EUVD-2019-15831

Malware in sbrugna...

Cordaware bestinformed 安全漏洞

Cordaware bestinformed is a mass notification system from Cordaware, Germany. A security vulnerability exists in Cordaware bestinformed that stems from improper input cleanup, leading to a stored cross-site scripting attack that could hijack an elevated privilege session...

Cordaware bestinformed 安全漏洞

Cordaware bestinformed is a mass notification system from Cordaware, Germany. A security vulnerability exists in Cordaware bestinformed that stems from improper input cleanup and vulnerability to stored cross-site scripting attacks...

Cordaware bestinformed 安全漏洞

Cordaware bestinformed is a mass notification system from Cordaware, Germany. A security vulnerability exists in Cordaware bestinformed that stems from a script variable execution issue that allows an authenticated user to remotely execute code...

Cordaware bestinformed 安全漏洞

Cordaware bestinformed is a mass notification system from Cordaware, Germany. A security vulnerability exists in Cordaware bestinformed that stems from a server address modification permission issue that could result in local privileges being elevated to SYSTEM...

cordaware.com Cross Site Scripting vulnerability OBB-3904690

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cordaware bestinformed Windows client arbitrary command execution and elevation of privilege vulnerability

Cordaware bestinformed is a mass notification system from the German company Cordaware. A security vulnerability exists in the Scripting and AutoUpdate features in the Cordaware bestinformed Microsoft Windows client prior to version 6.2.1.0. A remote attacker could exploit the vulnerability to...

Cordaware bestinformed has an unspecified vulnerability.

Cordaware bestinformed is a mass notification system from the German company Cordaware. A security vulnerability exists in the Cordaware bestinformed Windows client prior to version 6.2.1.0, which stems from an insecure SSL certificate inspection and access mode. A remote attacker could exploit t...

CVE-2019-6265

The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges...

CVE-2019-6266

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...

CVE-2019-6266

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...

CVE-2019-6265

The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges...

Code injection

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...

Command injection

The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges...

CVE-2019-6265

The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges...

CVE-2019-6265

The CVE-2019-6265 vulnerability affects Cordaware bestinformed the Windows client prior to version 6.2.1.0, in the Scripting and AutoUpdate functionality. The root cause is described as insecure implementations within these features, enabling a remote attacker to execute arbitrary commands and es...

CVE-2019-6266

CVE-2019-6266 affects Cordaware bestinformed for Windows prior to version 6.2.1.0. Public sources describe insecure SSL certificate verification and insecure access patterns, which can allow remote attackers to downgrade encrypted connections to cleartext. Related CNVD entries for the same produc...

CVE-2019-6266

Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...