EUVD-2020-18466

Malware in sbrugna...

CVE-2024-45167

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45165

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "c2007 UCI Software GmbH B.Boll" without quotes. The key is both static and hardcoded. With access to messages, this results...

CVE-2024-45166

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45168

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable...

CVE-2024-45169

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2020-25833

Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack...

CVE-2012-6349

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W...

CVE-2024-45169

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45169

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45168

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable...

CVE-2024-45168

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable...

CVE-2024-45167

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45167

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45166

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-45165

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "c2007 UCI Software GmbH B.Boll" without quotes. The key is both static and hardcoded. With access to messages, this results...

CVE-2024-45165

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "c2007 UCI Software GmbH B.Boll" without quotes. The key is both static and hardcoded. With access to messages, this results...

UCI IDOL 2 安全漏洞

UCI IDOL 2 IDOL2,uciIDOL is a management system from UCI Inc. to optimize the company's business processes as well as increase productivity. A security vulnerability exists in UCI IDOL 2 version 2.12 and prior versions that stems from improper input validation, improper deserialization, and...

CVE-2024-45165

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Data is sent between client and server with encryption. However, the key is derived from the string "c2007 UCI Software GmbH B.Boll" without quotes. The key is both static and hardcoded. With access to messages, this results...

CVE-2024-45167

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...