Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kofax vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-5294
The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in LTCML14n.dll 14.0.0.34 in Kofax e-Transactions Sender Sendbox 2.5.0.933 allows remote malicious users to write to arbitrary files via a pathname in the first argument.
Kofax Kofax E-transactions Sender Sendbox 2.5.0.933
8.1
CVSSv3
CVE-2022-25090
Printix Secure Cloud Print Management up to and including 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition.
Kofax Printix
1 Github repository
9.8
CVSSv3
CVE-2022-25089
Printix Secure Cloud Print Management up to and including 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData.
Kofax Printix
3 Github repositories
5.4
CVSSv3
CVE-2023-5118
The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. This allows for the injecti...
Tungstenautomation Kofax Capture
4.9
CVSSv3
CVE-2018-17287
In Kofax Front Office Server Administration Console 4.1.1.11.0.5212, some fields, such as passwords, are obfuscated in the front-end, but the cleartext value can be exfiltrated by using the back-end "download" feature, as demonstrated by an mfp.password downloadsettingv...
Kofax Front Office Server 4.1.1.11.0.5212
6.5
CVSSv3
CVE-2018-17289
An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration (.ZIP file) within the Kofax/KFS/Admin/Package...
Kofax Front Office Server 4.1.1.11.0.5212
5.4
CVSSv3
CVE-2018-17288
Kofax Front Office Server version 4.1.1.11.0.5212 (both Thin Client and Administration Console) suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - (Thin Client) or (2) "DeviceName&...
Kofax Front Office Server 4.1.1.11.0.5212
NA
CVE-2023-38088
Kofax Power PDF printf Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the targe...
NA
CVE-2023-38091
Kofax Power PDF response Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...
NA
CVE-2023-37330
Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that t...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »