Filtered by vendor Cordaware
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-6266 | 1 Cordaware | 1 Bestinformed | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext. | |||||
CVE-2019-6265 | 1 Cordaware | 1 Bestinformed | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges. |