Nhiservisignadapter

nhiservisignadapter

Vendor: Panorama • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-25844 1Panorama 1Nhiservisignadapter Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege.
CVE-2020-25843 1Panorama 1Nhiservisignadapter Nov 21, 2024 Dec 31, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a heap overflow loophole. Remote attackers can use the leak to execute code without privilege.
CVE-2020-25842 1Panorama 1Nhiservisignadapter Nov 21, 2024 Dec 31, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The encryption function of NHIServiSignAdapter fail to verify the file path input by users. Remote attacker can access arbitrary files through the flaw without privilege.