Abbyy : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2019-20383

ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-08-13
Updated
2020-08-19

CVE-2018-13793

Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.
Max CVSS
8.8
EPSS Score
0.07%
Published
2018-07-09
Updated
2018-09-07

CVE-2018-13792

Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.
Max CVSS
9.8
EPSS Score
0.14%
Published
2019-02-10
Updated
2020-09-10

CVE-2018-13791

The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.
Max CVSS
9.8
EPSS Score
0.26%
Published
2018-07-09
Updated
2019-10-03
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close