Aggregates CVE and security vulnerability intelligence across all desktopalert-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling, vendor risk cross-site scripting, and vendor risk ssrf and related problems; some flaws may lead to vendor impact file overwrite and vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-54563 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Incorrect Access Control, leading to Remote Information Disclosure. | [email protected] | 7.5 | 0.06% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54347 | A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions. | [email protected] | 9.9 | 0.30% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54341 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values. | [email protected] | 5.3 | 0.03% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54338 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to disclose user hashes. | [email protected] | 7.5 | 0.04% | 2025-11-24 | 2025-12-05 |
| CVE-2025-54562 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Technical Information to be Disclosed through stack trace. | [email protected] | 4.3 | 0.03% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54561 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote access to content despite lack of the correct permission through a Broken Authorization Schema. | [email protected] | 4.3 | 0.03% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54560 | A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Probing of internal infrastructure. | [email protected] | 3.8 | 0.02% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54559 | An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows remote Path Traversal for loading arbitrary external content. | [email protected] | 3.7 | 0.06% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54348 | A Stored Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information. | [email protected] | 6.5 | 0.03% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54346 | A Reflected Cross Site Scripting (XSS) vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to hijack user’s browser, capturing sensitive information. | [email protected] | 7.6 | 0.05% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54345 | An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. Sensitive Information is exposed to an Unauthorized Actor. | [email protected] | 7.5 | 0.05% | 2025-11-14 | 2025-11-20 |
| CVE-2025-54343 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges. | [email protected] | 9.6 | 0.03% | 2025-11-14 | 2025-11-19 |
| CVE-2025-54342 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is Exposure of Sensitive Information because of Incompatible Policies. | [email protected] | 3.3 | 0.01% | 2025-11-14 | 2025-11-19 |
| CVE-2025-54340 | A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There is a Broken or Risky Cryptographic Algorithm. | [email protected] | 4.1 | 0.01% | 2025-11-14 | 2025-11-19 |
| CVE-2025-54339 | An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges. | [email protected] | 10.0 | 0.06% | 2025-11-14 | 2025-11-19 |