CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2023-39341
https://notcve.org/view.php?id=CVE-2023-39341
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0). • https://jvn.jp/en/jp/JVN42527152 https://www.ffri.jp/security-info/index.htm https://www.skyseaclientview.net/news/230807_01 https://www.soliton.co.jp/support/zerona_notice_2023.html https://www.sourcenext.com/support/i/2023/230718_01 https://www.support.nec.co.jp/View.aspx?id=3140109240 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2021-20655
https://notcve.org/view.php?id=CVE-2021-20655
FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. FileZen (versiones V3.0.0 hasta V4.2.7 y versiones V5.0.0 hasta V5.0.2) permite a un atacante remoto con derechos de administrador ejecutar comandos arbitrarios del Sistema Operativo por medio de vectores no especificados • https://jvn.jp/en/jp/JVN58774946/index.html https://www.soliton.co.jp/support/2021/004334.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2020-5639
https://notcve.org/view.php?id=CVE-2020-5639
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary OS command may be executed. Una vulnerabilidad de Salto de Directorio en FileZen desde versiones V3.0.0 hasta V4.2.2, permite a atacantes remotos cargar un archivo arbitrario en un directorio específico por medio de vectores no especificados. Como resultado, puede ser ejecutado un comando de Sistema Operativo arbitrario. • https://jvn.jp/en/jp/JVN12884935/index.html https://jvn.jp/jp/JVN12884935/index.html https://www.soliton.co.jp/support/2020/004278.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0694
https://notcve.org/view.php?id=CVE-2018-0694
FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors. FileZen, de la versión V3.0.0 a la V4.2.1, permite que los atacantes remotos ejecuten comandos de sistema operativo arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN95355683/index.html https://www.soliton.co.jp/support/2018/003328.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0693
https://notcve.org/view.php?id=CVE-2018-0693
Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbitrary file in the specific directory in FileZen via unspecified vectors. Vulnerabilidad de salto de directorio en FileZen, de la versión V3.0.0 a la V4.2.1, permite que atacantes remotos suban un archivo arbitrario en el directorio especificado en FileZen mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN95355683/index.html https://www.soliton.co.jp/support/2018/003328.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •