Vulnerabilities > Wibu

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-14509 Unspecified vulnerability in Wibu Codemeter
Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields.
network
low complexity
wibu
critical
9.8
2019-02-05 CVE-2018-3991 Out-of-bounds Write vulnerability in multiple products
An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500.
network
low complexity
wibu siemens CWE-787
critical
9.8
2019-02-05 CVE-2018-3990 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wibu Wibukey 6.40
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).
local
low complexity
wibu CWE-119
7.8
2019-02-05 CVE-2018-3989 Use of Uninitialized Resource vulnerability in Wibu Wibukey 6.40
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure.
local
low complexity
wibu CWE-908
5.5
2017-09-07 CVE-2017-13754 Cross-site Scripting vulnerability in Wibu Codemeter 6.50A
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.html.
network
low complexity
wibu CWE-79
5.4