Vulnerabilities
Vulnerable Software
Hyland:  Security Vulnerabilities
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows SQL injection, as demonstrated by TestConnection_LocalOrLinkedServer, CreateFilterFriendlyView, or AddWorkViewLinkedServer.
CVSS Score
9.8
EPSS Score
0.015
Published
2020-09-11
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to cause a denial of service (outage of connection-request processing) via a long user ID, which triggers an exception and a large log entry.
CVSS Score
7.5
EPSS Score
0.015
Published
2020-09-11
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. PKI certificates have a private key that is the same across different customers' installations.
CVSS Score
9.1
EPSS Score
0.006
Published
2020-09-11
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files.
CVSS Score
9.8
EPSS Score
0.012
Published
2020-09-11
A Denial of Service vulnerability in the ImageNow Server service in Hyland Perceptive Content Server before 7.1.5 allows an attacker to crash the service via a TCP connection.
CVSS Score
7.5
EPSS Score
0.015
Published
2019-07-16
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.03
Published
2018-04-26
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.027
Published
2018-04-26
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a stack-based buffer, resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.028
Published
2018-04-26
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.019
Published
2018-04-26
Remote Code Execution in Saperion Web Client version 7.5.2 83166.
CVSS Score
9.8
EPSS Score
0.038
Published
2018-02-13


Contact Us

Shodan ® - All rights reserved