Lucene search
K

860 matches found

Cvelist
Cvelist
added 2023/08/22 12:0 a.m.20 views

CVE-2020-22628

Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp...

6.5AI score0.00681EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/22 12:0 a.m.13 views

CVE-2020-22628

Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp...

6.8AI score0.00681EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2023/07/26 6:21 a.m.13 views

chrisimmo.fr Cross Site Scripting vulnerability OBB-3550968

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.3 views

Vulnerability of microprogramming software in embedded network control controllers of building management systems like ASPECT Enterprise, NEXUS Series, and MATRIX Series, due to insufficient validation of input data, allows intruders to execute arbitrary codes.

The vulnerability of microprogrammed software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.0136EPSS
Exploits2References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/06/06 12:0 a.m.6 views

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series systems relates to insecure privilege management, allowing attackers to elevate their privileges to the root level.

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series buildings is related to insecure privilege management. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...

7.8CVSS7.7AI score0.00374EPSS
Exploits0References2Affected Software4
OSV
OSV
added 2023/06/05 4:15 a.m.4 views

CVE-2023-0636

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

9.8CVSS5.8AI score0.0136EPSS
Exploits2References1
NVD
NVD
added 2023/06/05 4:15 a.m.31 views

CVE-2023-0636

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

9.8CVSS7.7AI score0.0136EPSS
Exploits2References1
OSV
OSV
added 2023/06/05 4:15 a.m.2 views

CVE-2023-0635

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

9.8CVSS5.8AI score0.00374EPSS
Exploits0References1
NVD
NVD
added 2023/06/05 4:15 a.m.17 views

CVE-2023-0635

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

9.8CVSS8.2AI score0.00374EPSS
Exploits0References1
Prion
Prion
added 2023/06/05 4:15 a.m.22 views

Input validation

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.5CVSS9.4AI score0.0136EPSS
Exploits2References1Affected Software19
Prion
Prion
added 2023/06/05 4:15 a.m.17 views

Privilege escalation

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.5CVSS9.3AI score0.00374EPSS
Exploits0References1Affected Software19
Cvelist
Cvelist
added 2023/06/05 3:45 a.m.34 views

CVE-2023-0636 Remote Code Execution via Command Injection

Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.2CVSS9.7AI score0.0136EPSS
Exploits2References1
CVE
CVE
added 2023/06/05 3:45 a.m.56 views

CVE-2023-0636

CVE-2023-0636 : ABB ASPECT family (ASPECT-Enterprise, NEXUS Series, MATRIX Series) suffers an improper input validation that enables command injection and remote code execution. Affected versions: ASPECT-Enterprise 3.0.0–3.07.0; NEXUS Series 3.0.0–3.07.0; MATRIX Series 3.0.0–3.07.1. Remediation: ...

9.8CVSS8.4AI score0.0136EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/05 3:42 a.m.9 views

CVE-2023-0635 Privilege escalation to root

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.8CVSS6.9AI score0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/05 3:42 a.m.19 views

CVE-2023-0635 Privilege escalation to root

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux 2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules, ABB Ltd. NEXUS Series on NEXUS Series, Linux 2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021,...

7.8CVSS9.6AI score0.00374EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.3 views

PT-2023-2999 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions 3.0;0 through 3.07.01 NEXUS Series versions 3.0;0 through 3.07.01 MATRIX Series versions 3.0;0 through 3.07.01 Description: The issue is related to improper privilege management, which can allow an attacker to...

9.8CVSS7.6AI score0.00374EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/06/05 12:0 a.m.4 views

ABB ASPECT 输入验证错误漏洞

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. An input validation error vulnerability exists in several ABB products, which stems from a vulnerability that allows an attacker to exploit components of the ASPECT interface to execute remote code...

9.8CVSS8.5AI score0.0136EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/06/05 12:0 a.m.4 views

ABB ASPECT 安全漏洞

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. A security vulnerability exists in several ABB products that stems from allowing privilege escalation. Affected products and versions: ABB ASPECT-Enterprise versions 3.0.0 through 3.07.01; NEXUS Series ...

9.8CVSS8.3AI score0.00374EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.5 views

PT-2023-3095 · Abb · Aspect-Enterprise Asp-Ent-X +19

Name of the Vulnerable Software and Affected Versions: ASPECT®-Enterprise versions 3.0;0 through 3.07.0 NEXUS Series versions 3.0;0 through 3.07.0 MATRIX Series versions 3.0;0 through 3.07.1 Description: The issue is related to improper input validation, which allows command injection. This can...

10CVSS8.5AI score0.0136EPSS
Exploits2References8
Spring Security Advisories
Spring Security Advisories
added 2023/01/31 12:0 a.m.19 views

This Week in Spring - January 31st, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm not going to spend too much time here in the preamble because a today's both my birthday and my late father's birthday and b I got the worst gift ever: COVID-19. Sigh. So, I'm going back to bed. Without further ado, let's...

Exploits0
Rows per page
Query Builder