Lucene search
K

158 matches found

OSV
OSV
added 2023/05/10 8:15 p.m.5 views

CVE-2023-31153

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL...

5.4CVSS6.1AI score0.00439EPSS
Exploits0References2
NVD
NVD
added 2023/05/10 8:15 p.m.20 views

CVE-2023-2310

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...

6.8CVSS6.6AI score0.005EPSS
Exploits0References1
OSV
OSV
added 2023/05/10 8:15 p.m.3 views

CVE-2023-31149

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details...

8.8CVSS7.5AI score0.01086EPSS
Exploits0References2
Prion
Prion
added 2023/05/10 8:15 p.m.13 views

Authentication flaw

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details...

6.5CVSS8.7AI score0.00355EPSS
Exploits0References2Affected Software10
Prion
Prion
added 2023/05/10 8:15 p.m.19 views

Design/Logic Flaw

A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller RTAC could allow a remote attacker to perform a man-in-the-middle MiTM that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction...

2.6CVSS5.4AI score0.005EPSS
Exploits0References1Affected Software10
Prion
Prion
added 2023/05/10 8:15 p.m.13 views

Input validation

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 f...

6.5CVSS8.4AI score0.00543EPSS
Exploits0References2Affected Software5
Prion
Prion
added 2023/05/10 8:15 p.m.13 views

Format string

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details...

4CVSS6.3AI score0.00473EPSS
Exploits0References2Affected Software10
CVE
CVE
added 2023/05/10 7:25 p.m.58 views

CVE-2023-31164

The CVE-2023-31164 entry concerns Schweitzer Engineering Laboratories RTAC Web Interface, where an improper neutralization of input during web page generation enables a cross-site scripting (XSS) flaw. The weakness could allow a remote authenticated attacker to inject and execute arbitrary script...

5.4CVSS5.3AI score0.00439EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/05/10 7:23 p.m.21 views

CVE-2023-31160 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS6AI score0.00439EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/10 7:22 p.m.9 views

CVE-2023-31157 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS7.4AI score0.00439EPSS
Exploits0References2
CVE
CVE
added 2023/05/10 7:22 p.m.44 views

CVE-2023-31157

Summary: CVE-2023-31157 affects Schweitzer Engineering Laboratories RTAC Web Interface, with an issue described as improper neutralization of input during web page generation (XSS). The vulnerability could allow a remote authenticated attacker to inject and execute arbitrary script code via the w...

5.4CVSS5.3AI score0.00439EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/05/10 7:22 p.m.22 views

CVE-2023-31157 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS5.9AI score0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/10 7:22 p.m.16 views

CVE-2023-31156 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS5.9AI score0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/10 7:22 p.m.19 views

CVE-2023-31155 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS5.9AI score0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/10 7:22 p.m.19 views

CVE-2023-31154 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL...

4.3CVSS5.9AI score0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/10 7:22 p.m.18 views

CVE-2023-31153 Improper Neutralization of Input During Web Page Generation

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL...

4.3CVSS5.9AI score0.00439EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/10 7:21 p.m.7 views

CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details...

4CVSS7.2AI score0.00355EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/10 7:21 p.m.16 views

CVE-2023-31152 Authentication Bypass Using an Alternate Path or Channel

An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details...

4CVSS9AI score0.00355EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/10 7:21 p.m.6 views

CVE-2023-31150 Storing Passwords in a Recoverable Format

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details...

8CVSS7.7AI score0.00473EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/10 7:20 p.m.16 views

CVE-2023-31149 Improper Input Validation in Web Interface

An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details...

9.1CVSS9AI score0.01086EPSS
Exploits0References2
Rows per page
Query Builder