Vulnerabilities > Visam

DATE CVE VULNERABILITY TITLE RISK
2023-04-26 CVE-2022-45876 XXE vulnerability in Visam Vbase 11.7.0.2
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam CWE-611
5.5
5.5
2023-03-21 CVE-2022-41696 Unspecified vulnerability in Visam Vbase Automation Base
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam
5.5
5.5
2023-03-21 CVE-2022-43512 XXE vulnerability in Visam Vbase Automation Base
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam CWE-611
5.5
5.5
2023-03-21 CVE-2022-45121 Unspecified vulnerability in Visam Vbase Automation Base
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam
5.5
5.5
2023-03-21 CVE-2022-45468 Unspecified vulnerability in Visam Vbase Automation Base
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam
5.5
5.5
2023-03-21 CVE-2022-46286 Unspecified vulnerability in Visam Vbase Automation Base
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam
5.5
5.5
2023-03-21 CVE-2022-46300 XXE vulnerability in Visam Vbase Automation Base
Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.
local
low complexity
visam CWE-611
5.5
5.5
2022-09-16 CVE-2022-3217 Unspecified vulnerability in Visam Vbase 11.7.0.2
When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages.
network
low complexity
visam
7.5
7.5
2022-07-27 CVE-2021-38417 Unspecified vulnerability in Visam Vbase Web-Remote 11.6.0.6
VISAM VBASE version 11.6.0.6 is vulnerable to improper access control via the web-remote endpoint, which may allow an unauthenticated user viewing access to folders and files in the directory listing.
network
low complexity
visam
7.5
7.5
2022-07-27 CVE-2021-42535 Cross-site Scripting vulnerability in Visam Vbase Web-Remote 11.6.0.6
VISAM VBASE version 11.6.0.6 does not neutralize or incorrectly neutralizes user-controllable input before the data is placed in output used as a public-facing webpage.
network
low complexity
visam CWE-79
6.1
6.1