62f
CVE-2021-23840
OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application t...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 86 more
CVE-2021-3326
GNU C Library (aka glibc or libc6) is vulnerable to a denial of service, caused by an assertion failure when processing invalid input sequences in the ISO-2022-JP-3 encoding in the iconv function. By ...
IBM Security Verify Access<=10.0.0
GNU glibc<=2.32.0
NetApp E-Series SANtricity OS Controller>=11.0<=11.60.3
NetApp ONTAP Select Deploy administration utility
Oracle Communications Cloud Native Core Security Edge Protection Proxy=1.5.0
Fujitsu M10-1 Firmware<xcp2410
and 47 more
CVE-2020-8285
curl. A buffer overflow was addressed with improved input validation.
redhat/jbcs-httpd24<0:1-18.el8
redhat/jbcs-httpd24-apr<0:1.6.3-105.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-82.el8
redhat/jbcs-httpd24-brotli<0:1.0.6-40.el8
redhat/jbcs-httpd24-curl<0:7.77.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-74.el8
and 105 more
CVE-2020-8284
curl. This issue was addressed with improved checks.
redhat/jbcs-httpd24<0:1-18.el8
redhat/jbcs-httpd24-apr<0:1.6.3-105.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-82.el8
redhat/jbcs-httpd24-brotli<0:1.0.6-40.el8
redhat/jbcs-httpd24-curl<0:7.77.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-74.el8
and 113 more
CVE-2020-29127
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privi...
Fujitsu Eternus Storage Dx200 S4 Firmware<=2020-11-25
Fujitsu Eternus Storage DX200 S4
CVE-2020-1968
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphers...
OpenSSL OpenSSL>=1.0.2<=1.0.2v
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Debian Debian Linux=9.0
Oracle Jd Edwards World Security=a9.4
Oracle PeopleSoft Enterprise PeopleTools=8.56
and 63 more
CVE-2020-8177
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
debian/curl
debian/curl<=7.68.0-1<=7.52.1-1<=7.52.1-5+deb9u10<=7.64.0-4+deb10u1<=7.64.0-1
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
Haxx Curl>=7.20.0<=7.70.0
and 47 more
CVE-2020-13817
NTP is vulnerable to a denial of service, caused by an issue when relying on unauthenticated IPv4 time sources in ntpd. By predicting transmit timestamps for use in spoofed packets, a remote attacker ...
IBM ISAM<=9.0.7
IBM Security Verify Access<=10.0.0
redhat/ntp<4.2.8
redhat/ntp<4.3.100
NTP ntp<4.2.8
NTP ntp>=4.3.0<4.3.100
and 72 more
CVE-2019-13163
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, I...
Fujitsu Gp7000f Firmware
Fujitsu Gp7000f
Fujitsu Primepower Firmware
Fujitsu Primepower
Fujitsu Gps Firmware
Fujitsu Gps
and 354 more
CVE-2019-18200
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks.
Fujitsu Lx390 Firmware
Fujitsu Lx390=gk381
CVE-2019-18199
An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, and because of password-based authentication, they are ...
Fujitsu Lx390 Firmware
Fujitsu Lx390=gk381
CVE-2019-12762
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface ...
Mi Mi 5s Plus Firmware
mi Mi 5s Plus
Sony Xperia Z4 Firmware
Sony Xperia Z4
Samsung Galaxy S6 Edge Firmware
Samsung Galaxy S6 Edge
and 10 more
CVE-2018-16156
In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe. One of...
Fujitsu Paperstream Ip \(twain\)=1.42.0.5685
CVE-2019-9835
The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set LX901 GK900 devices allows Keystroke Injection. This occurs because it accepts unencrypted 2.4 GHz packets, even though all legitim...
Fujitsu Lx901 Firmware
Fujitsu Lx901
Fujitsu Gk900 Firmware
Fujitsu Gk900
CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perfo...
ubuntu/openssh<1:7.6
ubuntu/openssh<1:7.7
ubuntu/openssh<1:6.6
ubuntu/openssh<1:7.2
Openbsd Openssh<=7.9
Winscp Winscp<=5.1.3
and 76 more
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the targ...
debian/openssh<=1:7.4p1-10<=1:7.9p1-4<=1:7.4p1-10+deb9u4
Openbsd Openssh<=7.9
Winscp Winscp<=5.13
Netapp Cloud Backup
Netapp Element Software
Netapp Ontap Select Deploy
and 88 more
CVE-2017-3210
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the...
Portrait Portrait Display Sdk>=2.30<2.34
Fujitsu DisplayView Click=6.0
Fujitsu DisplayView Click=6.01
Fujitsu DisplayView Click Suite=5.0
HP Display Assistant=2.1
HP My Display=2.0
and 2 more
CVE-2018-3693
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. It relies on the presence of a precisely-defin...
Intel Atom C=c2308
Intel Atom C=c2316
Intel Atom C=c2338
Intel Atom C=c2350
Intel Atom C=c2358
Intel Atom C=c2508
and 1089 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203