CVSS: 5.9EPSS: 91%CPEs: 34EXPL: 0CVE-2013-2566 – Gentoo Linux Security Advisory 201406-19
https://notcve.org/view.php?id=CVE-2013-2566
14 Mar 2013 — The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. El algoritmo RC4, tal como se usa en el protocolo TLS y protocolo SSL, tiene muchos "single-byte biases", lo que hace que sea más fácil para atacantes remotos realizar ataques de recuperación de texto claro a través de análisis estadístico... • http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html • CWE-326: Inadequate Encryption Strength •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2010-2149
https://notcve.org/view.php?id=CVE-2010-2149
03 Jun 2010 — Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors. Vulnerabilidad de fijación de sesión de Fujitsu e-Pares V01 L01, L03, L10, L20, L30 permite a atacantes remotos secuestrar sesiones web a través de vectores sin expecificar. • http://jvn.jp/en/jp/JVN36925871/index.html • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2010-2150
https://notcve.org/view.php?id=CVE-2010-2150
03 Jun 2010 — Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Fujitsu e-Pares V01 L01 permite a atacantes remotos inyectar código web o HTML a través de vectores sin expecificar. • http://jvn.jp/en/jp/JVN58439007/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2010-2151
https://notcve.org/view.php?id=CVE-2010-2151
03 Jun 2010 — Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30 y L40 permite a atacantes remotos secuestar la autenticación de otros usuarios para peticiones que modifican "datos reservados" a través de... • http://jvn.jp/en/jp/JVN82465391/index.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.4EPSS: 0%CPEs: 19EXPL: 0CVE-2010-1942
https://notcve.org/view.php?id=CVE-2010-1942
18 May 2010 — Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device. Vulnerabilidad sin especificar en el servicio Servlet en Fujitsu Limited Interstage... • http://jvn.jp/en/jp/JVN90248889/index.html •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2008-7194
https://notcve.org/view.php?id=CVE-2008-7194
10 Sep 2009 — Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server 5.0, 7.0, 7.0.1, and 8.0.0 for Windows, allows attackers to cause a denial of service via a crafted request. Vulnerabilidad no especificada en Fujitsu Interstage HTTP Server, como el que se usa en Interstage Application Server v5.0, v7.0, v7.0.1 y v8.0.0 para Windows, permite a los atacantes provocar una denegación de servicio a través de una solicitud manipulada. • http://secunia.com/advisories/28606 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2008-7195
https://notcve.org/view.php?id=CVE-2008-7195
10 Sep 2009 — Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown vectors related to SSL. Vulnerabilidad no especificada en Fujitsu Interstage HTTP Server, como el que se usa en Interstage Application Server Enterprise Edition v7.0.1 para Solaris, permite a los atacantes provocar una denegación de servicio a través de vectores desconocidos relacionados con SSL. • http://secunia.com/advisories/28606 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-0867
https://notcve.org/view.php?id=CVE-2009-0867
10 Mar 2009 — The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 allows remote attackers to obtain (1) hardware and (2) software information via unspecified requests in a client connection. El servicio HRM-S en Fujitsu Enhanced Support Facility v3.0 y v3.0.1 pemitiria a atacantes remotos conseguir información de (1)hardware y (2)software a través de peticiones sin especificar e una conexión de cliente. • http://secunia.com/advisories/33974 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0868
https://notcve.org/view.php?id=CVE-2009-0868
10 Mar 2009 — CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. Vulnerabilidad de inyección CRLF en la plantilla de WebLink en Jasmine2000 Enterprise Edition permite a atacantes remotos inyectar cabeceras HTTP de manera arbitraria y dirigir ataques de división de respuesta HTTP a través de vectores sin especificar. • http://secunia.com/advisories/33971 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 17%CPEs: 6EXPL: 0CVE-2009-0270
https://notcve.org/view.php?id=CVE-2009-0270
26 Jan 2009 — Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet. Un desbordamiento de pila basado en búfer en la ejecución de PXEService.exe en Fujitsu SystemcastWizard Lite 2.0a, 2.0, 1.9, y anteriores permite a atacantes remotos ejecutar código arbitrario a través de una petición de protocolo PXE demasiado larga en un paquete UDP. • http://osvdb.org/51486 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •