VYPR
Vendor

Thales Group

Products
5
CVEs
5
Across products
5
Status
Private

Products

5

Recent CVEs

5
  • CVE-2021-32017CriAug 3, 2021
    risk 0.64cvss 9.9epss 0.01

    An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files.

  • CVE-2021-43978HigDec 8, 2021
    risk 0.46cvss 7.1epss 0.01

    Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials.

  • CVE-2022-38481MedJan 10, 2023
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP2. The application is prone to reflected Cross-site Scripting (XSS) in several features.

  • CVE-2018-8900MedMay 2, 2018
    risk 0.40cvss 6.1epss 0.01

    The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center (ACC) for cross-site scripting (XSS) vulnerability.

  • CVE-2021-41320MedOct 15, 2021
    risk 0.36cvss 5.5epss 0.00

    A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user. NOTE: the vendor disputes this because the password is not hardcoded (it can be changed during installation or at any later time).