4 results (0.009 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1

Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation. • https://github.com/allegro/bigflow/pull/357 https://lutrasecurity.com/en/articles/cve-2023-25392 • CWE-295: Improper Certificate Validation •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials. Allegro Windows versión 3.3.4152.0, inserta las credenciales de la base de datos del administrador del software en sus archivos binarios, lo que permite a usuarios acceder y modificar los datos usando las mismas credenciales • https://excellium-services.com/cert-xlm-advisory/CVE-2021-43978 https://www.allegro.be • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking. Se ha detectado un problema en Allegro Windows (anteriormente Popsy Windows) versiones anteriores a 3.3.4156.1. Un usuario estándar puede escalar privilegios a SYSTEM si el módulo FTP está instalado, debido al secuestro de DLL • http://www.popsy.com/Documents/Setups/Setup.Allegro.3.3.4154.2.exe https://excellium-services.com/cert-xlm-advisory/CVE-2021-42110 •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 1

Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request. • https://www.exploit-db.com/exploits/10237 http://archives.neohapsis.com/archives/bugtraq/2000-05/0398.html http://www.securityfocus.com/bid/1290 https://exchange.xforce.ibmcloud.com/vulnerabilities/4588 •