NotCVE - vendor:"Openvpn" product:"Connect" version:" >= 3.2.0 <= 3.3.0"

Page 4 of 43 results (0.008 seconds)

CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0

CVE-2017-11287

https://notcve.org/view.php?id=CVE-2017-11287

09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Cross-Site Scripting reflejado que podría desembocar en una divulgación de información. • http://www.securityfocus.com/bid/101838 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0

CVE-2017-11289

https://notcve.org/view.php?id=CVE-2017-11289

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2017-11291

https://notcve.org/view.php?id=CVE-2017-11291

09 Dec 2017 — An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls. Se ha descubierto un problema en Adobe Connect 9.6.2 y anteriores. Existe una vulnerabilidad de Server-Side Request Forgery (SSRF) que podría ser aprovechada para omitir los controles de acceso a la red. • http://www.securityfocus.com/bid/101838 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0

CVE-2017-3102

https://notcve.org/view.php?id=CVE-2017-3102

14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting reflejado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting reflejado. • http://www.securityfocus.com/bid/99517 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0

CVE-2017-3101

https://notcve.org/view.php?id=CVE-2017-3101

14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability. Successful exploitation could lead to a clickjacking attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de secuestro de cliqueo. Una explotación con éxito podría conllevar a un ataque de secuestro de cliqueo. • http://www.securityfocus.com/bid/99521 •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-3103

https://notcve.org/view.php?id=CVE-2017-3103

14 Jul 2017 — Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to a stored cross-site scripting attack. Adobe Connect versiones 9.6.1 y anteriores, presenta una vulnerabilidad de tipo cross-site scripting almacenado. Una explotación con éxito podría conllevar a un ataque de tipo cross-site scripting (XSS) almacenado. • http://www.securityfocus.com/bid/99518 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 9%CPEs: 1EXPL: 1

CVE-2016-7851 – Adobe Connect 9.5.7 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2016-7851

08 Nov 2016 — Adobe Connect version 9.5.6 and earlier does not adequately validate input in the events registration module. This vulnerability could be exploited in cross-site scripting attacks. Adobe Connect versión 9.5.6 y versiones anteriores no valida adecuadamente entradas en el módulo de registro de eventos. Esta vulnerabilidad puede ser explotada en ataques de XSS. • https://www.exploit-db.com/exploits/40742 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-4118

https://notcve.org/view.php?id=CVE-2016-4118

30 May 2016 — Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. Vulnerabilidad de ruta de búsqueda no fiable en el instalador en Adobe Connect Add-In en versiones anteriores a la 11.9.976.291 en Windows permite que usuarios locales obtengan privilegios mediante vectores sin especificar. • http://www.securityfocus.com/bid/90815 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-0948

https://notcve.org/view.php?id=CVE-2016-0948

10 Feb 2016 — Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad de CSRF en Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos secuestrar la autenticación de víctimas no especificadas a través de vectores desconocidos. • http://www.securitytracker.com/id/1034978 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-0950

https://notcve.org/view.php?id=CVE-2016-0950

10 Feb 2016 — Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors. Adobe Connect en versiones anteriores a 9.5.2 permite a atacantes remotos suplantar la interfaz de usuario a través de vectores no especificados. • http://www.securitytracker.com/id/1034978 • CWE-20: Improper Input Validation CWE-254: 7PK - Security Features •

1 2 3 4 5