Fujitsu M12-1 Firmware Xcp3100

CPE Details

Fujitsu M12-1 Firmware Xcp3100
fujitsu
m12-1_firmware
xcp3100
2021-12-02
18h16 +00:00
2021-12-03
14h01 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:fujitsu:m12-1_firmware:xcp3100:*:*:*:*:*:*:*

Informations

Vendor

fujitsu

Product

m12-1_firmware

Version

xcp3100

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-23840 2021-02-16 16h55 +00:00 Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
7.5
Haute
CVE-2021-3326 2021-01-26 23h00 +00:00 The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
7.5
Haute
CVE-2020-8177 2020-12-14 18h42 +00:00 curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
7.8
Haute
CVE-2020-8285 2020-12-14 18h39 +00:00 curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
7.5
Haute
CVE-2020-8284 2020-12-14 18h38 +00:00 A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.
3.7
Bas
CVE-2020-13817 2020-06-04 10h31 +00:00 ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
7.4
Haute