High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-17	CVE-2023-2912	Use After Free vulnerability in Secomea Sitemanager Embedded 9.2C Use After Free vulnerability in Secomea SiteManager Embedded allows Obstruction. network low complexity secomea CWE-416	7.5
2023-04-19	CVE-2022-4308	Insufficiently Protected Credentials vulnerability in Secomea Gatemanager 9.6.621421014 Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked. local low complexity secomea CWE-522	8.8
2022-12-09	CVE-2022-2752	Improper Authentication vulnerability in Secomea Gatemanager 9.6.621421014 A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7. local low complexity secomea CWE-287	7.8
2022-12-06	CVE-2022-38123	Improper Input Validation vulnerability in Secomea Gatemanager 9.6.621421014 Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0. network low complexity secomea CWE-20	7.2
2022-05-04	CVE-2021-32010	Inadequate Encryption Strength vulnerability in Secomea products Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager, GateManager may facilitate man in the middle attacks. network high complexity secomea CWE-326	8.1
2022-05-04	CVE-2022-25778	Cross-Site Request Forgery (CSRF) vulnerability in Secomea products Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session. network low complexity secomea CWE-352	8.8
2022-05-04	CVE-2022-25785	Out-of-bounds Write vulnerability in Secomea products Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. network low complexity secomea CWE-787	7.2
2022-03-04	CVE-2021-32008	Path Traversal vulnerability in Secomea Gatemanager 9.6.621421014 This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. network low complexity secomea CWE-22	8.7
2021-03-05	CVE-2020-29030	Cross-Site Request Forgery (CSRF) vulnerability in Secomea Gatemanager Firmware Cross-Site Request Forgery (CSRF) vulnerability in web GUI of Secomea GateManager allows an attacker to execute malicious code. network low complexity secomea CWE-352	8.8
2021-03-05	CVE-2020-29020	Incorrect Authorization vulnerability in Secomea Sitemanager Firmware Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. network low complexity secomea CWE-863	7.2