16 matches found
EUVD-2020-17937
Malware in sbrugna...
EUVD-2020-17949
Malware in sbrugna...
EUVD-2020-17940
Malware in sbrugna...
EUVD-2020-17948
Malware in sbrugna...
CVE-2025-34153 Hyland OnBase < 17.0.2.87 .NET Remoting TCP Channel Unauthenticated RCE
Hyland OnBase versions prior to 17.0.2.87 other versions may be affected are vulnerable to unauthenticated remote code execution via insecure deserialization on the .NET Remoting TCP channel. The service registers a listener on port 6031 with the URI endpoint TimerServer, implemented in...
Hyland Software Hyland OnBase 安全漏洞
Hyland Software Hyland OnBase is a platform for presenting enterprise information management, processes from Hyland Software, Inc. A security vulnerability exists in Hyland Software Hyland OnBase versions prior to 17.0.2.87, which stems from improper deserialization of the .NET Remoting TCP...
CVE-2020-25255
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to cause a denial of service outage of connection-request processing via a long user ID, which triggers an excepti...
CVE-2020-25256
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. PKI certificates have a private key that is the same across different customers' installations...
CVE-2020-25247
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Directory traversal exists for writing to files, as demonstrated by the FileName parameter...
CVE-2020-25249
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. The server typically logs activity only when a client application specifies that logging is desired. This can be problematic for use cases in...
CVE-2020-25252
An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. CSRF can be used to log in a user, and then perform actions, because there are default credentials the wstinol password for the manag...
CVE-2020-25251
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client-side authentication is used for critical functions such as adding users or retrieving sensitive information...
CVE-2020-25250
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs...
CVE-2020-25257
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files...
CVE-2020-25258
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows attackers to transmit and execute bytecode in SOAP messages...
CVE-2020-25259
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses XML deserialization libraries in an unsafe manner...