desknets
Products
3- 5 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-52583 | Med | 0.40 | 6.1 | 0.00 | Oct 16, 2025 | Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser. | ||
| CVE-2020-5638 | Med | 0.40 | 6.1 | 0.01 | Dec 3, 2020 | Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors. | ||
| CVE-2025-55072 | Med | 0.35 | 5.4 | 0.00 | Oct 16, 2025 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. | ||
| CVE-2025-54760 | Med | 0.35 | 5.4 | 0.00 | Oct 16, 2025 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. | ||
| CVE-2025-58426 | Med | 0.28 | 4.3 | 0.00 | Oct 16, 2025 | desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications. | ||
| CVE-2025-58079 | Med | 0.28 | 4.3 | 0.00 | Oct 16, 2025 | Improper Protection of Alternate Path (CWE-424) in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications. | ||
| CVE-2006-5593 | 0.00 | — | 0.03 | Oct 27, 2006 | Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow remote authenticated users to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information. |
- risk 0.40cvss 6.1epss 0.00
Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors.
- risk 0.35cvss 5.4epss 0.00
Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser.
- risk 0.35cvss 5.4epss 0.00
Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser.
- risk 0.28cvss 4.3epss 0.00
desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications.
- risk 0.28cvss 4.3epss 0.00
Improper Protection of Alternate Path (CWE-424) in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications.
- CVE-2006-5593Oct 27, 2006risk 0.00cvss —epss 0.03
Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow remote authenticated users to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.