GP-Pro EX
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7832 | Hig | 0.57 | 8.8 | 0.02 | Dec 24, 2018 | An Improper Input Validation vulnerability exists in Pro-Face GP-Pro EX v4.08 and previous versions which could cause the execution arbitrary executable when GP-Pro EX is launched. | ||
| CVE-2021-22775 | Hig | 0.51 | 7.8 | 0.00 | Sep 2, 2021 | A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software. | ||
| CVE-2020-7492 | Med | 0.42 | 6.5 | 0.01 | Jun 16, 2020 | A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded. | ||
| CVE-2023-3953 | Med | 0.34 | 5.3 | 0.00 | Aug 9, 2023 | A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX. |
- risk 0.57cvss 8.8epss 0.02
An Improper Input Validation vulnerability exists in Pro-Face GP-Pro EX v4.08 and previous versions which could cause the execution arbitrary executable when GP-Pro EX is launched.
- risk 0.51cvss 7.8epss 0.00
A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software.
- risk 0.42cvss 6.5epss 0.01
A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded.
- risk 0.34cvss 5.3epss 0.00
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX.