VYPR
Vendor

desknets

Products
3
CVEs
7
Across products
7
Status
Private

Products

3

Recent CVEs

7
  • CVE-2025-52583MedOct 16, 2025
    risk 0.40cvss 6.1epss 0.00

    Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser.

  • CVE-2020-5638MedDec 3, 2020
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors.

  • CVE-2025-55072MedOct 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser.

  • CVE-2025-54760MedOct 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser.

  • CVE-2025-58426MedOct 16, 2025
    risk 0.28cvss 4.3epss 0.00

    desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications.

  • CVE-2025-58079MedOct 16, 2025
    risk 0.28cvss 4.3epss 0.00

    Improper Protection of Alternate Path (CWE-424) in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications.

  • CVE-2006-5593Oct 27, 2006
    risk 0.00cvss epss 0.03

    Buffer overflow in Desknet's (niokeru) before 5.0J R1.0 might allow remote authenticated users to execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.