Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2023-36659
Disclosure Date: September 15, 2023 (last updated October 08, 2023)
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication).
0
Attacker Value
Unknown
CVE-2023-36657
Disclosure Date: September 15, 2023 (last updated October 08, 2023)
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.
0
Attacker Value
Unknown
CVE-2023-36658
Disclosure Date: September 15, 2023 (last updated October 08, 2023)
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
0
Attacker Value
Unknown
CVE-2022-40778
Disclosure Date: September 19, 2022 (last updated October 08, 2023)
A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response.
0
Attacker Value
Unknown
CVE-2022-32272
Disclosure Date: June 09, 2022 (last updated October 07, 2023)
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
0
Attacker Value
Unknown
CVE-2022-32273
Disclosure Date: June 08, 2022 (last updated October 07, 2023)
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.
0
Attacker Value
Unknown
CVE-2018-16275
Disclosure Date: August 31, 2018 (last updated November 27, 2024)
OPSWAT MetaDefender before v4.11.2 allows CSV injection.
0
