Hyland: Security Vulnerabilities
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. PKI certificates have a private key that is the same across different customers' installations.
CVSS Score
9.1
EPSS Score
0.006
Published
2020-09-11
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows XXE attacks for read/write access to arbitrary files.
CVSS Score
9.8
EPSS Score
0.012
Published
2020-09-11
A Denial of Service vulnerability in the ImageNow Server service in Hyland Perceptive Content Server before 7.1.5 allows an attacker to crash the service via a TCP connection.
CVSS Score
7.5
EPSS Score
0.015
Published
2019-07-16
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.03
Published
2018-04-26
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.028
Published
2018-04-26
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a stack-based buffer, resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.028
Published
2018-04-26
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
CVSS Score
8.8
EPSS Score
0.02
Published
2018-04-26
Remote Code Execution in Saperion Web Client version 7.5.2 83166.
CVSS Score
9.8
EPSS Score
0.039
Published
2018-02-13
Arbitrary File Read in Saperion Web Client version 7.5.2 83166.
CVSS Score
7.5
EPSS Score
0.012
Published
2018-02-13
Page 3