Lucene search
K

33 matches found

CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

COMMAX UMS Client ActiveX Control 缓冲区错误漏洞

COMMAX UMS Client ActiveX Control is a browser plug-in from the Korean company COMMAX. A buffer error vulnerability exists in COMMAX UMS Client ActiveX Control version 1.7.0.2, which stems from a heap buffer overflow issue in CNCCtrl.dll that could lead to the execution of arbitrary code...

8.7CVSS7.3AI score0.00425EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-30447

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00295EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-30444

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.0028EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-30446

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00941EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-30445

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00555EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:25 a.m.10 views

CVE-2022-25807

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...

5.5CVSS6.9AI score0.00295EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:8 a.m.6 views

CVE-2022-25806

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key...

8.8CVSS6.9AI score0.00941EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 p.m.11 views

CVE-2022-25804

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. Insecure permissions for the serverconfig registry key under JavaSoft\Prefs\de\igel\rm\config in HKEYLOCALMACHINE\SOFTWARE allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the U...

5.5CVSS6.7AI score0.0028EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:48 p.m.20 views

CVE-2022-25805

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. The transmission of cleartext LDAP bind credentials by the cmdmgtloadmgttree command allows an attacker who can intercept or inspect traffic between an authenticated UMS client and server to compromise those LDAP bind...

6.5CVSS6.9AI score0.00555EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/06/09 4:15 a.m.3 views

CVE-2022-25807

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...

5.5CVSS6.1AI score0.00295EPSS
Exploits1References3
OSV
OSV
added 2022/06/09 4:15 a.m.6 views

CVE-2022-25804

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. Insecure permissions for the serverconfig registry key under JavaSoft\Prefs\de\igel\rm\config in HKEYLOCALMACHINE\SOFTWARE allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the U...

5.5CVSS5.8AI score0.0028EPSS
Exploits1References2
NVD
NVD
added 2022/06/09 4:15 a.m.22 views

CVE-2022-25804

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. Insecure permissions for the serverconfig registry key under JavaSoft\Prefs\de\igel\rm\config in HKEYLOCALMACHINE\SOFTWARE allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the U...

5.5CVSS0.0028EPSS
Exploits1References2
OSV
OSV
added 2022/06/09 4:15 a.m.4 views

CVE-2022-25806

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key...

8.8CVSS5.8AI score0.00941EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/06/09 4:15 a.m.4 views

CVE-2022-25804

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. Insecure permissions for the serverconfig registry key under JavaSoft\Prefs\de\igel\rm\config in HKEYLOCALMACHINE\SOFTWARE allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the U...

5.5CVSS6.1AI score0.0028EPSS
Exploits1References3
NVD
NVD
added 2022/06/09 4:15 a.m.26 views

CVE-2022-25805

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. The transmission of cleartext LDAP bind credentials by the cmdmgtloadmgttree command allows an attacker who can intercept or inspect traffic between an authenticated UMS client and server to compromise those LDAP bind...

6.5CVSS0.00555EPSS
Exploits1References2
Prion
Prion
added 2022/06/09 4:15 a.m.15 views

Design/Logic Flaw

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. Insecure permissions for the serverconfig registry key under JavaSoft\Prefs\de\igel\rm\config in HKEYLOCALMACHINE\SOFTWARE allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the U...

2.1CVSS5.3AI score0.0028EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/09 12:45 a.m.34 views

CVE-2022-25805

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. The transmission of cleartext LDAP bind credentials by the cmdmgtloadmgttree command allows an attacker who can intercept or inspect traffic between an authenticated UMS client and server to compromise those LDAP bind...

6.7AI score0.00555EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/09 12:45 a.m.21 views

CVE-2022-25806

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key...

8.8AI score0.00941EPSS
Exploits1References2
CVE
CVE
added 2022/06/09 12:45 a.m.73 views

CVE-2022-25806

IGEL UMS 6.07.100 contains a hardcoded DES key in PrefDBCredentials, enabling an attacker who has obtained encrypted superuser credentials to decrypt them with a static 8-byte DES key. This affects IGEL Universal Management Suite and allows confidentiality/integrity/availability impact as describ...

8.8CVSS8.5AI score0.00941EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/09 12:45 a.m.32 views

CVE-2022-25807

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-byte DES key...

5.7AI score0.00295EPSS
Exploits1References2
Rows per page
Query Builder