4 matches found
CVE-2022-26494
An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name...
CVE-2022-26494
An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. JavaScript code must be used in a worker name before a Generate CSR request. Only an administrator can update a worker name...
PT-2022-17900 · Primekey · Primekey Signserver
Name of the Vulnerable Software and Affected Versions: PrimeKey SignServer versions prior to 5.8.1 Description: A cross-site scripting XSS issue was identified in the Admin Web interface. This issue can be exploited by using JavaScript code in a worker name before a Generate CSR request. It is...
CVE-2021-21887
A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...