15 matches found
CVE-2025-54339
CVE-2025-54339 concerns Desktop Alert PingAlert. Multiple connected sources confirm an Incorrect/Improper Access Control vulnerability in the application's server component, affecting PingAlert 6.1.0.11–6.1.1.2 and enabling remote escalation of privileges. The public details specify the issue and...
CVE-2025-54348
CVE-2025-54348 affects Desktop Alert PingAlert, specifically the Application Server, with versions 6.1.0.11–6.1.1.2 vulnerable to Stored XSS due to inadequate filtering/escaping of user input. The flaw can allow an attacker to hijack a user’s browser and capture sensitive information. Public sour...
CVE-2025-54347
CVE-2025-54347 affects Desktop Alert PingAlert application server versions 6.1.0.11–6.1.1.2, with a Directory Traversal vulnerability that allows writing arbitrary files under certain conditions. The CVSS3.1 base score is 9.9 (Network, Privileges Low, User Interaction None, Scope Changed; Impact:...
CVE-2025-54338
CVE-2025-54338 affects Desktop Alert PingAlert (Application Server) with an Incorrect Access Control flaw in versions 6.1.0.11–6.1.1.2, allowing disclosure of user hashes. Root cause: improper access control in the Application Server. Impact: potential exposure of user credential material. CVSSv3...
CVE-2025-54345
CVE-2025-54345 affects Desktop Alert PingAlert, with vulnerable versions 6.1.0.11–6.1.1.2. The issue is in the Application Server and leads to sensitive information being exposed to an unauthorized actor. The connected documents confirm the vulnerability impact as information disclosure and cite ...
CVE-2025-54562
CVE-2025-54562 affects Desktop Alert PingAlert, specifically the Application Server in versions 6.1.0.11–6.1.1.2, where a stack trace can disclose technical information, impacting confidentiality. Multiple connected sources corroborate this, including Red Hat and PT-Research entries that specify ...
CVE-2025-54563
CVE-2025-54563 affects Desktop Alert PingAlert, with the Application Server vulnerable to an Incorrect Access Control flaw in versions 6.1.0.11–6.1.1.2, leading to remote information disclosure. The NVD/CERT-style metrics show CVSS v3.1 base score 7.5 (HIGH), attack vector NETWORK, attack complex...
CVE-2025-54340
CVE-2025-54340 affects Desktop Alert PingAlert software, specifically the Application Server components in versions 6.1.0.11 through 6.1.1.2. The vulnerability is described as a Broken or Risky Cryptographic Algorithm, with an impact on confidentiality and a CVSSv3.1 base score of 4.1 (Medium). T...
CVE-2025-54560
Desktop Alert PingAlert has a Server-Side Request Forgery in its Application Server, affecting versions 6.1.0.11 through 6.1.1.2. The issue stems from insufficient authentication to verify request origin and can be used to probe internal infrastructure. Impact details from CVE notes indicate limi...
CVE-2025-54561
CVE-2025-54561 affects Desktop Alert PingAlert Application Server (versions 6.1.0.11–6.1.1.2). The vulnerability is an Improper Access Control caused by a Broken Authorization Schema that allows remote access to content without proper permissions. Impact is remote access to unauthorized content; ...
CVE-2025-54343
CVE-2025-54343 affects Desktop Alert PingAlert (Application Server) versions 6.1.0.11–6.1.1.2. The vulnerability is described as an Incorrect/ improper Access Control that enables remote Escalation of Privileges. Exploitation details are not consistently provided across sources, but multiple feed...
CVE-2025-54559
CVE-2025-54559 affects Desktop Alert PingAlert, with vulnerable versions 6.1.0.11 through 6.1.1.2. The issue is in the Application Server and is a path traversal vulnerability that allows loading arbitrary external content because the program fails to properly filter elements in the path of a res...
CVE-2025-54342
Desktop Alert PingAlert has a vulnerability in its Application Server affecting versions 6.1.0.11–6.1.1.2, caused by policy incompatibility that leads to exposure of sensitive information. The CVE description and connected sources confirm an information disclosure issue with local access, low com...
CVE-2025-54346
CVE-2025-54346 pertains to Desktop Alert PingAlert. The connected PT-2025-46983 entry confirms a Reflected Cross-Site Scripting (XSS) vulnerability in the Application Server affecting PingAlert versions 6.1.0.11 through 6.1.1.2 . The flaw enables injection of malicious scripts via crafted request...
CVE-2025-54341
Summary: CVE-2025-54341 affects the Desktop Alert PingAlert Application Server. The vulnerability is due to hard-coded configuration values in PingAlert versions 6.1.0.11 through 6.1.1.2 . Several sources (NVD, EUVD, Red Hat, CNNVD, CVE listings) corroborate this issue. The provided data does not...