VYPR
Vendor

Asseco

Products
5
CVEs
5
Across products
5
Status
Private

Products

5

Recent CVEs

5
  • CVE-2025-9313CriOct 28, 2025
    risk 0.60cvss epss 0.01

    An unauthenticated user can connect to a publicly accessible database using arbitrary credentials. The system grants full access to the database by leveraging a previously authenticated connection through a "mmBackup" application. This flaw allows attackers to bypass…

  • CVE-2022-27192HigMar 23, 2022
    risk 0.49cvss 7.5epss 0.01

    The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files.

  • CVE-2025-66955MedMar 12, 2026
    risk 0.42cvss 6.5epss 0.00

    Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.

  • CVE-2025-4596MedJan 8, 2026
    risk 0.34cvss epss 0.00

    Asseco ADMX system is used for processing medical records. It allows logged in users to access medical files belonging to other users through manipulation of GET arguments containing document IDs. This issue has been fixed in 6.09.01.62 version of ADMX.

  • CVE-2025-8306MedJan 8, 2026
    risk 0.33cvss epss 0.00

    Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. A low privileged user is able to obtain encoded passwords of all other accounts (including main administrator) due to lack of granularity in access…