Desktopalert Pingalert Application Server vulnerabilities
15 known vulnerabilities affecting desktopalert/pingalert_application_server.
Total CVEs
15
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH4MEDIUM5LOW3
Vulnerabilities
Page 1 of 1
CVE-2025-54339P2CRITICALCVSS 10.0≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54339 [CRITICAL] CWE-284 CVE-2025-54339: An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingA
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges.
nvd
CVE-2025-54347P2CRITICALCVSS 9.9≥ 6.1.0.11, < 6.1.1.62025-11-24
CVE-2025-54347 [CRITICAL] CWE-22 CVE-2025-54347: A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert v
A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions.
nvd
CVE-2025-54343P3CRITICALCVSS 9.6≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54343 [CRITICAL] CWE-284 CVE-2025-54343: An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingA
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges.
nvd
CVE-2025-54563P3HIGHCVSS 7.5≥ 6.1.0.11, < 6.1.1.62025-11-24
CVE-2025-54563 [HIGH] CWE-284 CVE-2025-54563: An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingA
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Incorrect Access Control, leading to Remote Information Disclosure.
nvd
CVE-2025-54338P3HIGHCVSS 7.5≥ 6.1.0.11, < 6.1.1.62025-11-24
CVE-2025-54338 [HIGH] CWE-284 CVE-2025-54338: An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingA
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to disclose user hashes.
nvd
CVE-2025-54345P3HIGHCVSS 7.5≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54345 [HIGH] CWE-200 CVE-2025-54345: An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2.
An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. Sensitive Information is exposed to an Unauthorized Actor.
nvd
CVE-2025-54346P4HIGHCVSS 7.6≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54346 [HIGH] CWE-80 CVE-2025-54346: A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop
A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.
nvd
CVE-2025-54341P4MEDIUMCVSS 5.3≥ 6.1.0.11, < 6.1.1.62025-11-24
CVE-2025-54341 [MEDIUM] CWE-798 CVE-2025-54341: A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values.
nvd
CVE-2025-54348P4MEDIUMCVSS 6.5≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54348 [MEDIUM] CWE-80 CVE-2025-54348: A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Ale
A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information.
nvd
CVE-2025-54561P4MEDIUMCVSS 4.3≥ 6.1.0.11, < 6.1.1.52025-11-14
CVE-2025-54561 [MEDIUM] CWE-284 CVE-2025-54561: An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingA
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote access to content despite lack of the correct permission through a Broken Authorization Schema.
nvd
CVE-2025-54562P4MEDIUMCVSS 4.3≥ 6.1.0.11, < 6.1.1.52025-11-14
CVE-2025-54562 [MEDIUM] CWE-209 CVE-2025-54562: A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Technical Information to be Disclosed through stack trace.
nvd
CVE-2025-54559P4LOWCVSS 3.7≥ 6.1.0.11, < 6.1.1.52025-11-14
CVE-2025-54559 [LOW] CWE-22 CVE-2025-54559: An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2
An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for loading arbitrary external content.
nvd
CVE-2025-54340P4MEDIUMCVSS 4.1≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54340 [MEDIUM] CWE-327 CVE-2025-54340: A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm.
nvd
CVE-2025-54560P4LOWCVSS 3.8≥ 6.1.0.11, < 6.1.1.52025-11-14
CVE-2025-54560 [LOW] CWE-918 CVE-2025-54560: A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert Pin
A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Probing of internal infrastructure.
nvd
CVE-2025-54342P4LOWCVSS 3.3≥ 6.1.0.11, < 6.1.1.42025-11-14
CVE-2025-54342 [LOW] CWE-312 CVE-2025-54342: A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is Exposure of Sensitive Information because of Incompatible Policies.
nvd