Lucene search
K

44 matches found

Cvelist
Cvelist
added 2021/09/30 10:40 a.m.19 views

CVE-2021-41292 ECOA BAS controller - Broken Authentication

ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can remotely bypass authentication and disclose sensitive information and circumvent physical access controls in smart homes and buildings and manipulate HVAC...

9.8CVSS9.7AI score0.01134EPSS
Exploits1References1
CVE
CVE
added 2021/09/30 10:40 a.m.57 views

CVE-2021-41292

CVE-2021-41292 affects ECOA Building Automation System components (e.g., ECOA ECS Router Controller ECS (FLASH), RiskBuster Terminator E6L45, RB 3.0.0, TRANE 1.0, and related ECOA software). Root cause is an authentication bypass via cookie poisoning, enabling an unauthenticated attacker to bypas...

9.8CVSS9.2AI score0.01134EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2021/09/15 12:0 a.m.14 views

Siemens Desigo CC Series CCOM Communication Component Deserialization Vulnerability

Cerberus DMS is a hazard management station that helps users manage fire safety and security incidents.Desigo CC is an integrated building management platform for managing high-performance buildings.Desigo CC Compact expands the portfolio with solutions tailored for small and medium-sized...

10CVSS9.8AI score0.0189EPSS
Exploits0References1
0day.today
0day.today
added 2021/08/16 12:0 a.m.209 views

COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Vulnerability

Exploit Title: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Biometric Access Control System 1.0.0 Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected...

0.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/08/15 12:0 a.m.477 views

COMMAX Biometric Access Control System 1.0.0 Authentication Bypass

Summary Biometric access control system. Description The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/11/25 7:0 p.m.49 views

Go inside the new Azure Defender for IoT including CyberX

In 2020, the move toward digital transformation and Industry 4.0 took on new urgency with manufacturing and other critical infrastructure sectors under pressure to increase operational efficiency and reduce costs. But the cybersecurity model for operational technology OT was already shown to be...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2020/11/25 7:0 p.m.50 views

Go inside the new Azure Defender for IoT including CyberX

In 2020, the move toward digital transformation and Industry 4.0 took on new urgency with manufacturing and other critical infrastructure sectors under pressure to increase operational efficiency and reduce costs. But the cybersecurity model for operational technology OT was already shown to be...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2019/03/09 1:0 p.m.132 views

RSA Conference 2019: The Expanding Automation Platform Attack Surface

SAN FRANCISCO – Automation platforms are increasingly being used to chain multiple IoT devices together to create user-friendly smart applications – but that’s also creating unpredictable attack surfaces that can be hard to manage. A Trend Micro report released at RSA Conference 2019 warns that...

6.8AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/08/14 9:36 a.m.11 views

historicbuildings.unl.edu XSS vulnerability

Open Bug Bounty ID: OBB-664109 Description| Value ---|--- Affected Website:| historicbuildings.unl.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
exploitpack
exploitpack
added 2016/03/03 12:0 a.m.78 views

Schneider Electric SBO AS - Multiple Vulnerabilities

Schneider Electric SBO AS - Multiple Vulnerabilities Exploit Title: Schneider Electric SBO / AS Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.schneider-electric.com Versions Reported: Automation Server Series AS, AS-P, v1.7 and prior CVE-ID: CVE-2016-2278 About...

9CVSS0.4AI score0.13426EPSS
Exploits7
OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.16 views

Fedora Update for bomber FEDORA-2013-13499

Check for the Version of bomber OpenVAS Vulnerability Test Fedora Update for bomber FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

7.5CVSS8.1AI score0.04412EPSS
Exploits1References2
Fedora
Fedora
added 2013/07/24 3:33 a.m.37 views

[SECURITY] Fedora 18 Update: bomber-4.10.5-1.fc18

Bomber is a single player arcade game. The player is invading various cities in a plane that is decreasing in height. The goal of the game is to destroy all the buildings and advance to the next level. Each level gets a harder by increasing the speed of the plane and the height of the buildings...

7.5CVSS0.7AI score0.04412EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/06/13 12:0 a.m.12 views

Fedora Update for bomber FEDORA-2013-10130

Check for the Version of bomber OpenVAS Vulnerability Test Fedora Update for bomber FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

9.2AI score0.00558EPSS
Exploits1References2
Fedora
Fedora
added 2013/06/12 2:34 a.m.24 views

[SECURITY] Fedora 18 Update: bomber-4.10.4-1.fc18

Bomber is a single player arcade game. The player is invading various cities in a plane that is decreasing in height. The goal of the game is to destroy all the buildings and advance to the next level. Each level gets a harder by increasing the speed of the plane and the height of the buildings...

8.4CVSS0.7AI score0.00558EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/05/21 12:0 a.m.12 views

Microsoft Windows ActiveX Control Multiple Vulnerabilities (2820197)

This script will list all the vulnerable activex controls installed on the remote windows machine with references and cause. OpenVAS Vulnerability Test $Id: gbmswindowsactivexcontrolmultvulnmay13.nasl 7172 2017-09-18 11:07:34Z cfischer $ Microsoft Windows ActiveX Control Multiple Vulnerabilities...

0.9AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2013/02/24 11:48 a.m.2 views

CVE-2013-0108

An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator EBI R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager aka CPO-M Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code vi...

6.8CVSS6.2AI score0.26639EPSS
Exploits9References3
NVD
NVD
added 2009/08/20 5:30 p.m.20 views

CVE-2009-2885

SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter...

7.5CVSS8.4AI score0.00993EPSS
Exploits1References4
NVD
NVD
added 2009/08/20 5:30 p.m.21 views

CVE-2009-2884

Cross-site scripting XSS vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter...

4.3CVSS5.8AI score0.01498EPSS
Exploits1References4
Prion
Prion
added 2009/08/20 5:30 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter...

4.3CVSS6.2AI score0.01498EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/08/20 5:0 p.m.22 views

CVE-2009-2884

Cross-site scripting XSS vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter...

5.8AI score0.01498EPSS
Exploits1References4
Rows per page
Query Builder