Vulnerabilities > Changingtec

DATE CVE VULNERABILITY TITLE RISK
2024-08-02 CVE-2024-40720 Unspecified vulnerability in Changingtec TCB Servisign
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input.
network
low complexity
changingtec
8.8
2024-08-02 CVE-2024-40721 Unspecified vulnerability in Changingtec TCB Servisign
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input.
network
low complexity
changingtec
8.8
2024-08-02 CVE-2024-40722 Out-of-bounds Write vulnerability in Changingtec TCB Servisign
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input.
network
low complexity
changingtec CWE-787
4.3
2024-08-02 CVE-2024-40723 Out-of-bounds Write vulnerability in Changingtec Hwatai Servisign
The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs.
network
low complexity
changingtec CWE-787
4.3
2024-08-02 CVE-2024-40719 Inadequate Encryption Strength vulnerability in Changingtec TCB Servisign
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign Windows Version is insufficient.
network
low complexity
changingtec CWE-326
6.5
2023-01-31 CVE-2022-39059 Path Traversal vulnerability in Changingtec Megaservisignadapter 1.0.17.0823
ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function.
network
low complexity
changingtec CWE-22
7.5
2023-01-03 CVE-2022-46306 Path Traversal vulnerability in Changingtec Servisign
ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path.
local
low complexity
changingtec CWE-22
7.8
2022-10-18 CVE-2022-39058 Path Traversal vulnerability in Changingtec Rava Certificate Validation System 3
RAVA certification validation system has a path traversal vulnerability.
network
low complexity
changingtec CWE-22
7.5
2020-02-03 CVE-2020-3927 Files or Directories Accessible to External Parties vulnerability in Changingtec Servisign 1.0.19.0617
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.
network
low complexity
changingtec CWE-552
7.5
2020-02-03 CVE-2020-3926 Files or Directories Accessible to External Parties vulnerability in Changingtec Servisign 1.0.19.0617
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.
network
low complexity
changingtec CWE-552
7.5