Dynamics Gp
by Microsoft
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-23274 | Hig | 0.57 | 8.8 | 0.02 | Feb 9, 2022 | Microsoft Dynamics GP Remote Code Execution Vulnerability | ||
| CVE-2022-23272 | Hig | 0.53 | 8.1 | 0.03 | Feb 9, 2022 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | ||
| CVE-2022-23273 | Hig | 0.46 | 7.1 | 0.02 | Feb 9, 2022 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | ||
| CVE-2022-23271 | Med | 0.43 | 6.5 | 0.04 | Feb 9, 2022 | Microsoft Dynamics GP Elevation Of Privilege Vulnerability | ||
| CVE-2022-23269 | Med | 0.35 | 5.4 | 0.01 | Feb 9, 2022 | Microsoft Dynamics GP Spoofing Vulnerability | ||
| CVE-2010-2083 | 0.01 | — | 0.08 | May 26, 2010 | Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it easier for remote authenticated users to bypass intended access restrictions via unspecified vectors. | |||
| CVE-2010-2011 | 0.01 | — | 0.11 | May 21, 2010 | Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents. | |||
| CVE-2006-5266 | 0.01 | — | 0.16 | Dec 31, 2006 | Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a… | |||
| CVE-2006-5265 | 0.01 | — | 0.10 | Dec 31, 2006 | Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message. |
- risk 0.57cvss 8.8epss 0.02
Microsoft Dynamics GP Remote Code Execution Vulnerability
- risk 0.53cvss 8.1epss 0.03
Microsoft Dynamics GP Elevation Of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.02
Microsoft Dynamics GP Elevation Of Privilege Vulnerability
- risk 0.43cvss 6.5epss 0.04
Microsoft Dynamics GP Elevation Of Privilege Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics GP Spoofing Vulnerability
- CVE-2010-2083May 26, 2010risk 0.01cvss —epss 0.08
Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it easier for remote authenticated users to bypass intended access restrictions via unspecified vectors.
- CVE-2010-2011May 21, 2010risk 0.01cvss —epss 0.11
Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive information by decrypting a field's contents.
- CVE-2006-5266Dec 31, 2006risk 0.01cvss —epss 0.16
Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a…
- CVE-2006-5265Dec 31, 2006risk 0.01cvss —epss 0.10
Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message.