Lucene search
+L

199 matches found

Prion
Prion
added 2022/12/06 4:15 p.m.16 views

Input validation

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

5.8CVSS6.9AI score0.00747EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/06 3:58 p.m.25 views

CVE-2022-38123 Insufficient validation of plugin files

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

8.7CVSS8.8AI score0.00747EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/06 3:58 p.m.10 views

CVE-2022-38123 Insufficient validation of plugin files

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0...

8.7CVSS8.6AI score0.00747EPSS
Exploits0References1
CVE
CVE
added 2022/12/06 3:58 p.m.54 views

CVE-2022-38123

CVE-2022-38123 affects Secomea GateManager prior to v10.0. The issue is due to improper input validation of plugin files in the Administrator Interface, allowing a server administrator to inject code into the GateManager interface. Documents consistently identify the affected product/versions and...

8.7CVSS7.2AI score0.00747EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/06 12:0 a.m.6 views

PT-2022-24217 · Secomea · Secomea Gatemanager

Name of the Vulnerable Software and Affected Versions: Secomea GateManager versions prior to 10.0 Description: The issue is related to improper input validation of plugin files in the Administrator Interface of Secomea GateManager, allowing a server administrator to inject code into the GateManag...

8.7CVSS6.9AI score0.00747EPSS
Exploits0References4
CNVD
CNVD
added 2022/05/07 12:0 a.m.36 views

Secomea GateManager Insufficient Privilege Vulnerability

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in versions prior to Secomea GateManager 9.7, which stems from improper handling of permissions in Secomea GateManager's Web UI, and could be exploited to allow logged-in users to...

5.5CVSS4AI score0.00466EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.20 views

Secomea GateManager Cross-Site Scripting Vulnerability (CNVD-2022-38151)

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerabilities exist in versions prior to Secomea GateManager 9.7, which can be exploited by attackers to inject javascript or html into a logged-in user session...

6.1CVSS2.6AI score0.00462EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.46 views

Secomea GateManager Insufficient Logging Vulnerability

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerabilities exist in versions prior to Secomea GateManager 9.7, which could be exploited by attackers to allow logged-in users to issue incorrect queries without being logged in...

4.3CVSS5.7AI score0.00584EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.35 views

Secomea GateManager Information Disclosure Vulnerability (CNVD-2022-38149)

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in versions prior to Secomea GateManager 9.7, which stems from the exposure of information in Secomea GateManager's Web UI, and could be exploited by an attacker to allow logged-in...

4.3CVSS3.8AI score0.00584EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.25 views

Secomea GateManager has an unspecified vulnerability

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerabilities exist in versions prior to Secomea GateManager 9.7, which could be exploited to allow logged-in users to write text entries in the audit log...

4.3CVSS4.6AI score0.00517EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.25 views

Secomea GateManager Information Disclosure Vulnerability

Secomea GateManager is a remote access server product from the Danish company Secomea. security vulnerability exists in all versions of Secomea GateManager prior to 9.7. The vulnerability stems from the exposure of query string information in GET requests of the LMM API, which could be exploited ...

7.5CVSS3.4AI score0.00232EPSS
Exploits0References1
OSV
OSV
added 2022/05/04 2:15 p.m.7 views

CVE-2022-25780

Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope...

4.3CVSS5.8AI score0.00584EPSS
Exploits0References1
OSV
OSV
added 2022/05/04 2:15 p.m.5 views

CVE-2022-25783

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7...

4.3CVSS5.8AI score0.00584EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.20 views

CVE-2022-25787

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7...

7.5CVSS0.00232EPSS
Exploits0References1
OSV
OSV
added 2022/05/04 2:15 p.m.4 views

CVE-2022-25781

Cross-site Scripting XSS vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session...

6.1CVSS5.8AI score0.00462EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.26 views

CVE-2022-25783

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7...

4.3CVSS0.00584EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.24 views

CVE-2022-25778

Cross-Site Request Forgery CSRF vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session...

8.8CVSS0.00262EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.20 views

CVE-2022-25780

Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope...

4.3CVSS0.00584EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.16 views

CVE-2022-25779

Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit log. This issue affects: Secomea GateManager versions prior to 9.7...

4.3CVSS0.00517EPSS
Exploits0References1
NVD
NVD
added 2022/05/04 2:15 p.m.20 views

CVE-2022-25781

Cross-site Scripting XSS vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session...

6.1CVSS0.00462EPSS
Exploits0References1
Rows per page
Query Builder