VYPR

Tellus

by Fujielectric

CVEs (14)

  • CVE-2026-8108HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.

  • CVE-2025-50130HigJul 8, 2025
    risk 0.51cvss 7.8epss 0.00

    A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker on the affected product may lead to arbitrary code execution.

  • CVE-2024-38389HigNov 28, 2024
    risk 0.51cvss 7.8epss 0.00

    There is an Out-of-bounds read vulnerability in TELLUS (v4.0.19.0 and earlier) and TELLUS Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed.

  • CVE-2024-38309HigNov 28, 2024
    risk 0.51cvss 7.8epss 0.00

    There are multiple stack-based buffer overflow vulnerabilities in V-SFT (v6.2.2.0 and earlier), TELLUS (v4.0.19.0 and earlier), and TELLUS Lite (v4.0.19.0 and earlier). If a user opens a specially crafted file, information may be disclosed and/or arbitrary code may be executed.

  • CVE-2023-47582Nov 15, 2023
    risk 0.00cvss epss 0.00

    Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed.

  • CVE-2023-47580Nov 15, 2023
    risk 0.00cvss epss 0.00

    Multiple improper restriction of operations within the bounds of a memory buffer issues exist in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code…

  • CVE-2023-32538Jun 19, 2023
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32273 and CVE-2023-32201.

  • CVE-2023-32276Jun 19, 2023
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

  • CVE-2023-32201Jun 19, 2023
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32273.

  • CVE-2023-32270Jun 19, 2023
    risk 0.00cvss epss 0.00

    Access of memory location after end of buffer issue exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

  • CVE-2023-32542Jun 19, 2023
    risk 0.00cvss epss 0.00

    Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.

  • CVE-2023-32273Jun 19, 2023
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32201.

  • CVE-2023-32288Jun 19, 2023
    risk 0.00cvss epss 0.00

    Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM file may lead to information disclosure and/or arbitrary code execution.

  • CVE-2022-46360Jan 3, 2023
    risk 0.00cvss epss 0.00

    Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file.