CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2014-5359
https://notcve.org/view.php?id=CVE-2014-5359
16 Dec 2014 — Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (dot dot) in the GetFile parameter to owa/owa. Vulnerabilidad de salto de directorio en SafeNet Authentication Service (SAS) Outlook Web Access Agent (anteriormente CRYPTOCard) anterior a 1.03.30109 permite a atacantes remotos leer ficheros arbitrarios a través de un .. (punto punto) en el parámetro GetFile en owa/... • http://appcheck-ng.com/safenet-sas-owa-agent-directory-traversal-vulnerability • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5872
https://notcve.org/view.php?id=CVE-2014-5872
11 Sep 2014 — The SafeNetMobile Pass (aka securecomputing.devices.android.controller) application 8.3.7.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación SafeNetMobile Pass (también conocido como securecomputing.devices.android.controller) 8.3.7.11 para Android no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar ... • http://www.kb.cert.org/vuls/id/487281 • CWE-310: Cryptographic Issues •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3339
https://notcve.org/view.php?id=CVE-2011-3339
17 Dec 2011 — Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file. Vulnerabilidad de secuencias de comandos en sitios cruzados (X... • http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 6%CPEs: 16EXPL: 1CVE-2009-3861 – SafeNet SoftRemote - GROUPNAME Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3861
04 Nov 2009 — Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd). Desbordamiento de búfer basado en pila en SafeNet SoftRemote v10.8.5 (Build 2) y v10.3.5 (Build 6), y posiblemente otras versiones anteriores a v10.8.9, permite a usuarios locales ejecutar código de su elección a través de una cadena larga en (1) TREENAME o (2) u... • https://www.exploit-db.com/exploits/16643 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 64%CPEs: 13EXPL: 1CVE-2009-1943 – Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-1943
01 Jun 2009 — Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514. Desbordamiento de búfer basado en pila en el servicio IKE (ireIke.exe) en SafeNet SoftRemote anterior a v10.8.6, permite a atacantes remotos ejecutar código de su elección a través de una petición larga UDP al puerto 62514. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ... • https://www.exploit-db.com/exploits/16831 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2008-5121 – Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM
https://notcve.org/view.php?id=CVE-2008-5121
18 Nov 2008 — dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. dne2000.sys en Citrix Deterministic Network Enhancer (DNE) desde la version 2.21.7.233 a la 3.21.7.17464, tal y como se usa en (1) Cisco VPN Client, (2) Blue Coat WinProxy, y (3) SafeNet Soft... • https://www.exploit-db.com/exploits/5837 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 3CVE-2008-0760 – Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal
https://notcve.org/view.php?id=CVE-2008-0760
13 Feb 2008 — Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483. Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.4.1.0 y anteriores y Sentinel Keys Server 1.0.4.0 y anteriores, permite a atacantes remotos leer ficheros de su elección m... • https://www.exploit-db.com/exploits/31149 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2008-0573 – SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM
https://notcve.org/view.php?id=CVE-2008-0573
05 Feb 2008 — IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request. IPSecDrv.sys 10.4.0.12 en SafeNET HighAssurance Remote y SoftRemote. Permite a usuarios locales ganar privilegios a través de peticiones IPSECDRV_IOCTL IOCTL manipuladas. • https://www.exploit-db.com/exploits/5004 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 32%CPEs: 6EXPL: 5CVE-2007-6483 – SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2007-6483
20 Dec 2007 — Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. Vulnerabilidad de salto de directorio en SafeNet Sentinel Protection Server 7.0.0 hasta 7.4.0 y versiones anteriores, y Sentinel Keys Server 1.0.3 y posiblemente versiones anteriores, permite a atacantes remotos leer ficheros de su elecció... • https://packetstorm.news/files/id/126725 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 4CVE-2007-3157 – SafeNet High Assurance Remote 1.4.0 - 'IPSecDrv.sys' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-3157
11 Jun 2007 — IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec. IPSecDrv.sys 10.4.0.12 en SafeNET High Assurance Remote 1.4.0 Build 12, y SoftRemote, permiet a atacantes remotos provocar denegación de servicio (bucle infinito y cuelgue del sistema)a través de paquetes no válidos con ciertos b... • https://www.exploit-db.com/exploits/4047 •