Search Results | AttackerKB

Show filters

Topics 16 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

16 Total Results

Displaying 1-10 of 16

Attacker Value

Unknown

CVE-2022-45876

Disclosure Date: April 26, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-46300

Disclosure Date: March 21, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-46286

Disclosure Date: March 21, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-45468

Disclosure Date: March 21, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-45121

Disclosure Date: March 21, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-43512

Disclosure Date: March 21, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-41696

Disclosure Date: March 21, 2023 (last updated October 08, 2023)

Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.

Attack Vector: Local Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-3217

Disclosure Date: September 16, 2022 (last updated October 08, 2023)

When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-42537

Disclosure Date: July 27, 2022 (last updated February 24, 2025)

VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-42535

Disclosure Date: July 27, 2022 (last updated February 24, 2025)

VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.

Attack Vector: Network Privileges: None User Interaction: Required

0