CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-50440
https://notcve.org/view.php?id=CVE-2023-50440
13 Dec 2023 — ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include ... • https://www.primx.eu/en/bulletins/security-bulletin-23B30931 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50442
https://notcve.org/view.php?id=CVE-2023-50442
13 Dec 2023 — Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker (with appropriate privileges) so that specific file types are excluded from encryption temporarily. (This modification can, however, be detected, as described in the Administrator Guide.) Un atacante local (con los privilegios adecuados) puede modificar las carpetas cifradas creadas por PRIMX ZONECENTRAL hasta 2023.5 para que tipos de archivos específicos queden excluidos del cifrado temporalmente. (Sin embargo... • https://www.primx.eu/en/bulletins/security-bulletin-23B30933 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-50444
https://notcve.org/view.php?id=CVE-2023-50444
13 Dec 2023 — By default, .ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; and ZED! for Windows, Mac, Linux before 2023.5 include an encrypted version of sensitive user information, which could allow an unauthenticated attacker to obtain it via brute force. D... • https://www.primx.eu/en/bulletins/security-bulletin-23B30874 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-50439
https://notcve.org/view.php?id=CVE-2023-50439
13 Dec 2023 — ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission), ZED! for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission), ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows before 2023.5 disclose the original path in which the containers were created, which allows an unauthenticated attacker to obtain some information regarding the context of use (project name, etc.). Contenedore... • https://www.primx.eu/en/bulletins/security-bulletin-23B30930 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50441
https://notcve.org/view.php?id=CVE-2023-50441
13 Dec 2023 — Encrypted folders created by PRIMX ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission) or ZONECENTRAL for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which folders are opened. Un atacante no autenticado puede modificar las carpetas cifradas creadas por PRIMX ZONECENTRAL para Windows antes de Q.2021.2 (envío de calificación ANSSI) o ZONECENTRAL para Windows antes de 202... • https://www.primx.eu/en/bulletins/security-bulletin-23B3093A •
CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2019-7312
https://notcve.org/view.php?id=CVE-2019-7312
03 Feb 2019 — Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of... • https://www.primx.eu/en/bulletins/security-bulletin-19110545 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-19279
https://notcve.org/view.php?id=CVE-2018-19279
14 Nov 2018 — PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater. PRIMX ZoneCentral en versiones anteriores a la 6.1.2236 en Windows a veces filtra el texto plano de los archivos NTFS. En dispositivos que no son SSD, esto se limita a un periodo de 5 segundos y a archivos de menos de 600 bytes. • https://www.primx.eu/en/security-18a10338 • CWE-312: Cleartext Storage of Sensitive Information •