Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2737

Malware in sbrugna...

7.5CVSS7.6AI score0.0244EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2738

Malware in sbrugna...

10CVSS9.5AI score0.0198EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-2739

Malware in sbrugna...

10CVSS9.5AI score0.01858EPSS
Exploits0References2
OSV
OSV
added 2019/08/22 3:15 p.m.4 views

CVE-2019-11030

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget contained in a serialized object may...

9.8CVSS7.3AI score0.0198EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 3:15 p.m.16 views

CVE-2019-11031

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. An attacker can upload files with a Setup-Files action, and then execute these files with SYSTEM privileges...

10CVSS9.6AI score0.01858EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 3:15 p.m.19 views

CVE-2019-11029

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This...

7.5CVSS7.5AI score0.0244EPSS
Exploits0References1
OSV
OSV
added 2019/08/22 3:15 p.m.4 views

CVE-2019-11029

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This...

7.5CVSS5.8AI score0.0244EPSS
Exploits0References1
NVD
NVD
added 2019/08/22 3:15 p.m.17 views

CVE-2019-11030

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget contained in a serialized object may...

10CVSS9.4AI score0.0198EPSS
Exploits0References1
Prion
Prion
added 2019/08/22 3:15 p.m.14 views

Directory traversal

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This...

5CVSS7.4AI score0.0244EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/08/22 3:15 p.m.15 views

Code injection

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. An attacker can upload files with a Setup-Files action, and then execute these files with SYSTEM privileges...

10CVSS9.5AI score0.01858EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/08/22 3:15 p.m.20 views

Deserialization of untrusted data

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget contained in a serialized object may...

10CVSS9.3AI score0.0198EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/22 2:52 p.m.20 views

CVE-2019-11031

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe. An attacker can upload files with a Setup-Files action, and then execute these files with SYSTEM privileges...

9.6AI score0.01858EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/22 2:51 p.m.19 views

CVE-2019-11030

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe. This method triggers insecure deserialization within the .NET garbage collector, in which a gadget contained in a serialized object may...

9.5AI score0.0198EPSS
Exploits0References1
CVE
CVE
added 2019/08/22 2:51 p.m.42 views

CVE-2019-11030

Mirasys VMS (before v7.6.1 and before v8.3.2) is affected by CVE-2019-11030 due to insecure deserialization in Mirasys.Common.Utils.Security.DataCrypt within Common.dll (AuditTrailService in SMServer.exe). The vulnerability allows execution of a gadget contained in a serialized object with SYSTEM...

10CVSS9.3AI score0.0198EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/22 2:49 p.m.43 views

CVE-2019-11029

CVE-2019-11029 affects Mirasys VMS before V7.6.1 and 8.x before V8.3.2. It arises from mishandling the Download() method of AutoUpdateService in SMServer.exe, enabling Directory Traversal via the ..\ path to enumerate and download files without authentication (e.g., SAM backups, Web.config). The ...

7.5CVSS7.4AI score0.0244EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/22 2:49 p.m.22 views

CVE-2019-11029

Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous authentication. This...

7.5AI score0.0244EPSS
Exploits0References1
Rows per page
Query Builder