Filtered by vendor Fortra
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-0204 | 1 Fortra | 1 Goanywhere Managed File Transfer | 2024-02-02 | N/A | 9.8 CRITICAL |
| Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. | |||||
| CVE-2023-6253 | 1 Fortra | 1 Digital Guardian Agent | 2023-12-10 | N/A | 6.0 MEDIUM |
| A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file. | |||||
| CVE-2021-26837 | 1 Fortra | 1 Delivernow | 2023-12-10 | N/A | 9.8 CRITICAL |
| SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive information. | |||||
| CVE-2023-0669 | 1 Fortra | 1 Goanywhere Managed File Transfer | 2023-12-10 | N/A | 7.2 HIGH |
| Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. | |||||