VYPR
Vendor

Changing

Products
3
CVEs
5
Across products
5
Status
Private

Products

3

Recent CVEs

5
  • CVE-2025-8861CriAug 29, 2025
    risk 0.64cvss 9.8epss 0.00

    TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents.

  • CVE-2025-8857CriAug 29, 2025
    risk 0.64cvss 9.8epss 0.00

    Clinic Image System developed by Changing contains hard-coded Credentials, allowing unauthenticated remote attackers to log into the system using administrator credentials embedded in the source code.

  • CVE-2025-8858HigAug 29, 2025
    risk 0.49cvss 7.5epss 0.00

    Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

  • CVE-2026-3000Mar 2, 2026
    risk 0.00cvss epss 0.01

    IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary DLL files from a remote source and execute them.

  • CVE-2026-2999Mar 2, 2026
    risk 0.00cvss epss 0.01

    IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary executable files from a remote source and execute them.