VYPR
Vendor

Datev

Products
4
CVEs
4
Across products
4
Status
Private

Products

4

Recent CVEs

4
  • CVE-2003-1169Dec 31, 2003
    risk 0.03cvss epss 0.01

    DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.

  • CVE-2023-33387Jun 22, 2023
    risk 0.00cvss epss 0.01

    A reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attackers to steal targeted users' login data by sending a crafted link.

  • CVE-2011-5158Sep 7, 2012
    risk 0.00cvss epss 0.02

    Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DATEV Grundpaket Basis CD23.20 allow local users to gain privileges via a Trojan horse (1) DVBSKNLANG101.dll or (2) DvZediTermSrvInfo004.dll file in the current working…

  • CVE-2010-0689Feb 26, 2010
    risk 0.00cvss epss 0.06

    The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.