CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-25392
https://notcve.org/view.php?id=CVE-2023-25392
10 Apr 2023 — Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation. • https://github.com/allegro/bigflow/pull/357 • CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43978
https://notcve.org/view.php?id=CVE-2021-43978
08 Dec 2021 — Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials. Allegro Windows versión 3.3.4152.0, inserta las credenciales de la base de datos del administrador del software en sus archivos binarios, lo que permite a usuarios acceder y modificar los datos usando las mismas credenciales • https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42110
https://notcve.org/view.php?id=CVE-2021-42110
08 Dec 2021 — An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking. Se ha detectado un problema en Allegro Windows (anteriormente Popsy Windows) versiones anteriores a 3.3.4156.1. Un usuario estándar puede escalar privilegios a SYSTEM si el módulo FTP está instalado, debido al secuestro de DLL • http://www.popsy.com/Documents/Setups/Setup.Allegro.3.3.4154.2.exe •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 1CVE-2000-0470 – Allegro RomPager 2.10 - URL Request Denial of Service
https://notcve.org/view.php?id=CVE-2000-0470
01 Jun 2000 — Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request. • https://www.exploit-db.com/exploits/10237 •