Skip to main content

Snow License Manager

4 CVEs product

Monthly

CVE-2023-3937 MEDIUM This Month

Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Microsoft Snow License Manager
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-3864 HIGH This Week

Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft SQLi Snow License Manager
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-2679 MEDIUM This Month

Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Microsoft Snow License Manager
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-0883 HIGH This Week

SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Snow License Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 4.8
MEDIUM This Month

Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Microsoft Snow License Manager
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and including 9.30.1 on Windows allows a logged in user with high privileges to inject SQL commands. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft SQLi Snow License Manager
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Snow License Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy