← Back

Abbyy

abbyy

4 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Flexicapture
flexicapture
3 CVEs
Finereader
finereader
1 CVE

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-20383
1Abbyy
1Finereader
Nov 21, 2024
Aug 13, 2020
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.
CVE-2018-13792
1Abbyy
1Flexicapture
Nov 21, 2024
Feb 10, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order par...Show more
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.Show less
CVE-2018-13793
1Abbyy
1Flexicapture
Nov 21, 2024
Jul 9, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login...Show more
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.Show less
CVE-2018-13791
1Abbyy
1Flexicapture
Nov 21, 2024
Jul 9, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.