VYPR
Vendor

Fujitsu

Fujitsu Limited is a Japanese multinational information and communications technology equipment and services corporation, established in 1935 and headquartered in Kawasaki, Kanagawa. It is the world's sixth-largest IT services provider by annual revenue, and it is the largest in Japan as of 2021.

Founded 1935
Products
81
CVEs
77
Across products
110
Status
Private

Products

81
View all 81 products →

Recent CVEs

77
View all 77 CVEs →
  • CVE-2013-2251CriKEVJul 20, 2013
    risk 0.80cvss 9.8epss 1.00

    Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.

  • CVE-2025-62577HigOct 20, 2025
    risk 0.57cvss 8.8epss 0.00

    ETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions vulnerability. A low-privileged user with access to the management server may obtain database credentials, potentially allowing execution of OS commands with administrator privileges.

  • CVE-2024-33620HigJun 18, 2024
    risk 0.56cvss 8.6epss 0.01

    Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, the file contents including sensitive information on the server may be retrieved by an unauthenticated remote attacker.

  • CVE-2025-65001HigNov 12, 2025
    risk 0.53cvss 8.2epss 0.00

    Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially affect system confidentiality, integrity, and availability.

  • CVE-2016-8610HigNov 13, 2017
    risk 0.52cvss 7.5epss 0.40

    A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive…

  • CVE-2026-20893HigJan 7, 2026
    risk 0.51cvss 7.8epss 0.00

    Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with…

  • CVE-2020-8177HigDec 14, 2020
    risk 0.51cvss 7.8epss 0.01

    curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

  • CVE-2017-3210HigJul 24, 2018
    risk 0.51cvss 7.8epss 0.01

    Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These…

  • CVE-2017-10855HigSep 15, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2025-65002HigNov 12, 2025
    risk 0.49cvss 7.5epss 0.00

    Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters.

  • CVE-2013-2566MedMar 15, 2013
    risk 0.48cvss 5.9epss 0.84

    The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

  • CVE-2024-12782HigDec 19, 2024
    risk 0.47cvss 7.3epss 0.01

    A vulnerability has been found in Fujifilm Business Innovation Apeos C3070, Apeos C5570 and Apeos C6580 up to 24.8.28 and classified as critical. This vulnerability affects unknown code of the file /home/index.html#hashHome of the component Web Interface. The manipulation leads…

  • CVE-2024-33622MedJun 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Missing authentication for critical function vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, sensitive information may be obtained and/or the information stored in the database may be altered by a remote…

  • CVE-2021-23840HigFeb 16, 2021
    risk 0.42cvss 7.5epss 0.51

    Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will…

  • CVE-2020-8285HigDec 14, 2020
    risk 0.42cvss 7.5epss 0.10

    curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

  • CVE-2024-34024MedJun 18, 2024
    risk 0.41cvss 6.3epss 0.00

    Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not.

  • CVE-2025-68919MedDec 24, 2025
    risk 0.36cvss 5.6epss 0.00

    Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Management Software) before 16.8-16.9.1 PA 2025-12, when collected maintenance data is accessible by a principal/authority other than ETERNUS SF Admin, allows an attacker to potentially affect system confidentiality,…

  • CVE-2024-36454MedJun 12, 2024
    risk 0.34cvss 5.3epss 0.00

    Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x Series) V01L07NF0201 and earlier, and IPCOM VE2 Series V01L07NF0201 and earlier. If this vulnerability is exploited, the system may be rebooted or suspended by receiving a specially crafted packet.

  • CVE-2015-2808LowApr 1, 2015
    risk 0.30cvss 3.7epss 0.74

    The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing…

  • CVE-2020-8284LowDec 14, 2020
    risk 0.24cvss 3.7epss 0.04

    A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port…