Lucene search

Ysoft Security Vulnerabilities

cve

CVE-2023-35833

An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP server configuration from LDAPS to LDAP, the system does not require the password to be (re)entered. This results in exposing cleartext credentials when connecting to a rogue LDAP server. NOTE: the...

6.5CVSS

6.5AI Score

0.001EPSS

2023-07-13 05:15 PM

cve

CVE-2022-38176

An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as...

7.8CVSS

7.8AI Score

0.0004EPSS

2022-09-06 09:15 PM

cve

CVE-2021-31859

Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-07-14 05:15 PM

cve

CVE-2018-15498

YSoft SafeQ Server 6 allows a replay...

8.1CVSS

8AI Score

0.005EPSS

2019-03-21 04:00 PM