Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hyland vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-3855
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
Hyland Perceptive Document Filters 11.4.0.2647
Hyland Perceptive Document Filters 11.2.0.1732
5.3
CVSSv3
CVE-2022-23342
The Hyland Onbase Application Server releases before 20.3.58.1000 and OnBase releases 21.1.1.1000 up to and including 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users...
Hyland Onbase
1 Github repository
7.5
CVSSv3
CVE-2020-25247
An issue exists in Hyland OnBase up to and including 18.0.0.32 and 19.x up to and including 19.8.9.1000. Directory traversal exists for writing to files, as demonstrated by the FileName parameter.
Hyland Onbase
7.5
CVSSv3
CVE-2020-25250
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. Client applications can write arbitrary data to the server logs.
Hyland Onbase
9.8
CVSSv3
CVE-2020-25253
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by the TableName, ColumnName, Name, UserId, or Password parameter.
Hyland Onbase
9.8
CVSSv3
CVE-2020-25254
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by TestConnection_LocalOrLinkedServer, CreateFilterFriendlyView, or AddWorkViewLinkedServer...
Hyland Onbase
7.5
CVSSv3
CVE-2020-25255
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote malicious users to cause a denial of service (outage of connection-request processing) via a long user ID, which tr...
Hyland Onbase
9.1
CVSSv3
CVE-2020-25256
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. PKI certificates have a private key that is the same across different customers' installations.
Hyland Onbase
9.8
CVSSv3
CVE-2020-25257
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files.
Hyland Onbase
9.8
CVSSv3
CVE-2020-25258
An issue exists in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It uses ASP.NET BinaryFormatter.Deserialize in a manner that allows malicious users to transmit and execute bytecode in SOAP message...
Hyland Onbase
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »