control · threatengine.sh

CVE-2023-25719

< 22.9.10032

ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin

8.8HIGH

CVE-2023-25718

<= 22.9.10032

In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instru

9.8CRITICAL

CVE-2021-36763

< 4.2.0.0

In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.

7.5HIGH

CVE-2021-33485

< 4.2.0.0

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

9.8CRITICAL

CVE-2019-16517

all versions

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration

9.8CRITICAL

CVE-2019-16516

<= 19.2.24707

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vuln

5.3MEDIUM

CVE-2019-16515

all versions

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers ar

6.5MEDIUM

CVE-2019-16514

all versions

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code ex

7.2HIGH

CVE-2019-16513

all versions

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API req

8.8HIGH

CVE-2019-16512

all versions

An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appea

4.8MEDIUM

CVE-2014-3857

<= 8.3.1

Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) before 8.3.2 allo

connectwise control