Vulnerabilities > Changingtec > Servisign > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-03 | CVE-2022-46304 | OS Command Injection vulnerability in Changingtec Servisign ChangingTec ServiSign component has insufficient filtering for special characters in the connection response parameter. | 8.8 |
| 2023-01-03 | CVE-2022-46306 | Path Traversal vulnerability in Changingtec Servisign ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. | 7.8 |
| 2020-02-03 | CVE-2020-3927 | Files or Directories Accessible to External Parties vulnerability in Changingtec Servisign 1.0.19.0617 An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter. | 8.5 |
| 2020-02-03 | CVE-2020-3926 | Files or Directories Accessible to External Parties vulnerability in Changingtec Servisign 1.0.19.0617 An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter. | 7.8 |