Atvise : Security Vulnerabilities, CVEs,
An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Max CVSS
5.9
EPSS Score
0.13%
Published
2022-06-17
Updated
2022-06-30
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request.
Max CVSS
5.0
EPSS Score
0.15%
Published
2012-04-13
Updated
2012-04-13
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request.
Max CVSS
5.0
EPSS Score
0.27%
Published
2012-04-13
Updated
2012-04-13
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.
Max CVSS
5.0
EPSS Score
0.33%
Published
2012-04-13
Updated
2012-04-13
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.
Max CVSS
5.0
EPSS Score
1.35%
Published
2012-04-13
Updated
2012-04-13
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840.
Max CVSS
5.0
EPSS Score
0.28%
Published
2012-01-19
Updated
2012-01-20
6 vulnerabilities found