Skip to main content

Nhiservisignadapter

5 CVEs product

Monthly

CVE-2020-25846 HIGH This Week

The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Nhiservisignadapter
NVD
CVSS 3.1
7.4
EPSS
1.0%
CVE-2020-25845 HIGH This Week

Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Nhiservisignadapter
NVD
CVSS 3.1
7.4
EPSS
1.0%
CVE-2020-25844 CRITICAL Act Now

The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Nhiservisignadapter
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2020-25843 CRITICAL Act Now

NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a heap overflow loophole. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Nhiservisignadapter
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2020-25842 HIGH This Week

The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nhiservisignadapter
NVD
CVSS 3.1
7.5
EPSS
0.5%
EPSS 1% CVSS 7.4
HIGH This Week

The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Nhiservisignadapter
NVD
EPSS 1% CVSS 7.4
HIGH This Week

Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Nhiservisignadapter
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Nhiservisignadapter
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a heap overflow loophole. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Nhiservisignadapter
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nhiservisignadapter
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy