Fujitsu IP Series - Hardcoded Credentials

Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative...

SUSE CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

...

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2026-50031

The CVE affects FreeIPMI’s ipmi-oem client prior to version 1.16.18, where two OEM subcommands (ipmi-oem dell get-active-directory-config and ipmi-oem fujitsu get-sel-entry-long-text) can trigger exploitable buffer overflows on responses. Root cause: buffer overflows in response handling. Impact ...

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

EUVD-2026-34065

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

FreeIPMI 安全漏洞

FreeIPMI is an open-source server remote management toolset provided by FreeIPMI, which offers features for managing and monitoring IPMI interfaces. Versions of FreeIPMI prior to 1.6.18 contained security vulnerabilities. These vulnerabilities stemmed from buffer overflows in the response message...

Linux Distros Unpatched Vulnerability : CVE-2026-50031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defin...

PT-2026-45902

Name of the Vulnerable Software and Affected Versions FreeIPMI versions prior to 1.16.18 Description The ipmi-oem client command, which implements Intelligent Platform Management Interface IPMI OEM commands for specific hardware vendors, contains buffer overflows on response messages. This issue...

Fujitsu Musetheque V4 跨站请求伪造漏洞

Fujitsu Musetheque V4 is a digital archive and collection information management system developed by Fujitsu for museums and cultural institutions. Versions of Fujitsu Musetheque V4 prior to rev2203.0 contained a cross-site request forgeing vulnerability. This vulnerability arises from cross-site...

Fujitsu Musetheque V4 跨站脚本漏洞

Fujitsu Musetheque V4 is a digital archive and collection information management system developed by Fujitsu for museums and cultural institutions. Fujitsu Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier versions contained a cross-site scripting vulnerability. This...

Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys)

Overview Fujitsu BIOS Driver fbiosdrv.sys provided by Fujitsu Limited contains the following vulnerability. Out-of-bounds Write CWE-787 - CVE-2025-65001 Fujitsu Limited reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Receiving a specially crafted reque...

Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries

Overview The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. contains the following vulnerability. Uncontrolled search path element CWE-427 - CVE-2026-24016 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

CVE-2022-31794

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 Control Center devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hwview.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons,...

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...

CVE-2026-20893

Origin validation error issue exists in Fujitsu Security Solution AuthConductor Client Basic V2 2.0.25.0 and earlier. If this vulnerability is exploited, an attacker who can log in to the Windows system where the affected product is installed may execute arbitrary code with SYSTEM privilege and/o...