Axxonsoft Axxonone C-werk
7 CVEs affecting Axxonsoft Axxonone C-werk. Latest disclosed: 2025-09-10. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-10226 | Critical | 9.8 | 2025-09-10 | Dependency on Vulnerable Third-Party Component (CWE-1395) in the PostgreSQL backend in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier on Windows and Linux allo… |
CVE-2025-10220 | Critical | 9.8 | 2025-09-10 | Use of Unmaintained Third Party Components (CWE-1104) in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a rem… |
CVE-2025-10225 | High | 7.5 | 2025-09-10 | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One (C-Werk) 2.0.6 and… |
CVE-2025-10224 | Medium | 5.4 | 2025-09-10 | Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One (C-Werk) 2.0.2 and earlier on Windows allows a remote authenticated… |
CVE-2025-10223 | Medium | 5.4 | 2025-09-10 | Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticat… |
CVE-2025-10227 | Medium | 4.6 | 2025-09-10 | Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a loca… |
CVE-2025-10222 | Low | 3.3 | 2025-09-10 | Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump component in AxxonSoft Axxon One VMS (C-Werk) 2.0.0 through 2.0.1 o… |