Skip to main content

CWE-623

Unsafe ActiveX Control Marked Safe For Scripting

2 CVEs Avg CVSS 6.2 MITRE
0
CRITICAL
1
HIGH
1
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2018-17925 MEDIUM This Month

Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ifix
NVD
CVSS 3.0
4.8
EPSS
0.3%
CVE-2014-2368 HIGH This Week

The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Advantech Webaccess
NVD
CVSS 2.0
7.5
EPSS
0.5%
EPSS 0% CVSS 4.8
MEDIUM This Month

Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ifix
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Advantech Webaccess
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy