CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2014-5359
https://notcve.org/view.php?id=CVE-2014-5359
16 Dec 2014 — Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (dot dot) in the GetFile parameter to owa/owa. Vulnerabilidad de salto de directorio en SafeNet Authentication Service (SAS) Outlook Web Access Agent (anteriormente CRYPTOCard) anterior a 1.03.30109 permite a atacantes remotos leer ficheros arbitrarios a través de un .. (punto punto) en el parámetro GetFile en owa/... • http://appcheck-ng.com/safenet-sas-owa-agent-directory-traversal-vulnerability • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5872
https://notcve.org/view.php?id=CVE-2014-5872
11 Sep 2014 — The SafeNetMobile Pass (aka securecomputing.devices.android.controller) application 8.3.7.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación SafeNetMobile Pass (también conocido como securecomputing.devices.android.controller) 8.3.7.11 para Android no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar ... • http://www.kb.cert.org/vuls/id/487281 • CWE-310: Cryptographic Issues •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3339
https://notcve.org/view.php?id=CVE-2011-3339
17 Dec 2011 — Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file. Vulnerabilidad de secuencias de comandos en sitios cruzados (X... • http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 6%CPEs: 16EXPL: 1CVE-2009-3861 – SafeNet SoftRemote - GROUPNAME Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3861
04 Nov 2009 — Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd). Desbordamiento de búfer basado en pila en SafeNet SoftRemote v10.8.5 (Build 2) y v10.3.5 (Build 6), y posiblemente otras versiones anteriores a v10.8.9, permite a usuarios locales ejecutar código de su elección a través de una cadena larga en (1) TREENAME o (2) u... • https://www.exploit-db.com/exploits/16643 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 64%CPEs: 13EXPL: 1CVE-2009-1943 – Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-1943
01 Jun 2009 — Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514. Desbordamiento de búfer basado en pila en el servicio IKE (ireIke.exe) en SafeNet SoftRemote anterior a v10.8.6, permite a atacantes remotos ejecutar código de su elección a través de una petición larga UDP al puerto 62514. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ... • https://www.exploit-db.com/exploits/16831 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •