Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Keysight Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36853 1 Keysight 1 Geolocation Server 2023-07-27 N/A 7.8 HIGH
?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges.
CVE-2023-34394 1 Keysight 1 Geolocation Server 2023-07-27 N/A 7.8 HIGH
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition.
CVE-2022-1660 1 Keysight 4 N6841a Rf, N6841a Rf Firmware, N6854a and 1 more 2022-06-09 10.0 HIGH 9.8 CRITICAL
The affected products are vulnerable of untrusted data due to deserialization without prior authorization/authentication, which may allow an attacker to remotely execute arbitrary code.
CVE-2022-1661 1 Keysight 4 N6841a Rf, N6841a Rf Firmware, N6854a and 1 more 2022-06-09 5.0 MEDIUM 7.5 HIGH
The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files.
CVE-2020-35121 1 Keysight 1 Database Connector 2021-07-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.
CVE-2020-35122 1 Keysight 1 Keysight Database Connector 2020-12-17 4.0 MEDIUM 7.5 HIGH
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could bypass the access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection.