42gears
Products
3- 5 CVEs
- 2 CVEs
- 0 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-2331 | Hig | 0.51 | 7.8 | 0.00 | Apr 27, 2023 | Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service. This issue affects Surelock Windows : from 2.3.12 through 2.40.0. | ||
| CVE-2018-15657 | Hig | 0.51 | 7.3 | 0.02 | Feb 5, 2019 | An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter. | ||
| CVE-2018-15658 | Hig | 0.49 | 7.5 | 0.02 | Feb 5, 2019 | An issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console/ConsolePage/Master.html, an attacker is able to see the markup that would be presented to an authenticated user. This is caused by the session validation occurring after the… | ||
| CVE-2018-15656 | Hig | 0.49 | 7.5 | 0.02 | Feb 5, 2019 | An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An attacker can submit a GET request to /api/register/:email, where :email is a base64 encoded e-mail address, to receive confirmation as to whether a user account exists in the system… | ||
| CVE-2023-2335 | Med | 0.42 | 6.5 | 0.00 | Apr 27, 2023 | Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40.0.Exe on Windows (Registery modules) allows Retrieve Admin user credentials This issue affects surelock windows: from 2.3.12 through 2.40.0. | ||
| CVE-2018-15659 | Med | 0.42 | 6.5 | 0.01 | Feb 5, 2019 | An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible. | ||
| CVE-2018-15655 | Med | 0.42 | 6.5 | 0.01 | Feb 5, 2019 | An issue was discovered in 42Gears SureMDM before 2018-11-27, related to CORS settings. Cross-origin access is possible. |
- risk 0.51cvss 7.8epss 0.00
Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service. This issue affects Surelock Windows : from 2.3.12 through 2.40.0.
- risk 0.51cvss 7.3epss 0.02
An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console/ConsolePage/Master.html, an attacker is able to see the markup that would be presented to an authenticated user. This is caused by the session validation occurring after the…
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An attacker can submit a GET request to /api/register/:email, where :email is a base64 encoded e-mail address, to receive confirmation as to whether a user account exists in the system…
- risk 0.42cvss 6.5epss 0.00
Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40.0.Exe on Windows (Registery modules) allows Retrieve Admin user credentials This issue affects surelock windows: from 2.3.12 through 2.40.0.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible.
- risk 0.42cvss 6.5epss 0.01
An issue was discovered in 42Gears SureMDM before 2018-11-27, related to CORS settings. Cross-origin access is possible.