Vulnerabilities > IPA > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-26 CVE-2019-6019 Untrusted Search Path vulnerability in IPA Stamp Workbench
Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
network
ipa CWE-426
6.8
2017-07-07 CVE-2017-2220 Untrusted Search Path vulnerability in IPA Casl II Simulator
Untrusted search path vulnerability in Installer of CASL II simulator (self-extract format) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
network
ipa CWE-426
6.8
2017-07-07 CVE-2017-2194 Cross-site Scripting vulnerability in IPA Icodechecker
Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
network
ipa CWE-79
4.3
2017-06-09 CVE-2017-2182 Unspecified vulnerability in IPA Appgoat 3.0.0/3.0.1
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than CVE-2017-2179 and CVE-2017-2181.
network
ipa
6.8
2017-06-09 CVE-2017-2181 Unspecified vulnerability in IPA Appgoat 3.0.0/3.0.1
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than CVE-2017-2179 and CVE-2017-2182.
network
ipa
6.8
2017-06-09 CVE-2017-2180 Information Exposure vulnerability in IPA Appgoat 3.0.0/3.0.1
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors.
network
ipa CWE-200
4.3
2017-06-09 CVE-2017-2179 Improper Input Validation vulnerability in IPA Appgoat 3.0.0/3.0.1
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and CVE-2017-2182.
network
ipa CWE-20
6.8
2017-05-22 CVE-2017-2175 Untrusted Search Path vulnerability in IPA Empirical Project Monitor - Extended
Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
network
ipa CWE-426
6.8
2017-05-22 CVE-2017-2174 Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended
Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ipa CWE-79
4.3
2017-04-28 CVE-2017-2102 Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0
Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
ipa CWE-352
6.8