Known Vulnerabilities for products from HGiga
Listed below are 20 of the newest known vulnerabilities associated with the vendor "HGiga".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-6349 json | Not Provided | 2026-04-16 | 2026-04-24 | |
| CVE-2023-37292 json | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4... | 9.8 - CRITICAL | 2023-07-21 | 2023-08-04 |
| CVE-2023-25909 json | HGiga OAKlouds file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attack... | 9.8 - CRITICAL | 2023-03-27 | 2023-03-31 |
| CVE-2023-24842 json | HGiga MailSherlock has vulnerability of insufficient access control. An unauthenticated remote user can exploit this vulnerab... | 5.3 - MEDIUM | 2023-03-27 | 2023-03-30 |
| CVE-2023-24841 json | HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input. An authent... | 7.2 - HIGH | 2023-03-27 | 2023-03-30 |
| CVE-2023-24840 json | HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. An authenticated remote a... | 7.2 - HIGH | 2023-03-27 | 2023-03-30 |
| CVE-2023-24839 json | HGiga MailSherlock’s specific function has insufficient filtering for user input. An unauthenticated remote attacker can ex... | 6.1 - MEDIUM | 2023-03-27 | 2023-03-30 |
| CVE-2023-24838 json | HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker can exploit this vulnerabil... | 9.8 - CRITICAL | 2023-03-27 | 2023-06-05 |
| CVE-2023-24837 json | HGiga PowerStation remote management function has insufficient filtering for user input. An authenticated remote attacker wit... | 8.8 - HIGH | 2023-03-27 | 2023-03-30 |
| CVE-2022-38118 json | OAKlouds Portal website’s Meeting Room has insufficient validation for user input. A remote attacker with general user priv... | 8.8 - HIGH | 2022-08-30 | 2022-10-01 |
| CVE-2021-37913 json | The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface ca... | 9.8 - CRITICAL | 2021-09-15 | 2021-09-28 |
| CVE-2021-37912 json | The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface... | 9.8 - CRITICAL | 2021-09-15 | 2021-09-28 |
| CVE-2021-22852 json | HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online... | 8.8 - HIGH | 2021-01-19 | 2021-01-22 |
| CVE-2021-22851 json | HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (docume... | 9.8 - CRITICAL | 2021-01-19 | 2021-01-22 |
| CVE-2021-22850 json | HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privil... | 9.8 - CRITICAL | 2021-01-19 | 2022-10-25 |
| CVE-2021-22848 json | HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL paramet... | 9.8 - CRITICAL | 2021-03-18 | 2021-03-23 |
| CVE-2020-35851 json | HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inje... | 9.8 - CRITICAL | 2020-12-31 | 2021-01-07 |
| CVE-2020-35743 json | HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific... | 7.6 - HIGH | 2020-12-31 | 2021-01-07 |
| CVE-2020-35742 json | HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter... | 7.6 - HIGH | 2020-12-31 | 2021-01-07 |
| CVE-2020-35741 json | HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject J... | 6.1 - MEDIUM | 2020-12-31 | 2021-01-08 |
Known software with vulnerabilities from HGiga
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Hgiga | Oaklouds Ccm@il | - |
| Application | Hgiga | Oaklouds Openid | 2.0 |