Lucene search
+L

16 matches found

euvd
euvd
added 2025/12/02 3:30 p.m.4 views

EUVD-2025-200244

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

6.9CVSS6.3AI score0.00187EPSS
Exploits0References3
nvd
nvd
added 2025/12/02 2:16 p.m.6 views

CVE-2025-41086

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

6.9CVSS0.00187EPSS
Exploits0References2
osv
osv
added 2025/12/02 2:16 p.m.5 views

CVE-2025-41086

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

6.5CVSS5.8AI score0.00187EPSS
Exploits0References2
cve
cve
added 2025/12/02 1:22 p.m.18 views

CVE-2025-41086

The CVE-2025-41086 affects GAMS licensing: the licensing system validator uses an insecure checksum algorithm, allowing an attacker who knows the checksum method and license-line format to recompute a valid checksum and forge licenses. This enables unlimited valid licenses, bypassing usage restri...

6.9CVSS6.5AI score0.00187EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2025/12/02 1:22 p.m.3 views

CVE-2025-41086 Authorization bypass in GAMS from GAMS Development Corp.

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

6.9CVSS6.5AI score0.00187EPSS
Exploits0References2
cnnvd
cnnvd
added 2025/12/02 12:0 a.m.8 views

AMS Development GAMS 安全漏洞

AMS Development GAMS is an algebraic modeling system from AMS Development India. AMS Development GAMS suffers from a security vulnerability that stems from checksums and the use of insecure algorithms that could lead to the generation of an unlimited valid license...

6.9CVSS6.6AI score0.00187EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/12/02 12:0 a.m.9 views

PT-2025-48685

Name of the Vulnerable Software and Affected Versions GAMS affected versions not specified Description A flaw exists in the access control system of the GAMS licensing system that permits the creation of an unlimited number of valid licenses, circumventing usage limitations. The system employs an...

6.9CVSS5.9AI score0.00187EPSS
Exploits0References6
redhatcve
redhatcve
added 2025/05/22 9:50 p.m.8 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.8CVSS7.4AI score0.01133EPSS
Exploits1References1
nvd
nvd
added 2022/04/04 6:15 p.m.25 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.8CVSS0.01133EPSS
Exploits1References1
osv
osv
added 2022/04/04 6:15 p.m.7 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.8CVSS7.3AI score
Exploits0References1
attackerkb
attackerkb
added 2022/04/04 6:15 p.m.5 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.8CVSS5.4AI score0.01133EPSS
Exploits1References2
prion
prion
added 2022/04/04 6:15 p.m.12 views

Design/Logic Flaw

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

5CVSS9.5AI score0.01133EPSS
Exploits1References1Affected Software1
cve
cve
added 2022/04/04 5:23 p.m.93 views

CVE-2022-25569

The CVE-2022-25569 issue affects Bettini Srl GAMS Product Line v4.3.0, where the product reuses static SSH keys across installations, enabling unauthenticated attackers to log in as root by extracting a key from the software. This is described in multiple connected records as a static SSH key reu...

9.8CVSS9.4AI score0.01133EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2022/04/04 5:23 p.m.34 views

CVE-2022-25569

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across installations, allowing unauthenticated attackers to login as root users via extracting a key from the software...

9.7AI score0.01133EPSS
Exploits1References1
osv
osv
added 2020/12/04 4:47 p.m.7 views

GHSA-7WWV-VH3V-89CQ ReDOS vulnerabities: multiple grammars

Impact: Potential ReDOS vulnerabilities exponential and polynomial RegEx backtracking oswasp: The Regular expression Denial of Service ReDoS is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very...

6AI score
Exploits0References4
openbugbounty
openbugbounty
added 2020/10/15 1:47 p.m.8 views

gams-shop.com Cross Site Scripting vulnerability OBB-1411454

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Rows per page
Query Builder