Filtered by vendor Smartics
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2140 | 1 Smartics | 1 Smartics | 2024-02-28 | 6.0 MEDIUM | 9.0 CRITICAL |
| Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters. | |||||
| CVE-2022-2106 | 1 Smartics | 1 Smartics | 2024-02-28 | 4.0 MEDIUM | 2.7 LOW |
| Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files. | |||||
| CVE-2022-2088 | 1 Smartics | 1 Smartics | 2024-02-28 | 6.8 MEDIUM | 4.9 MEDIUM |
| An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0. | |||||