PT-2023-24228 · Idemia · Morphowave Compact/Xp +11

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The Parameter Zone Read and Parameter Zone Write command handlers are affected, allowing a Stack buffer overflow. This could potentially lead to Remote...

PT-2023-24232 · Idemia · Morphowave Compact/Xp +11

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises when handling contactless cards, specifically due to the usage of a function that does not check the boundary on the data received whil...

VulnCheck KEV: CVE-2023-29919

SolarView Compact = 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted...

CVE-2023-48238 JWT Algorithm Confusion in json-web-token library

joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens JWT which are a compact URL-safe means of representing claims to be transferred between two parties. Affected versions of the json-web-token library are vulnerable to a JWT algorithm confusion attack. On li...

VulnCheck KEV: CVE-2022-40881

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...

CVE-2023-46927

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gfisomusecompactsize gpac/src/isomedia/isomwrite.c:3403:3 in gpac/MP4Box...

DEBIAN-CVE-2023-46927

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gfisomusecompactsize gpac/src/isomedia/isomwrite.c:3403:3 in gpac/MP4Box...

UBUNTU-CVE-2023-46927

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gfisomusecompactsize gpac/src/isomedia/isomwrite.c:3403:3 in gpac/MP4Box...

PT-2023-6819 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev605-gfc9e29089-master Description: The issue is related to a heap-buffer-overflow in the gf isom use compact size function of the GPAC multimedia platform. This can be exploited to cause a denial of service. The...

CVE-2023-46509

An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component...

CVE-2023-46509

An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component...

Contec SolarView Compact Security Vulnerability

Contec SolarView Compact is an application system from Contec Japan. It provides a photovoltaic power measurement system. A security vulnerability exists in Contec SolarView Compact v.6.0 and earlier versions, which originated from a vulnerability that allows attackers to execute arbitrary code v...

PT-2023-6758 · Contec · Contec Solarview Compact

Name of the Vulnerable Software and Affected Versions: Contec SolarView Compact versions 6.0 and earlier Description: The issue is related to incorrect code generation management in the texteditor.php component of the Contec SolarView Compact software, which can allow an attacker to execute...

CVE-2023-46509

An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component...

CVE-2023-46509

CVE-2023-46509 affects Contec SolarView Compact 6.0 and earlier. The vulnerability is in the texteditor.php component due to incorrect code-generation management, enabling a remote attacker to execute arbitrary code. Impact is reported as arbitrary code execution; no exploit details are provided ...

Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass

Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100W, 500W...

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

Summary Since 1990 Electrolink has been dealing with design and manufacturing of advanced technologies for radio and television broadcasting. The most comprehensive products range includes: FM Transmitters, DAB Transmitters, TV Transmitters for analogue and digital multistandard operation, Bandpa...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47389)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Untrusted Pointer Dereference (CVE-2022-47393)

An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the CmpFileTransfer Component of multiple versions of multiple CODESYS products to force a denial-of-service situation. Wago PFC200 and Compact Controllers support...

Rockwell Automation LP30/40/50 and BM40 Operator Interface Improper Validation of Consistency Within Input (CVE-2022-47392)

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. Wago PFC200 and Compact Controllers...