Lucene search
K

92 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-46949

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00251EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/13 12:0 a.m.4 views

B&R Automation Runtime Improper Neutralization of Input During Web Page Generation (CVE-2023-6028)

A reflected cross-site scripting XSS vulnerability exists in the SVG version of System Diagnostics Manager of B&R Automation Runtime versions = G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user's browser session. This plugin only works...

6.1CVSS6.2AI score0.00368EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/13 12:0 a.m.3 views

B&R Automation Runtime Missing Release of Memory after Effective Lifetime (CVE-2020-11637)

A memory leak in the TFTP service in B&R Automation Runtime versions N4.26, N4.34, F4.45, E4.53, D4.63, A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service DoS condition. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.3AI score0.01092EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/13 12:0 a.m.4 views

B&R Automation Runtime Use of a Broken or Risky Cryptographic Algorithm (CVE-2024-8603)

B&R Automation Runtime and B&R mapp View generates self-signed certificates during the boot-up process if no certificates have been configured in the B&R Automation Studio project. These certificates are signed using an algorithm, which is no longer considered to be secure. This plugin only works...

8.2CVSS5.9AI score0.00325EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.10 views

CVE-2023-6028

A reflected cross-site scripting XSS vulnerability exists in the SVG version of System Diagnostics Manager of B Automation Runtime versions = G4.93 that enables a remote attacker to execute arbitrary JavaScript code in the context of the attacked user’s browser session...

6.1CVSS5.9AI score0.00368EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:48 a.m.16 views

CVE-2022-4286

A reflected cross-site scripting XSS vulnerability exists in System Diagnostics Manager of B Automation Runtime versions =3.00 and =C4.93 that enables a remote attacker to execute arbitrary JavaScript in the context of the users browser session...

6.1CVSS5.9AI score0.00564EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.7 views

The vulnerability of the implementations of TLS and SSL protocols in the B&R Automation Runtime and B&R mapp View software for managing and controlling industrial processes allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the TLS and SSL protocol implementations in B&R Automation Runtime and B&R mapp View software for process control and management involves the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to compromis...

7.8CVSS5.5AI score0.00325EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2025/01/15 4:15 p.m.7 views

CVE-2024-8603

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices...

8.2CVSS0.00325EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/15 3:31 p.m.5 views

CVE-2024-8603

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices...

8.2CVSS7.2AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/15 3:31 p.m.13 views

CVE-2024-8603

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices...

8.2CVSS0.00325EPSS
Exploits0References1
CVE
CVE
added 2025/01/15 3:31 p.m.41 views

CVE-2024-8603

CVE-2024-8603 affects B&R Automation Runtime and B&R mapp View versions prior to 6.1, where the SSL/TLS component uses a broken or risky cryptographic algorithm. Unauthenticated network-based attackers may masquerade as services on impacted devices. Multiple sources (NVD/NCSA advisory references ...

8.2CVSS7AI score0.00325EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.4 views

B&R Automation Runtime 加密问题漏洞

B&R Automation Runtime is an automation runtime from B&R Automation. An encryption issue vulnerability exists in B&R Automation Runtime versions prior to 6.1 and B&R mapp View versions prior to 6.1, which stems from the use of corrupt or risky encryption algorithms...

8.2CVSS6.6AI score0.00325EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/15 12:0 a.m.5 views

PT-2025-3702 · B&R · B&R Automation Runtime +1

Name of the Vulnerable Software and Affected Versions: B&R Automation Runtime versions prior to 6.1 B&R mapp View versions prior to 6.1 Description: A "Use of a Broken or Risky Cryptographic Algorithm" issue in the SSL/TLS component may be exploited by unauthenticated network-based attackers to...

8.2CVSS7.3AI score0.00325EPSS
Exploits0References8
NVD
NVD
added 2024/08/12 1:38 p.m.20 views

CVE-2024-5800

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication...

8.3CVSS0.00252EPSS
Exploits0References1
NVD
NVD
added 2024/08/12 1:38 p.m.13 views

CVE-2024-5801

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering...

5.3CVSS0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/10 3:52 a.m.32 views

CVE-2024-5801 IP Forwarding enabled in B&R Automation Runtime

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering...

5.3CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2024/08/10 3:52 a.m.56 views

CVE-2024-5801

CVE-2024-5801 affects B&R Automation Runtime; enabling IP Forwarding in versions before 6.0.2 may allow remote attackers to route IP packets through the host, potentially bypassing firewall/NAC filtering. Base score 5.3 (MEDIUM). Remediation: upgrade to 6.0.2 or later. Exploitation details are no...

5.3CVSS6.7AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/10 3:52 a.m.21 views

CVE-2024-5801 IP Forwarding enabled in B&R Automation Runtime

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote attack-ers to compromise network security by routing IP-based packets through the host, potentially by-passing firewall, router, or NAC filtering...

5.3CVSS7.1AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/10 3:50 a.m.23 views

CVE-2024-5800 Diffie-Hellman groups with insufficient strength used in SSL/TLS stack of B&R Automation Runtime

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation Runtime versions before 6.0.2, allowing a network attacker to decrypt the SSL/TLS communication...

8.3CVSS0.00252EPSS
Exploits0References1
CVE
CVE
added 2024/08/10 3:50 a.m.64 views

CVE-2024-5800

CVE-2024-5800 affects B&R Automation Runtime: Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack in versions before 6.0.2, enabling a network attacker to decrypt traffic. The vulnerability is tied to weak DH parameters in the TLS implementation, with impact limited to ...

8.3CVSS6.4AI score0.00252EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder