Lucene search
K

869 matches found

OSV
OSV
added 2023/10/10 11:15 a.m.2 views

CVE-2023-38640

A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...

4.4CVSS5.7AI score0.00149EPSS
Exploits0References2
NVD
NVD
added 2023/10/10 11:15 a.m.19 views

CVE-2023-35796

A vulnerability has been identified in SINEMA Server V14 All versions. The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting XSS attack that may lead...

9CVSS8.2AI score0.00594EPSS
Exploits0References1
Prion
Prion
added 2023/10/10 11:15 a.m.12 views

Design/Logic Flaw

A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...

3.2CVSS4.3AI score0.00149EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/10 10:21 a.m.13 views

CVE-2023-38640

A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...

6.6CVSS6.2AI score0.00149EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/10 10:21 a.m.21 views

CVE-2023-38640

A vulnerability has been identified in SICAM PAS/PQS All versions = V8.00 V8.22. The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the applicatio...

6.6CVSS6.2AI score0.00149EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.3 views

Siemens SICAM PAS/PQS 安全漏洞

Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. Siemens SICAM PAS/PQS suffers from an incorrect privilege assignment vulnerability that can be exploited by an attacker to read and modify configuration data in the context of an...

6.6CVSS6.8AI score0.00149EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.4 views

Siemens SINEC NMS 跨站脚本漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A cross-site scripting vulnerability exists in the Siemens SINEC NMS...

5.4CVSS6AI score0.00296EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.4 views

PT-2023-7123 · Siemens · Sinema Server

Name of the Vulnerable Software and Affected Versions: SINEMA Server V14 All versions Description: A vulnerability has been identified in the SINEMA Server application, where it improperly sanitizes certain SNMP configuration data retrieved from monitored devices. This could allow an attacker wit...

10CVSS8.8AI score0.00594EPSS
Exploits0References5
OSV
OSV
added 2023/09/05 5:15 p.m.5 views

CVE-2023-34317

An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to...

6.5CVSS5.8AI score0.00758EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/09/05 12:0 a.m.5 views

PT-2023-24809 · Open Automation · Open Automation Software Oas Platform

Name of the Vulnerable Software and Affected Versions: Open Automation Software OAS Platform version 18.00.0072 Description: An improper input validation vulnerability exists in the OAS Engine User Creation functionality. A specially crafted series of network requests can lead to unexpected data ...

6.5CVSS7.6AI score0.00758EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/09/05 12:0 a.m.5 views

Open Automation Software OAS Platform Input Validation Error Vulnerability

Open Automation Software OAS Platform is an Industrial Internet of Things IoT suite from US-based Open Automation Software, Inc. Designed to help organizations connect data sources to the OAS Platform. An input validation error vulnerability exists in Open Automation Software OAS Platform version...

6.5CVSS6.7AI score0.00758EPSS
Exploits1References3
Citrix
Citrix
added 2023/08/23 12:0 a.m.7 views

"Failed to convert Boot Configuration Data. The system cannot find the file specified. (0x00000002)"

Attemtpting to run P2pvs and get error "Failed to convert Boot Configuration Data. The system cannot find the file specified. 0x00000002" Followed https://support.citrix.com/article/CTX202159 and still same issue...

7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2023/08/15 12:0 a.m.52 views

Schneider Electric EcoStruxure Operator Terminal Expert VXDZ File Parsing Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Operator Terminal Expert. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...

7.8CVSS7AI score0.00597EPSS
Exploits0References2
OSV
OSV
added 2023/07/13 12:15 p.m.5 views

CVE-2023-25948

Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning...

7.5CVSS5.8AI score0.00476EPSS
Exploits0References1
NVD
NVD
added 2023/07/13 12:15 p.m.12 views

CVE-2023-25948

Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning...

7.5CVSS0.00476EPSS
Exploits0References1
Prion
Prion
added 2023/07/13 12:15 p.m.20 views

Information disclosure

Server information leak of configuration data when an error is generated in response to a specially crafted message...

5CVSS7.7AI score0.00476EPSS
Exploits0References1Affected Software4
Vulnrichment
Vulnrichment
added 2023/07/13 11:9 a.m.9 views

CVE-2023-25948 Server Data type confusion - info leak

Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning...

7.5CVSS6.8AI score0.00476EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/13 11:9 a.m.24 views

CVE-2023-25948 Server Data type confusion - info leak

Server information leak of configuration data when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning...

7.5CVSS7.6AI score0.00476EPSS
Exploits0References1
CVE
CVE
added 2023/07/13 11:9 a.m.85 views

CVE-2023-25948

CVE-2023-25948 corresponds to a server information leak of configuration data triggered by errors in response to specially crafted messages for Honeywell Experion PKS, LX, and PlantCruise. Affected products involve Honeywell’s Experion PKS/LX/PlantCruise platforms with root cause described as inf...

7.5CVSS7.5AI score0.00476EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/13 12:0 a.m.4 views

PT-2023-3882 · Honeywell · Honeywell Experion Pks +2

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS affected versions not specified Honeywell Experion LX affected versions not specified Experion PlantCruise affected versions not specified Description: The issue is related to a server information leak of configuration...

10CVSS6.6AI score0.00476EPSS
Exploits0References10
Rows per page
Query Builder