2877 matches found
CVE-2020-7487
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...
CVE-2019-6859
The CVE-2019-6859 entry concerns Modicon Controllers with hardcoded FTP credentials exposed via the controller Web server on unsecure networks (CWE-798). Affected scope includes Modicon Controllers across all CPUs and Communication Module references listed in Security Notifications. Root cause is...
CVE-2019-6859
A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers All versions of the following CPUs and Communication Module product references listed in the Security Notifications, which could cause the disclosure of FTP hardcoded credentials when using the Web server of the...
CVE-2020-5279
In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ -...
Improper access control
In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ -...
CVE-2020-5279 Improper Access Control for certain legacy controller in PrestaShop
In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper access control since the the version 1.5.0.0 for legacy controllers. - admin-dev/index.php/configure/shop/customer-preferences/ - admin-dev/index.php/improve/international/translations/ -...
CVE-2019-19300
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, KTK ATE530S, SIDOOR ATD430W, SIDOOR ATE530S COATED, SIDOOR ATE531S, SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0, SIMATIC ET 200eco PN, ...
PT-2020-6298
Name of the Vulnerable Software and Affected Versions Modicon M218, M241, M251, and M258 controllers affected versions not specified Description A Cleartext Transmission of Sensitive Information issue exists, which could leak sensitive information transmitted between the software and the...
Gaming controllers manufacturer exposed 1.1M customer records
By Sudais Asif The company, a known manufacturer of gaming controllers and other accessories had left the database exposed to malicious actors without any security authentication. This is a post from HackRead.com Read the original post: Gaming controllers manufacturer exposed 1.1M customer record...
Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology MPT based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or...
Domain controller freezes when an event subscription manager list is long in Windows 7 and Windows Server 2008 R2
Domain controller freezes when an event subscription manager list is long in Windows 7 and Windows Server 2008 R2 Symptoms Assume that a domain consists of Windows 7 Service Pack 1 SP1 and Windows Server 2008 R2 SP1 servers and clients. Additionally, an event subscription manager list that is...
Fix restart problems after you install update rollup 2919355 in Windows 8.1 or Windows Server 2012 R2
Fix restart problems after you install update rollup 2919355 in Windows 8.1 or Windows Server 2012 R2 Symptoms After you install Update Rollup 2919355 April 2014 for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2, or after you install any of these systems from media that includes this...
CVE-2020-10265
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safe...
CVE-2020-10265 RVD#1443: UR dashboard server enables unauthenticated remote control of core robot functions
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safe...
CVE-2020-10265
The CVE-2020-10265 entry covers UR Universal Robots Robot Controllers (CB2 1.4+, CB3 3.0+, e-series 5.0+) exposing a DashBoard server on port 29999 that allows control over core robot functions (start/stop programs, shutdown, reset safety, etc.) without authentication/authorization. This unauthen...
PT-2020-12014 · Universal Robots · Universal Robots Robot Controllers
Name of the Vulnerable Software and Affected Versions: Universal Robots Robot Controllers versions 1.4 and upwards Universal Robots Robot Controllers CB3 SW Version 3.0 and upwards Universal Robots Robot Controllers e-series SW Version 5.0 and upwards Description: The issue concerns the exposure ...
EulerOS Virtualization for ARM 64 3.0.6.0 : samba (EulerOS-SA-2020-1341)
According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 31 Update: light-1.2.2-1.fc31
Light is a program to control backlight controllers under GNU/Linux, it is the successor of lightscript, which was a bash script with the same purpose, and tries to maintain the same functionality. Features - Works excellent where other software have been proven unusable or problematic, thanks to...
DEBIAN-CVE-2020-1957
Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...