Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/10/17 10:40 a.m.15 views

CVE-2025-58426

desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications...

5.3CVSS6.9AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2025/10/16 10:3 a.m.9 views

CVE-2025-58426

The CVE concerns desknet’s NEO across versions V4.0R1.0–V9.0R2.0, where a hard-coded cryptographic key enables an attacker to create malicious AppSuite applications. This is the underlying root cause described in multiple connected sources, with impact stated as attacker-authored AppSuite apps be...

5.3CVSS4.8AI score0.00243EPSS
Exploits0References2
CVE
CVE
added 2025/10/16 10:3 a.m.10 views

CVE-2025-58079

The advisory shows CVE-2025-58079 in desknet’s NEO AppSuite (desknet’s NEO, versions V4.0R1.0–V9.0R2.0) with CWE-424 (Improper Protection of Alternate Path). Root cause: improper access protection enabling a remote attacker to create malicious AppSuite applications. Impact per sources indicates a...

5.3CVSS4.8AI score0.00265EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-26799

Malware in sbrugna...

6.1CVSS5.4AI score0.00772EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:39 p.m.11 views

CVE-2020-5638

Cross-site scripting vulnerability in desknet's NEO desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

6.1CVSS6.7AI score0.00772EPSS
Exploits0References1
NVD
NVD
added 2020/12/03 12:15 p.m.16 views

CVE-2020-5638

Cross-site scripting vulnerability in desknet's NEO desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

6.1CVSS6.1AI score0.00772EPSS
Exploits0References2
Prion
Prion
added 2020/12/03 12:15 p.m.16 views

Cross site scripting

Cross-site scripting vulnerability in desknet's NEO desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

4.3CVSS6AI score0.00772EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/12/03 11:15 a.m.27 views

CVE-2020-5638

Cross-site scripting vulnerability in desknet's NEO desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier allows remote attackers to inject arbitrary script via unspecified vectors...

6.1AI score0.00772EPSS
Exploits0References2
CVE
CVE
added 2020/12/03 11:15 a.m.52 views

CVE-2020-5638

CVE-2020-5638 affects desknet’s NEO (Small License V5.5 R1.5 and earlier; Enterprise License V5.5 R1.5 and earlier). The issue is a stored cross-site scripting (CWE-79) that allows an attacker to execute arbitrary scripts in a logged-in user’s browser via unspecified vectors. The root cause, per ...

6.1CVSS6AI score0.00772EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/12/03 8:54 a.m.2 views

desknet's NEO vulnerable to cross-site scripting

Overview desknet's NEO provided by NEOJAPAN Inc. contains a stored cross-site scripting vulnerability CWE-79. Ryo Sato of BroadBand Security,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

6.1CVSS5.9AI score0.00772EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/12/03 12:0 a.m.48 views

JVN#42199826: desknet's NEO vulnerable to cross-site scripting

desknet's NEO provided by NEOJAPAN Inc. contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged-in user's web browser. Solution Update the software Update the software to the latest version according to the information provided by the...

6.1CVSS6AI score0.00772EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/09/01 3:36 a.m.2 views

desknet's NEO vulnerable to directory traversal

Overview desknet's NEO provided by NEOJAPAN Inc. contains a directory traversal CWE-22 vulnerability where it fails to verify html parameter in zhtml.cgi. Hiroyuki Yamashita of M Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4CVSS6.6AI score0.01557EPSS
Exploits0References5
Rows per page
Query Builder