Vulnerabilities > Cybelesoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-20 | CVE-2022-25227 | Origin Validation Error vulnerability in Cybelesoft Thinfinity VNC 4.0.0.1 Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can trick a user into browse malicious site, to obtain an 'ID' that can be used to send websocket requests and achieve RCE. | 8.8 |
| 2022-02-09 | CVE-2021-46354 | Exposure of Resource to Wrong Sphere vulnerability in Cybelesoft Thinfinity Virtualui 2.1.28.0/2.1.32.1/2.5.26.2 Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter "Addr" in cmd site. | 7.5 |
| 2017-10-06 | CVE-2015-1429 | Path Traversal vulnerability in Cybelesoft Thinfinity Remote Desktop Workstation 3.0.0.3 Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0.3 32-bit and 64-bit allows remote attackers to download arbitrary files via a .. | 7.5 |