Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
541037.4%CRITICAL

Related CVEs

41
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-32986NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.HIGH7.529.3%Apr 25, 2025
CVE-2025-32985NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.CRITICAL9.830.8%Apr 25, 2025
CVE-2025-32984NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.MEDIUM6.112.6%Apr 25, 2025
CVE-2025-32983NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.HIGH7.528.1%Apr 25, 2025
CVE-2025-32982NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.HIGH7.525.5%Apr 25, 2025
CVE-2025-32981NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.HIGH7.110.0%Apr 25, 2025
CVE-2025-32979NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.MEDIUM6.521.3%Apr 25, 2025
CVE-2023-27000Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s).MEDIUM6.150.1%Jan 9, 2024
CVE-2023-26999An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.CRITICAL9.868.8%Jan 9, 2024
CVE-2023-26998Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page.MEDIUM5.449.1%Jan 9, 2024
CVE-2023-41905NETSCOUT nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting (XSS) vulnerability by an authenticated user.MEDIUM5.430.7%Dec 7, 2023
CVE-2023-41172NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 4 of 4).MEDIUM5.430.7%Dec 7, 2023
CVE-2023-41171NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 3 of 4).MEDIUM5.430.7%Dec 7, 2023
CVE-2023-41170NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability.MEDIUM6.132.4%Dec 7, 2023
CVE-2023-41169NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 2 of 4).MEDIUM5.430.7%Dec 7, 2023
CVE-2023-41168NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 1 of 4).MEDIUM5.430.7%Dec 7, 2023
CVE-2023-40302NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions VulnerabilityCRITICAL9.153.1%Dec 7, 2023
CVE-2023-40301NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.CRITICAL9.870.7%Dec 7, 2023
CVE-2023-40300NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.CRITICAL9.848.7%Dec 7, 2023
CVE-2022-44718An issue was discovered in NetScout nGeniusONE 6.3.2 build 904. Open Redirection can occur (issue 2 of 2). After successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. The user must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host.LOW3.5Jan 27, 2023