VYPR
Vendor

Bigantsoft

Products
5
CVEs
17
Across products
21
Status
Private

Products

5

Recent CVEs

17
  • CVE-2008-1914Apr 22, 2008
    risk 0.09cvss epss 0.74

    Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.

  • CVE-2009-4660Mar 3, 2010
    risk 0.08cvss epss 0.62

    Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.

  • CVE-2012-6275Feb 24, 2013
    risk 0.07cvss epss 0.47

    Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.

  • CVE-2012-6274Feb 24, 2013
    risk 0.07cvss epss 0.47

    BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.

  • CVE-2022-23347Mar 21, 2022
    risk 0.06cvss epss 0.13

    BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.

  • CVE-2024-54761Jan 9, 2025
    risk 0.03cvss epss 0.02

    BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter.

  • CVE-2009-4661Mar 3, 2010
    risk 0.03cvss epss 0.02

    Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.

  • CVE-2025-0364Feb 4, 2025
    risk 0.02cvss epss 0.02

    BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated remote code execution via account registration. An unauthenticated remote attacker can create an administrative user through the default exposed SaaS registration mechanism. Once an…

  • CVE-2021-43430Apr 7, 2022
    risk 0.00cvss epss 0.01

    An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.

  • CVE-2022-26281Apr 5, 2022
    risk 0.00cvss epss 0.01

    BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.

  • CVE-2022-23345Mar 21, 2022
    risk 0.00cvss epss 0.02

    BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.

  • CVE-2022-23346Mar 21, 2022
    risk 0.00cvss epss 0.02

    BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.

  • CVE-2022-23352Mar 21, 2022
    risk 0.00cvss epss 0.02

    An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).

  • CVE-2022-23348Mar 21, 2022
    risk 0.00cvss epss 0.03

    BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.

  • CVE-2022-23350Mar 21, 2022
    risk 0.00cvss epss 0.01

    BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.

  • CVE-2022-23349Mar 21, 2022
    risk 0.00cvss epss 0.01

    BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).

  • CVE-2012-6273Feb 24, 2013
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.