Bigant Server
by Bigantsoft
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-1914 | 0.09 | — | 0.74 | Apr 22, 2008 | Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-4660 | 0.08 | — | 0.62 | Mar 3, 2010 | Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660. | |||
| CVE-2022-23347 | 0.06 | — | 0.13 | Mar 21, 2022 | BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. | |||
| CVE-2009-4661 | 0.03 | — | 0.02 | Mar 3, 2010 | Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item. | |||
| CVE-2025-0364 | 0.02 | — | 0.02 | Feb 4, 2025 | BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an… | |||
| CVE-2022-26281 | 0.00 | — | 0.01 | Apr 5, 2022 | BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. | |||
| CVE-2022-23345 | 0.00 | — | 0.02 | Mar 21, 2022 | BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. | |||
| CVE-2022-23346 | 0.00 | — | 0.02 | Mar 21, 2022 | BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. | |||
| CVE-2022-23352 | 0.00 | — | 0.02 | Mar 21, 2022 | An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). | |||
| CVE-2022-23348 | 0.00 | — | 0.03 | Mar 21, 2022 | BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. | |||
| CVE-2022-23350 | 0.00 | — | 0.01 | Mar 21, 2022 | BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability. | |||
| CVE-2022-23349 | 0.00 | — | 0.01 | Mar 21, 2022 | BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). |
- CVE-2008-1914Apr 22, 2008risk 0.09cvss —epss 0.74
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
- CVE-2009-4660Mar 3, 2010risk 0.08cvss —epss 0.62
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
- CVE-2022-23347Mar 21, 2022risk 0.06cvss —epss 0.13
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
- CVE-2009-4661Mar 3, 2010risk 0.03cvss —epss 0.02
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
- CVE-2025-0364Feb 4, 2025risk 0.02cvss —epss 0.02
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an…
- CVE-2022-26281Apr 5, 2022risk 0.00cvss —epss 0.01
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
- CVE-2022-23345Mar 21, 2022risk 0.00cvss —epss 0.02
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
- CVE-2022-23346Mar 21, 2022risk 0.00cvss —epss 0.02
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
- CVE-2022-23352Mar 21, 2022risk 0.00cvss —epss 0.02
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
- CVE-2022-23348Mar 21, 2022risk 0.00cvss —epss 0.03
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
- CVE-2022-23350Mar 21, 2022risk 0.00cvss —epss 0.01
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
- CVE-2022-23349Mar 21, 2022risk 0.00cvss —epss 0.01
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).