Filtered by vendor Horizoncloud
Subscriptions
Filtered by product Caterease
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38886 | 1 Horizoncloud | 1 Caterease | 2024-09-10 | 9.8 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel. | ||||
| CVE-2024-38889 | 1 Horizoncloud | 1 Caterease | 2024-09-10 | 9.6 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform SQL Injection due to improper neutralization of special elements used in an SQL command. | ||||
| CVE-2024-38891 | 1 Horizoncloud | 1 Caterease | 2024-08-20 | 9.1 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information. | ||||
| CVE-2024-38887 | 1 Horizoncloud | 1 Caterease | 2024-08-20 | 9.8 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to expand control over the operating system from the database due to the execution of commands with unnecessary privileges. | ||||
| CVE-2024-38888 | 1 Horizoncloud | 1 Caterease | 2024-08-08 | 6.8 Medium |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform a Password Brute Forcing attack due to improper restriction of excessive authentication attempts. | ||||
| CVE-2024-38890 | 1 Horizoncloud | 1 Caterease | 2024-08-07 | 8.4 High |
| An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks. | ||||
| CVE-2024-38884 | 1 Horizoncloud | 1 Caterease | 2024-08-07 | 7.8 High |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a local attacker to perform an Authentication Bypass attack due to improperly implemented security checks for standard authentication mechanisms | ||||
| CVE-2024-38883 | 1 Horizoncloud | 1 Caterease | 2024-08-07 | 9.1 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Drop Encryption Level attack due to the selection of a less-secure algorithm during negotiation. | ||||
| CVE-2024-38882 | 1 Horizoncloud | 1 Caterease | 2024-08-07 | 9.8 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command. | ||||
| CVE-2024-38881 | 1 Horizoncloud | 1 Caterease | 2024-08-07 | 7.5 High |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords. | ||||
| CVE-2024-38885 | 1 Horizoncloud | 1 Caterease | 2024-08-05 | 7.5 High |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform unauthorized access using known operating system credentials due to hardcoded SQL user credentials in the client application. | ||||
Page 1 of 1.