VYPR
Vendor

Sencha

Products
2
CVEs
9
Across products
9
Status
Private

Products

2

Recent CVEs

9
  • CVE-2018-8046MedJul 5, 2018
    risk 0.45cvss 6.1epss 0.67

    The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip()…

  • CVE-2023-28616Dec 26, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and…

  • CVE-2023-34198Dec 25, 2023
    risk 0.00cvss epss 0.01

    In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.18 before 4.3.19, 4.4.0 through 4.6.5 before 4.6.6, and 4.7.0 before 4.7.1, the usage of a Network object created from an inactive DHCP interface in…

  • CVE-2020-11711Aug 25, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin…

  • CVE-2021-28096Jan 27, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.

  • CVE-2021-28127Jul 1, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.

  • CVE-2021-28665May 6, 2021
    risk 0.00cvss epss 0.01

    Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.

  • CVE-2012-1237Apr 6, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack the authentication of arbitrary users.

  • CVE-2006-6413Dec 10, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Amateras sns 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.