Vulnerabilities > Wibu > Low

DATE CVE VULNERABILITY TITLE RISK
2021-11-14 CVE-2021-41057 Link Following vulnerability in multiple products
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite the linked file without checking permissions.
local
low complexity
wibu siemens CWE-59
3.6
3.6
2019-02-05 CVE-2018-3989 Use of Uninitialized Resource vulnerability in Wibu Wibukey 6.40
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure.
local
low complexity
wibu CWE-908
2.1
2.1
2017-09-07 CVE-2017-13754 Cross-site Scripting vulnerability in Wibu Codemeter
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.html.
network
wibu CWE-79
3.5
3.5