Vulnerabilities > Mirasys > Mirasys VMS > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-08-22 CVE-2019-11030 Deserialization of Untrusted Data vulnerability in Mirasys VMS 7.6.0/8.0.0/8.3.1
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys.Common.Utils.Security.DataCrypt method in Common.dll in AuditTrailService in SMServer.exe.
network
low complexity
mirasys CWE-502
critical
 9.8
9.8
2019-08-22 CVE-2019-11031 Unrestricted Upload of File with Dangerous Type vulnerability in Mirasys VMS 7.6.0/8.0.0/8.3.1
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-update feature of IDVRUpdateService2 in DVRServer.exe.
network
low complexity
mirasys CWE-434
critical
 9.8
9.8