desktopalert 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は パス処理の欠陥、vendor risk cross-site scripting, and vendor risk ssrf に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で ファイル上書き and vendor impact session compromise などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-54563 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Incorrect Access Control, leading to Remote Information Disclosure. | [email protected] | 7.5 | 0.06% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54347 | A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions. | [email protected] | 9.9 | 0.30% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54341 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values. | [email protected] | 5.3 | 0.03% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54338 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to disclose user hashes. | [email protected] | 7.5 | 0.04% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54562 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Technical Information to be Disclosed through stack trace. | [email protected] | 4.3 | 0.03% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54561 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote access to content despite lack of the correct permission through a Broken Authorization Schema. | [email protected] | 4.3 | 0.03% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54560 | A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Probing of internal infrastructure. | [email protected] | 3.8 | 0.02% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54559 | An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for loading arbitrary external content. | [email protected] | 3.7 | 0.06% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54348 | A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information. | [email protected] | 6.5 | 0.03% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54346 | A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information. | [email protected] | 7.6 | 0.05% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54345 | An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. Sensitive Information is exposed to an Unauthorized Actor. | [email protected] | 7.5 | 0.04% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54343 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges. | [email protected] | 9.6 | 0.03% | 2025-11-14 | 2025-11-19 |
| CVE-2025-54342 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is Exposure of Sensitive Information because of Incompatible Policies. | [email protected] | 3.3 | 0.01% | 2025-11-14 | 2025-11-19 |
| CVE-2025-54340 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm. | [email protected] | 4.1 | 0.01% | 2025-11-14 | 2025-11-19 |
| CVE-2025-54339 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges. | [email protected] | 10.0 | 0.06% | 2025-11-14 | 2025-11-19 |