DesktopalertCVEs & Vulnerabilities

15 CVEs affecting Desktopalert products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

pingalert application server 15
CVE-2025-54563HIGH

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Incorrect Access Control, leading to Remote Information Disclosure.

25 Nov 2025
7.5
CVSS
CVE-2025-54347CRITICAL

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions.

25 Nov 2025
9.9
CVSS
CVE-2025-54341MEDIUM

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values.

25 Nov 2025
5.3
CVSS
CVE-2025-54338HIGH

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to disclose user hashes.

25 Nov 2025
7.5
CVSS
CVE-2025-54562MEDIUM

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Technical Information to be Disclosed through stack trace.

14 Nov 2025
4.3
CVSS
CVE-2025-54561MEDIUM

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote access to content despite lack of the correct permission through a Broken Authorization Schema.

14 Nov 2025
4.3
CVSS
CVE-2025-54560LOW

A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Probing of internal infrastructure.

14 Nov 2025
3.8
CVSS
CVE-2025-54559LOW

An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for loading arbitrary external content.

14 Nov 2025
3.7
CVSS
CVE-2025-54348MEDIUM

A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.

14 Nov 2025
6.5
CVSS
CVE-2025-54346HIGH

A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.

14 Nov 2025
7.6
CVSS
CVE-2025-54345HIGH

An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. Sensitive Information is exposed to an Unauthorized Actor.

14 Nov 2025
7.5
CVSS
CVE-2025-54343CRITICAL

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges.

14 Nov 2025
9.6
CVSS
CVE-2025-54342LOW

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is Exposure of Sensitive Information because of Incompatible Policies.

14 Nov 2025
3.3
CVSS
CVE-2025-54340MEDIUM

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm.

14 Nov 2025
4.1
CVSS
CVE-2025-54339CRITICAL

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges.

14 Nov 2025
10.0
CVSS
← PrevPage 1 / 1Next →