IKS, EDS Security Vulnerabilities
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the...
8.8CVSS
9.2AI Score
0.001EPSS
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious...
6.1CVSS
6.5AI Score
0.001EPSS
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force...
9.8CVSS
9.4AI Score
0.002EPSS
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration...
7.5CVSS
7.5AI Score
0.001EPSS
Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code...
9.8CVSS
10AI Score
0.008EPSS
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the...
8.8CVSS
8.8AI Score
0.001EPSS
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device...
9.1CVSS
9.1AI Score
0.002EPSS
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the...
7.3AI Score
0.001EPSS
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious...
6AI Score
0.001EPSS
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration...
7.5AI Score
0.001EPSS
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device...
9.2AI Score
0.002EPSS
Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code...
10AI Score
0.008EPSS
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to...
6.2AI Score
0.001EPSS
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the...
8.9AI Score
0.001EPSS
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force...
9.6AI Score
0.002EPSS
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the...
9.4AI Score
0.002EPSS
Moxa IKS and EDS ICSA-19-057-01 Multiple Security Vulnerabilities
Description Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6....
0.7AI Score
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an...
6.5CVSS
7.2AI Score
0.003EPSS
-0.6AI Score
-0.8AI Score
0.003EPSS
Moxa Industrial Managed Switch Vulnerabilities
OVERVIEW Erwin Paternotte of Applied RiskApplied Risk Security Advisory AR2015001, Multiple Vulnerabilities in Moxa industrial manages switches, http://applied-risk.com/application/files/3414/4060/7148/Advisory_Moxa_Multiple_Vulnerabilities.pdf, web site last accessed September 3, 2015. has...
6AI Score
0.003EPSS
Rockwell Automation RSLinx Classic EDS Vulnerability (Update A)
OVERVIEW A buffer overflow vulnerability exists in the Rockwell Automation RSLinx Classic EDS Hardware Installation Tool (RSHWare.exe). This vulnerability is likely exploitable; however, significant user interaction would be required. AFFECTED PRODUCTS EDS Hardware Installation Tool Version...
7.8AI Score
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain...
9.8CVSS
6.6AI Score
0.009EPSS
advexplore.com XSS vulnerability
Open Bug Bounty ID: OBB-623494 Description| Value ---|--- Affected Website:| advexplore.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
-0.1AI Score
Open Bug Bounty ID: OBB-619607 Description| Value ---|--- Affected Website:| eversim.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
AI Score
mondadoristore.it XSS vulnerability
Open Bug Bounty ID: OBB-559580 Description| Value ---|--- Affected Website:| mondadoristore.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering...
9.8CVSS
9.2AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys...
7.5CVSS
7.5AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to...
7.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys...
7.5CVSS
7.5AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering...
9.8CVSS
9.4AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys...
7.5CVSS
7.5AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering...
9.8CVSS
9.3AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encryption method is based on a chall value that is sent in cleartext as a POST parameter. An attacker could reverse the password encryption algorithm to...
7.5AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no salt for password hashing. Indeed passwords are stored without being ciphered with a timestamped ciphering...
9.5AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image available on the MOXA website and could use them against a production switch that has the default keys...
7.5AI Score
0.002EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and...
5.3CVSS
5.3AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may...
7.5CVSS
7.4AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and...
5.3CVSS
5.3AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration...
4.8CVSS
4.9AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration...
4.8CVSS
4.8AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration...
4.8CVSS
4.8AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and...
5.3CVSS
5.4AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration...
4.9AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and...
5.3AI Score
0.001EPSS
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may...
7.5AI Score
0.001EPSS