Lucene search
K
YsoftSafeq

4 matches found

CVE
CVE
added 2022/09/06 8:32 p.m.116 views

CVE-2022-38176

YSoft SAFEQ 6 before 6.0.72 contains an installer privilege issue for the Client V3 services. The root cause is incorrect privileges configured in the installer package, enabling local privilege escalation by overwriting the executable via an alternate data stream. Impact is local, with high conf...

7.8CVSS7.8AI score0.00362EPSS
CVE
CVE
added 2021/07/14 4:38 p.m.76 views

CVE-2021-31859

CVE-2021-31859 affects YSoft SafeQ 6 MU55 FlexiSpooler (version 6.0.55). The vulnerability is described as incorrect privileges in the MU55 FlexiSpooler service that enables local privilege escalation by overwriting the executable file via an alternate data stream. The available documents confirm...

7.8CVSS7.7AI score0.00316EPSS
CVE
CVE
added 2024/10/22 12:0 a.m.56 views

CVE-2022-23861

CVE-2022-23861 affects YSoft SAFEQ 6 Build 53. The vulnerability is Multiple Stored Cross-Site Scripting (XSS) in the SafeQ web interface, caused by lack of output sanitization in multiple input fields, allowing arbitrary JavaScript execution for users accessing the web UI. Connected sources corr...

6.1CVSS6AI score0.00478EPSS
CVE
CVE
added 2024/10/22 12:0 a.m.53 views

CVE-2022-23862

CVE-2022-23862 affects Y Soft SAFEQ 6 Build 53. The SafeQ JMX service on port 9696 is vulnerable to JMX MLet attacks because authentication was not enforced and the service ran under NT AUTHORITY\System, enabling an attacker to execute arbitrary code and escalate to SYSTEM locally. Public PoC and...

8.4CVSS8AI score0.00487EPSS