Published Advisories
The following is a list of all publicly disclosed vulnerabilities discovered by Security Risk Advisors researchers.
All security vulnerabilities that are acquired by Security Risk Advisors are handled according to the SRA Disclosure Policy.
After the vendor has issued a patch or fix publicly and is within the timeframe agreed upon, SRA will release a public advisory disclosing its findings along with a timeframe from disclosure to advisory publish.
| Name | CVE ID | Vulnerability Type | Affects |
|---|---|---|---|
| Brivo Access Control Systems | CVE-2023-6259 | Local Access to Sensitive Data | Models ACS100, ACS300. Models ACS6000 and ACSSDC may also be affected. |
| Brivo Access Control Systems | CVE-2023-6260 | Web UI OS Command Injection | Versions from 5.2.4 but before 6.2.4.3. Versions prior to 5.2.4 may also be affected. |
| Quest Coexistence Manager for Notes | CVE-2025-12874 | HTTP Request Smuggling in Quest Coexistence Manager for Notes | Quest Coexistence Manager for Notes 3.8.2045 |
| Milner ImageDirector Capture | CVE-2025-58740 | Hardcoded Encryption Key Enables Database Credential Access in Milner ImageDirector | Milner ImageDirector Capture from 7.0.9 but before 7.6.3.25808. Versions prior to 7.0.9 may also be affected. |
| Milner ImageDirector Capture | CVE-2025-58741 | Insecure Masked Credential Fields Enable Database Credential Access in Milner ImageDirector Capture | Milner ImageDirector Capture from 7.0.9 but before 7.6.3.25808. Versions prior to 7.0.9 may also be affected. |
| Milner ImageDirector Capture | CVE-2025-58742 | Insufficient Configuration Protections Enable Database Credential Interception in Milner ImageDirector Capture | Milner ImageDirector Capture from 7.0.9 but before 7.6.3.25808. Versions prior to 7.0.9 may also be affected. |
| Milner ImageDirector Capture | CVE-2025-58743 | Insecure Encryption Algorithm Enables Brute-Force of Database Credentials in Milner ImageDirector Capture | Milner ImageDirector Capture from 7.0.9 but before 7.6.3.25808. Versions prior to 7.0.9 may also be affected. |
| Milner ImageDirector Capture | CVE-2025-58744 | Hard-Coded Default Credentials Enable Document Archive Decryption in Milner ImageDirector Capture | Milner ImageDirector Capture from 7.0.9 but before 7.6.3.25808. Versions prior to 7.0.9 may also be affected. |