Filtered by vendor Smartics Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-2140 1 Smartics 1 Smartics 2024-11-21 8.8 High
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters.
CVE-2022-2106 1 Smartics 1 Smartics 2024-11-21 3.8 Low
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.
CVE-2022-2088 1 Smartics 1 Smartics 2024-11-21 6.8 Medium
An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0.