Every CVE whose affected-product data names Sysax Multi Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2012-10060 — CVSS 9.8 (critical): Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an…
CVE-2023-54337 — CVSS 9.1 (critical): Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the…
CVE-2009-4790 — CVSS 9.0 (critical): Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files…
CVE-2020-13229 — CVSS 8.8 (high): An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is…
CVE-2013-10065 — CVSS 7.5 (high): A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A specially crafted SSH key exchange packet…
CVE-2024-53458 — CVSS 7.5 (high): Sysax Multi Server 6.99 is vulnerable to a denial of service (DoS) condition when processing specially crafted SSH packets.
CVE-2012-6530 — CVSS 7.1 (high): Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create…
CVE-2020-23574 — CVSS 6.5 (medium): When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm…
CVE-2020-13228 — CVSS 6.1 (medium): An issue was discovered in Sysax Multi Server 6.90. There is reflected XSS via the /scgi sid parameter.
CVE-2020-13227 — CVSS 5.3 (medium): An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by…
CVE-2009-4800 — CVSS 4.0 (medium): Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..//…