Vendor CVEs
Fujielectric
All CVEs
123 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-30546 | 0.00 | — | 0.01 | Jun 16, 2022 | Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||
| CVE-2022-30538 | 0.00 | — | 0.01 | Jun 16, 2022 | Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||
| CVE-2022-29925 | 0.00 | — | 0.01 | Jun 14, 2022 | Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image… | |||
| CVE-2022-29524 | 0.00 | — | 0.01 | Jun 14, 2022 | Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||
| CVE-2022-29522 | 0.00 | — | 0.01 | Jun 14, 2022 | Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||
| CVE-2022-29506 | 0.00 | — | 0.01 | Jun 14, 2022 | Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||
| CVE-2022-26302 | 0.00 | — | 0.01 | Jun 14, 2022 | Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||
| CVE-2021-38419 | 0.00 | — | 0.01 | Dec 20, 2021 | Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds write, which can result in data corruption, a system crash, or code execution. | |||
| CVE-2021-38413 | 0.00 | — | 0.01 | Dec 20, 2021 | Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to a stack-based buffer overflow, which may allow an attacker to achieve code execution. | |||
| CVE-2021-38421 | 0.00 | — | 0.01 | Dec 20, 2021 | Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds read, which may allow an attacker to read sensitive information from other memory locations or cause a crash. | |||
| CVE-2021-38415 | 0.00 | — | 0.01 | Dec 20, 2021 | Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable a heap-based buffer overflow when parsing a specially crafted project file, which may allow an attacker to execute arbitrary code. | |||
| CVE-2021-38401 | 0.00 | — | 0.01 | Dec 20, 2021 | Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an untrusted pointer dereference, which may allow an attacker to execute arbitrary code and cause the application to crash. | |||
| CVE-2021-38409 | 0.00 | — | 0.01 | Dec 20, 2021 | Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service. | |||
| CVE-2020-25171 | 0.00 | — | 0.01 | Feb 19, 2021 | The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2021-22641 | 0.00 | — | 0.02 | Jan 27, 2021 | A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | |||
| CVE-2021-22653 | 0.00 | — | 0.01 | Jan 27, 2021 | Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0). | |||
| CVE-2020-10646 | 0.00 | — | 0.01 | Apr 13, 2020 | Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated to read data, when parsing VPR files, is too small. | |||
| CVE-2019-18240 | 0.00 | — | 0.14 | Nov 13, 2019 | In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2019-13512 | 0.00 | — | 0.01 | Aug 15, 2019 | Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device. | |||
| CVE-2019-10975 | 0.00 | — | 0.01 | Jul 2, 2019 | An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system. | |||
| CVE-2019-3947 | 0.00 | — | 0.02 | Jun 12, 2019 | Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server. | |||
| CVE-2019-3946 | 0.00 | — | 0.02 | Jun 12, 2019 | Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of service via a crafted UDP message sent to port 8005. An unauthenticated, remote attacker can crash vserver.exe due to an integer overflow in the UDP message handling logic. | |||
| CVE-2018-14812 | 0.00 | — | 0.01 | Oct 24, 2018 | An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the… |
- CVE-2022-30546Jun 16, 2022risk 0.00cvss —epss 0.01
Out-of-bounds read vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
- CVE-2022-30538Jun 16, 2022risk 0.00cvss —epss 0.01
Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
- CVE-2022-29925Jun 14, 2022risk 0.00cvss —epss 0.01
Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image…
- CVE-2022-29524Jun 14, 2022risk 0.00cvss —epss 0.01
Out-of-bounds write vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
- CVE-2022-29522Jun 14, 2022risk 0.00cvss —epss 0.01
Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
- CVE-2022-29506Jun 14, 2022risk 0.00cvss —epss 0.01
Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
- CVE-2022-26302Jun 14, 2022risk 0.00cvss —epss 0.01
Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
- CVE-2021-38419Dec 20, 2021risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds write, which can result in data corruption, a system crash, or code execution.
- CVE-2021-38413Dec 20, 2021risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to a stack-based buffer overflow, which may allow an attacker to achieve code execution.
- CVE-2021-38421Dec 20, 2021risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an out-of-bounds read, which may allow an attacker to read sensitive information from other memory locations or cause a crash.
- CVE-2021-38415Dec 20, 2021risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable a heap-based buffer overflow when parsing a specially crafted project file, which may allow an attacker to execute arbitrary code.
- CVE-2021-38401Dec 20, 2021risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an untrusted pointer dereference, which may allow an attacker to execute arbitrary code and cause the application to crash.
- CVE-2021-38409Dec 20, 2021risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service.
- CVE-2020-25171Feb 19, 2021risk 0.00cvss —epss 0.01
The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.
- CVE-2021-22641Jan 27, 2021risk 0.00cvss —epss 0.02
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
- CVE-2021-22653Jan 27, 2021risk 0.00cvss —epss 0.01
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
- CVE-2020-10646Apr 13, 2020risk 0.00cvss —epss 0.01
Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated to read data, when parsing VPR files, is too small.
- CVE-2019-18240Nov 13, 2019risk 0.00cvss —epss 0.14
In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code.
- CVE-2019-13512Aug 15, 2019risk 0.00cvss —epss 0.01
Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device.
- CVE-2019-10975Jul 2, 2019risk 0.00cvss —epss 0.01
An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system.
- CVE-2019-3947Jun 12, 2019risk 0.00cvss —epss 0.02
Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.
- CVE-2019-3946Jun 12, 2019risk 0.00cvss —epss 0.02
Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of service via a crafted UDP message sent to port 8005. An unauthenticated, remote attacker can crash vserver.exe due to an integer overflow in the UDP message handling logic.
- CVE-2018-14812Oct 24, 2018risk 0.00cvss —epss 0.01
An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the…
Page 3 of 3