Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
visam vbase web-remote - vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-7000
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated malicious user to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authent...
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
445
VMScore
CVE-2020-7008
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an malicious user to read arbitrary files from local resources.
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
409
VMScore
CVE-2020-10601
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and insecure permissions which may allow a local malicious user to bypass the password-protected mechanism through brute-force attacks, cracking techniques, or overwriting the password ha...
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote
668
VMScore
CVE-2020-10599
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code.
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
641
VMScore
CVE-2020-7004
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application.
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
NA
CVE-2021-38417
VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing.
Visam Vbase Web-remote 11.6.0.6
NA
CVE-2021-42537
VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Visam Vbase Web-remote 11.6.0.6
NA
CVE-2021-42535
VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.
Visam Vbase Web-remote 11.6.0.6
NA
CVE-2022-3217
When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials.
Visam Vbase 11.7.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started