1568 matches found
CVE-2013-1170
The Cisco Prime Network Control System NCS appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service service disruption via unspecified vectors, aka Bug ID...
CVE-2010-2987
Multiple cross-site scripting XSS vulnerabilities in Cisco Wireless Control System WCS 7.x before 7.0.164, as used in Cisco Unified Wireless Network UWN Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854...
CVE-2012-5990
Multiple cross-site scripting XSS vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System NCS and Wireless Control System WCS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375...
CVE-2013-3428
The web interface in Cisco Secure Access Control System ACS does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957...
CVE-2005-3002
Multi-Computer Control System MCCS 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet...
Schneider Electric EcoStruxure Power Build Rapsody
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
Moderate: Red Hat Security Advisory: git security update
An update for git is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 9 : git (RHSA-2025:7641)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7641 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-serve...
Siemens Siveillance Video
SUMMARY The installer of Siveillance Video V2024 R1 resets the system configuration password when updating from older versions of Siveillance Video. This could inadvertently remove the password protection from system configuration files, also affecting backup data sets that were created after...
Schneider Electric Modicon Controllers (Update B)
GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...
Siemens Mendix OIDC SSO
SUMMARY The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released a new version for Mendix OIDC SSO and recommends to update...
ALSA-2025:7409 Moderate: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...
Siemens SCALANCE LPE9403
SUMMARY SCALANCE LPE9403 is affected by multiple vulnerabilities which lead to a compromise in availability, integrity and confidentiality. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available. 2. GENERAL RECOMMENDATIONS...
Siemens Teamcenter Visualization
SUMMARY Siemens Teamcenter Visualization contains a out-of-bound read vulnerability that could be triggered when the application reads files in WRL format. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to crash or potentially...
Siemens SiPass Integrated
SUMMARY SiPass integrated versions before V2.95.3.18 contain an out of bounds read vulnerability that could allow an unauthenticated remote attacker to create a denial of service condition. Siemens has released a new version for SiPass integrated and recommends to update to the latest version...
Siemens VersiCharge AC Series EV Chargers
SUMMARY VersiCharge AC Series EV Chargers contain two vulnerabilities that could allow an attacker to gain control of the chargers through default Modbus port or execute arbitrary code by manipulating the M0 firmware. Siemens has released new versions for several affected products and recommends...
Horner Automation Cscape
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...
Hitachi Energy Asset Suite
SUMMARY Hitachi Energy is aware multiple vulnerabilities that affects the Asset Suite product versions listed below. If these vulnerabilities are successfully exploited by an attacker, it could have an impact on the confidentiality, integrity, or availability of the product. Please refer to the...
Delta Electronics ISPSoft
RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker executing arbitrary code. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network exposure for all...
CISA Releases Seven Industrial Control Systems Advisories
CISA released seven Industrial Control Systems ICS advisories on April 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-114-01 Schneider Electric Modicon Controllers ICSA-25-114-02 ALBEDO Telecom Net.Time -...