VYPR

Connect

by Fortinet

CVEs (6)

  • CVE-2016-8494HigFeb 9, 2017
    risk 0.47cvss 7.2epss 0.01

    Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.

  • CVE-2022-41769May 10, 2023
    risk 0.00cvss epss 0.00

    Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2022-41801May 10, 2023
    risk 0.00cvss epss 0.00

    Uncontrolled resource consumption in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2022-4901Mar 1, 2023
    risk 0.00cvss epss 0.00

    Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim.

  • CVE-2022-46081Jan 4, 2023
    risk 0.00cvss epss 0.01

    In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information. NOTE: this is disputed by the vendor because the LiveTrack API service is not a customer-controlled product.

  • CVE-2019-19592Jan 21, 2020
    risk 0.00cvss epss 0.01

    Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting