Lucene search
K

111 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-9435

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00648EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-9427

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00376EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-35001

Malicious code in bioql PyPI...

8.6CVSS8.6AI score0.01035EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9426

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00166EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9428

Malicious code in bioql PyPI...

8.3CVSS7.6AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.7 views

CVE-2019-19101

A missing secure communication definition and an incomplete TLS validation in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.5SP, 4.6.4 and 4.7.2 enable unauthenticated users to perform MITM attacks via the B upgrade server...

6.5CVSS6.9AI score0.00515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:24 a.m.10 views

CVE-2019-19102

A directory traversal vulnerability in SharpZipLib used in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x and 4.2.x allow unauthenticated users to write to certain local directories. The vulnerability is also known as zip slip...

7.5CVSS6.9AI score0.01246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:12 p.m.6 views

CVE-2019-19100

A privilege escalation vulnerability in the upgrade service in B Automation Studio versions 4.0.x, 4.1.x, 4.2.x, 4.3.11SP, 4.4.9SP, 4.5.4SP, . 4.6.3SP, 4.7.2 and 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface...

7.5CVSS7AI score0.00262EPSS
Exploits0References1
NVD
NVD
added 2024/12/02 9:15 a.m.36 views

CVE-2024-10490

An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an...

8.4CVSS0.00469EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 8:46 a.m.57 views

CVE-2024-10490

The CVE-2024-10490 issue affects B&R mapp Cockpit, View, Services, Motion, and Vision prior to version 6.0, due to an Authentication Bypass in the OPC UA Server configuration. The root cause is an authentication bypass that can be triggered by an unauthenticated network-based attacker, potentiall...

8.4CVSS6.6AI score0.00469EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/04 12:48 p.m.15 views

Security Bulletin: Vulnerability affect IBM Business Automation Workflow - CVE-2024-37528

Summary IBM Business Automation Workflow Center is vulnerable to a Cross.Site Scripting attack. Vulnerability Details CVEID:CVE-2024-37528 DESCRIPTION: IBM CP4BA - Business Automation Studio Component is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed...

5.4CVSS5.3AI score0.00259EPSS
Exploits0Affected Software2
NVD
NVD
added 2024/05/14 8:15 p.m.20 views

CVE-2021-22280

Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 8:15 p.m.4 views

CVE-2021-22280

Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

7.2CVSS5.9AI score0.00166EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 7:36 p.m.50 views

CVE-2021-22280

CVE-2021-22280 крат: B&R Automation Studio versions 4.0–4.11 suffer from improper DLL loading, enabling an authenticated local attacker to execute code in the product context. The issue is confirmed across multiple sources (PT-2024-10875, Red Hat/NVD records). Impact is local code execution with ...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/14 7:36 p.m.12 views

CVE-2021-22280 DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions =4.0 and 4.12 may allow an authenticated local attacker to execute code in the context of the product...

7.2CVSS7AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

B&R Industrial Automation Studio 安全漏洞

B&R Industrial Automation Studio is a suite of integrated development environments IDEs from B&R Industrial Automation, an Austrian company that develops and programs its automation solutions. A security vulnerability exists in B&R Industrial Automation Studio versions prior to 4.12 that stems fr...

7.2CVSS6.9AI score0.00166EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.4 views

PT-2024-10875 · B&R · Automation Studio

Name of the Vulnerable Software and Affected Versions: B&R Automation Studio versions 4.0 through 4.11 Description: The issue is related to improper DLL loading algorithms, which may allow an authenticated local attacker to execute code in the context of the product with elevated privileges...

7.2CVSS7.3AI score0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/02/22 10:15 a.m.34 views

CVE-2024-0220 B&R products use insufficient communication encryption

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data...

8.3CVSS8.7AI score0.00364EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/22 10:15 a.m.11 views

CVE-2024-0220 B&R products use insufficient communication encryption

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data...

8.3CVSS7.7AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2024/02/22 10:15 a.m.93 views

CVE-2024-0220

Affected software: B&R Automation Studio Upgrade Service and B&R Technology Guarding. Issue: insufficient cryptography in communications with upgrade and licensing servers, enabling a network attacker to potentially execute arbitrary code or sniff sensitive data. Root cause: cryptographic weaknes...

8.3CVSS8.6AI score0.00364EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder