Filtered by vendor Helpsystems
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-42948 | 1 Helpsystems | 1 Cobalt Strike | 2024-02-04 | N/A | 9.8 CRITICAL |
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI. | |||||
CVE-2021-46830 | 1 Helpsystems | 1 Goanywhere Managed File Transfer | 2024-02-04 | N/A | 6.5 MEDIUM |
A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended. | |||||
CVE-2021-43708 | 1 Helpsystems | 1 Titus Data Classification | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode. | |||||
CVE-2022-23317 | 1 Helpsystems | 1 Cobalt Strike | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL. | |||||
CVE-2021-36798 | 1 Helpsystems | 1 Cobalt Strike | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it. | |||||
CVE-2018-20764 | 2 Helpsystems, Linux | 2 Boks, Linux Kernel | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation. |