VYPR

GP-Pro EX

by Schneider Electric

CVEs (4)

  • CVE-2018-7832HigDec 24, 2018
    risk 0.57cvss 8.8epss 0.02

    An Improper Input Validation vulnerability exists in Pro-Face GP-Pro EX v4.08 and previous versions which could cause the execution arbitrary executable when GP-Pro EX is launched.

  • CVE-2021-22775HigSep 2, 2021
    risk 0.51cvss 7.8epss 0.00

    A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software.

  • CVE-2020-7492MedJun 16, 2020
    risk 0.42cvss 6.5epss 0.01

    A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded.

  • CVE-2023-3953MedAug 9, 2023
    risk 0.34cvss 5.3epss 0.00

    A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX.