Vulnerabilities (CVE)

Filtered by vendor Signotec Subscribe
Filtered by product Signopad-api\/web
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9345 2 Microsoft, Signotec 2 Windows, Signopad-api\/web 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the application doesn't limit the number of opened WebSocket sockets. If a victim visits an attacker-controlled website, this vulnerability can be exploited.
CVE-2020-9343 2 Microsoft, Signotec 2 Windows, Signopad-api\/web 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the implementation doesn't limit the parsing of nested JSON structures. If a victim visits an attacker-controlled website, this vulnerability can be exploited via WebSocket data with a deeply nested JSON array.