ABB IRC5 Trust Management Issue Vulnerability

The ABB IRC5 is a robot control system. ABB IRC5 suffers from a trust management issue vulnerability that can be exploited by a remote attacker to submit a special request for unauthorized access to the system...

SAP Disclosure Management Code Issue Vulnerability (CNVD-2020-40777)

SAP Disclosure Management is an automated financial disclosure management system from SAP. The system provides a collaborative financial disclosure process across teams, geographies, systems and data sources. A code issue vulnerability exists in SAP Disclosure Management, which could be exploited...

SAP Disclosure Management Code Issue Vulnerability

SAP Disclosure Management is an automated financial disclosure management system from SAP. The system provides a collaborative financial disclosure process across teams, geographies, systems and data sources. A code issue vulnerability exists in SAP Disclosure Management. An attacker could exploi...

Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...

Unspecified Vulnerability in GitLab (CNVD-2021-19404)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in the mirroring logic in...

The vulnerability of the SCADA platform for remote oil and gas applications from Emerson’s OpenEnterprise, related to the improper implementation of authentication mechanisms, allows attackers to trigger a service failure.

The vulnerability of the SCADA platform for remote oil and gas applications from Emerson’s OpenEnterprise platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

GitLab Input Validation Error Vulnerability (CNVD-2021-31224)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An input validation error vulnerability exists in GitLab...

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the application being accessed; a buffer...

SWARCO CPU LS4000

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SWARCO TRAFFIC SYSTEMS Equipment: CPU LS4000 Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to the device and disturb...

The vulnerability of the ClientConnection::ReadString function in the VNC client component of the UltraVNC software, which is part of the monitoring, control, and remote maintenance module for commercial cold production equipment of TelevisGo, allows a perpetrator to execute arbitrary code.

The vulnerability of the ClientConnection::ReadString function in the VNC component of the UltraVNC software for remote desktop management systems, which is part of the monitoring, control, and remote maintenance module for commercial cold production equipment like TelevisGo, is related to a...

SQL Injection Vulnerability in Haiwell's Cloud SCADA Cloud Configuration Software

Haiwell Haiwell cloud configuration software Cloud SCADA is an industrial automation monitoring and management platform software developed by Xiamen Haiwell Technology Co. A SQL injection vulnerability exists in Haiwell Cloud SCADA, which can be exploited by an attacker to obtain sensitive...

CloudBees Jenkins CVS Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . CVS Plugin is used in one of the CVS...

Fedora: Security Advisory for git (FEDORA-2020-4e093619bb)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for git (FEDORA-2020-f6b3b6fb18)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Authorization Bypass Vulnerability in Configuration King Real-Time Database

Configuration King, i.e. Configuration King development monitoring system software, is a new type of industrial automatic control system, which replaces the traditional closed system with an integrated system composed of standard industrial computer software and hardware platforms. There is an...

Unnamed Vulnerability in GitLab

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions 10.8...

ABB System 800xA Base License Issue Vulnerability

ABB System 800xA Base is a distributed control system from ABB Switzerland for the industrial control industry. An authorization issue vulnerability exists in ABB System 800xA Base. An attacker could use this vulnerability to read and modify registry settings related to control system...

CVE-2020-8474

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...

Design/Logic Flaw

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...

CVE-2020-8474

CVE-2020-8474 concerns ABB System 800xA Base, where an incorrect permission assignment allows low-privilege users to read/modify registry settings that control system functionality. The vulnerability can be exploited by an authenticated user with local access to cause system functions to stop or ...