CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2023-39341
https://notcve.org/view.php?id=CVE-2023-39341
"FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0). • https://jvn.jp/en/jp/JVN42527152 https://www.ffri.jp/security-info/index.htm https://www.skyseaclientview.net/news/230807_01 https://www.soliton.co.jp/support/zerona_notice_2023.html https://www.sourcenext.com/support/i/2023/230718_01 https://www.support.nec.co.jp/View.aspx?id=3140109240 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20616
https://notcve.org/view.php?id=CVE-2021-20616
Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Una vulnerabilidad de ruta de búsqueda no confiable en el instalador de SKYSEA Client View versiones Ver.1.020.05b hasta Ver.16.001.01g, permite a un atacante alcanzar privilegios por medio de una DLL de tipo caballo de Troya en un directorio no especificado. • https://jvn.jp/en/jp/JVN69635538/index.html https://www.skyseaclientview.net/news/210112_01 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5617
https://notcve.org/view.php?id=CVE-2020-5617
Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors. Una vulnerabilidad de escalada de privilegios en SKYSEA Client View Versiones 12.200.12n hasta 15.210.05f, permite a un atacante obtener privilegios no autorizados y modificar y obtener información confidencial o realizar operaciones no deseadas por medio de vectores no especificados • https://jvn.jp/en/jp/JVN25422698/index.html https://www.skyseaclientview.net/news/200803_01 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 1CVE-2016-7836
https://notcve.org/view.php?id=CVE-2016-7836
SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program. SKYSEA Client View versión 11.221.03 y anteriores, permiten la ejecución remota de código a través de una falla en el procesamiento de la autenticación en la conexión TCP con el programa de consola de administración. • http://www.securityfocus.com/bid/95062 http://www.skyseaclientview.net/news/161221 https://jvn.jp/en/jp/JVN84995847/index.html https://www.skygroup.jp/security-info/170308.html • CWE-287: Improper Authentication •