CVE-2025-27244
- EPSS 0.19%
- Veröffentlicht 02.04.2025 04:15:35
- Zuletzt bearbeitet 02.04.2025 14:58:07
AssetView and AssetView CLOUD contain an issue with acquiring sensitive information from sent data to the developer. If exploited, sensitive information may be obtained by a remote unauthenticated attacker.
CVE-2025-25060
- EPSS 0.23%
- Veröffentlicht 02.04.2025 04:15:34
- Zuletzt bearbeitet 02.04.2025 14:58:07
Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the product is running may be obtained and/or deleted by a remote unauthenticated attacker.
CVE-2022-28719
- EPSS 7.01%
- Veröffentlicht 28.04.2022 09:15:08
- Zuletzt bearbeitet 21.11.2024 06:57:48
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in ...
CVE-2017-2240
- EPSS 0.76%
- Veröffentlicht 17.07.2017 13:18:22
- Zuletzt bearbeitet 20.04.2025 01:37:25
Directory traversal vulnerability in AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to read arbitrary files via "File Transfer Web Service".
CVE-2017-2241
- EPSS 0.31%
- Veröffentlicht 17.07.2017 13:18:22
- Zuletzt bearbeitet 20.04.2025 01:37:25
SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to execute arbitrary SQL commands via "File Transfer Web Service".