Fujitsu M12-2s Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Fujitsu M12-2s Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2018-1000007 — CVSS 9.8 (critical): libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP…
CVE-2020-8177 — CVSS 7.8 (high): curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a…
CVE-2016-8610 — CVSS 7.5 (high): A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined…
CVE-2020-8285 — CVSS 7.5 (high): curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
CVE-2021-23840 — CVSS 7.5 (high): Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input…
CVE-2021-3326 — CVSS 7.5 (high): The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3…
CVE-2020-13817 — CVSS 7.4 (high): ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time…
CVE-2019-6109 — CVSS 6.8 (medium): An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle…
CVE-2019-6111 — CVSS 5.9 (medium): An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which…
CVE-2018-3693 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2018-20685 — CVSS 5.3 (medium): In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty…
CVE-2020-8284 — CVSS 3.7 (low): A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and…
CVE-2020-1968 — CVSS 3.7 (low): The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in…