Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wibu codemeter vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4057
Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other versions prior to 4.40 allows remote malicious users to cause a denial of service (CodeMeter.exe crash) via certain crafted packets to TCP port 22350.
Wibu Codemeter Runtime 4.10b
Wibu Codemeter Runtime
Wibu Codemeter Runtime 4.20a
Wibu Codemeter Runtime 4.30c
NA
CVE-2011-3689
Cross-site scripting (XSS) vulnerability in Licenses.html in Wibu-Systems CodeMeter WebAdmin 3.30 and 4.30 allows remote malicious users to inject arbitrary web script or HTML via the BoxSerial parameter.
Wibu Codemeter Webadmin 3.30
Wibu Codemeter Webadmin 4.30
7.5
CVSSv3
CVE-2020-14515
CodeMeter (All versions before 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows malicious users to build arbitrary license files, including forging a valid license file as if it were...
Wibu Codemeter
9.8
CVSSv3
CVE-2020-14509
Multiple memory corruption vulnerabilities exist in CodeMeter (All versions before 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities.
Wibu Codemeter
7.5
CVSSv3
CVE-2020-14513
CodeMeter (All versions before 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields.
Wibu Codemeter
9.8
CVSSv3
CVE-2020-14517
Protocol encryption can be easily broken for CodeMeter (All versions before 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an malicious user to remotely communicate wi...
Wibu Codemeter
7.5
CVSSv3
CVE-2020-14519
This vulnerability allows an malicious user to use the internal WebSockets API for CodeMeter (All versions before 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. This is especially relevant for systems or devices where a web brows...
Wibu Codemeter
5.4
CVSSv3
CVE-2017-13754
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter prior to 6.50b allows remote malicious users to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.ht...
Wibu Codemeter
1 EDB exploit
7.5
CVSSv3
CVE-2020-16233
An attacker could send a specially crafted packet that could have CodeMeter (All versions before 7.10) send back packets containing data from the heap.
Wibu Codemeter
NA
CVE-2014-8419
Wibu-Systems CodeMeter Runtime prior to 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.
Wibu Codemeter Runtime
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »