Lucene search
K

140 matches found

NVD
NVD
added 2020/09/11 3:15 a.m.17 views

CVE-2020-25258

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows attackers to transmit and execute bytecode in SOAP messages...

9.8CVSS0.01518EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25259

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses XML deserialization libraries in an unsafe manner...

9.8CVSS7.3AI score0.01421EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25249

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. The server typically logs activity only when a client application specifies that logging is desired. This can be problematic for use cases in...

5.3CVSS5.8AI score0.00824EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.11 views

CVE-2020-25253

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by the TableName, ColumnName, Name, UserId, or Password parameter...

9.8CVSS0.01065EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.1 views

CVE-2020-25254

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by TestConnectionLocalOrLinkedServer, CreateFilterFriendlyView, or AddWorkViewLinkedServer...

9.8CVSS7.3AI score0.0152EPSS
Exploits0References3
OSV
OSV
added 2020/09/11 3:15 a.m.3 views

CVE-2020-25253

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by the TableName, ColumnName, Name, UserId, or Password parameter...

9.8CVSS7.3AI score0.01065EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25252

An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. CSRF can be used to log in a user, and then perform actions, because there are default credentials the wstinol password for the manag...

8.8CVSS7.3AI score0.00509EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.16 views

CVE-2020-25248

An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Directory traversal exists for reading files, as demonstrated by the FileName parameter...

7.5CVSS0.02099EPSS
Exploits0References3
NVD
NVD
added 2020/09/11 3:15 a.m.20 views

CVE-2020-25252

An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. CSRF can be used to log in a user, and then perform actions, because there are default credentials the wstinol password for the manag...

8.8CVSS0.00509EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.5 views

CVE-2020-25250

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs...

7.5CVSS7.2AI score0.00908EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.10 views

CVE-2020-25254

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by TestConnectionLocalOrLinkedServer, CreateFilterFriendlyView, or AddWorkViewLinkedServer...

9.8CVSS0.0152EPSS
Exploits0References3
OSV
OSV
added 2020/09/11 3:15 a.m.3 views

CVE-2020-25251

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client-side authentication is used for critical functions such as adding users or retrieving sensitive information...

9.1CVSS7.3AI score0.01216EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.4 views

CVE-2020-25256

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. PKI certificates have a private key that is the same across different customers' installations...

9.1CVSS7.3AI score0.00633EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.22 views

CVE-2020-25250

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs...

7.5CVSS0.00908EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.19 views

CVE-2020-25247

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Directory traversal exists for writing to files, as demonstrated by the FileName parameter...

7.5CVSS0.015EPSS
Exploits0References2
NVD
NVD
added 2020/09/11 3:15 a.m.16 views

CVE-2020-25249

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. The server typically logs activity only when a client application specifies that logging is desired. This can be problematic for use cases in...

5.3CVSS0.00824EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.21 views

CVE-2020-25255

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to cause a denial of service outage of connection-request processing via a long user ID, which triggers an excepti...

7.5CVSS0.0148EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.2 views

CVE-2020-25257

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files...

9.8CVSS5.9AI score0.01212EPSS
Exploits0References1
NVD
NVD
added 2020/09/11 3:15 a.m.21 views

CVE-2020-25251

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client-side authentication is used for critical functions such as adding users or retrieving sensitive information...

9.1CVSS0.01216EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 3:15 a.m.4 views

CVE-2020-25247

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Directory traversal exists for writing to files, as demonstrated by the FileName parameter...

7.5CVSS7.1AI score0.015EPSS
Exploits0References2
Rows per page
Query Builder