Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
visam vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-10599
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code.
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
7.8
CVSSv3
CVE-2020-10601
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and insecure permissions which may allow a local malicious user to bypass the password-protected mechanism through brute-force attacks, cracking techniques, or overwriting the password ha...
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote
8.8
CVSSv3
CVE-2020-7004
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application.
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
7.5
CVSSv3
CVE-2020-7000
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated malicious user to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authent...
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
7.5
CVSSv3
CVE-2020-7008
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an malicious user to read arbitrary files from local resources.
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
5.5
CVSSv3
CVE-2022-45876
Versions of VISAM VBASE Automation Base before 11.7.5 may disclose information if a valid user opens a specially crafted file.
Visam Vbase
7.5
CVSSv3
CVE-2022-3217
When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials.
Visam Vbase 11.7.0.2
5.5
CVSSv3
CVE-2022-45121
Versions of VISAM VBASE Automation Base before 11.7.5 may disclose information if a valid user opens a specially crafted file.
Visam Vbase Automation Base
5.5
CVSSv3
CVE-2022-46286
Versions of VISAM VBASE Automation Base before 11.7.5 may disclose information if a valid user opens a specially crafted file.
Visam Vbase Automation Base
5.5
CVSSv3
CVE-2022-46300
Versions of VISAM VBASE Automation Base before 11.7.5 may disclose information if a valid user opens a specially crafted file.
Visam Vbase Automation Base
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »