724 matches found
CVE-2022-32523
CVE-2022-32523 affects IGSS Data Server (IGSSdataServer.exe) prior to version 15.0.0.22170. It is a CWE-120 buffer copy without checking input size, causing a stack-based buffer overflow that could enable remote code execution when handling specially crafted online data request messages. Referenc...
CVE-2022-32527
The PT-2022-3182 and related records confirm CVE-2022-32527 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) with a CWE-120 vulnerability: a buffer copy without checking input size causes a stack-based overflow that could enable remote code execution via crafted alarm cache data m...
CVE-2022-32529
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32527
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32522
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server -...
TP-LINK TL-WDR7660 安全漏洞
TL-WDR7660 is a Gigabit router from China Pulian TP-LINK. Ltd. TL-WDR7660 httpProcDataSrv arbitrary code execution vulnerability, which can be exploited by remote attackers to submit special requests to execute arbitrary code in the application context...
angular-test-reporter SQL注入漏洞
angular-test-reporter is an application for publishing and viewing automated test results by Grant Person Personal Developer. A SQL injection vulnerability exists in angular-test-reporter that originates in the function getProjectTables/addTest in the file rest-server/data-server.js, which operat...
evolution-data-server bug fix and enhancement update
An update is available for evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
Johnson Controls Metasys ADX Server Licensing Issue Vulnerability
Johnson Controls Metasys ADX Server is a data server from Johnson Controls, Inc. An authorization issue vulnerability exists in Johnson Controls Metasys ADX Server version 12.0, which stems from improper access controls in the application and could be exploited by an attacker to cause an AD user ...
OESA-2022-1785 evolution-data-server security update
The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...
Schneider Electric IGSS Data Server Out-of-bounds Write (CVE-2022-32526)
Binary data schneiderelectricigsscve-2022-32526.nbin...
The vulnerability of the executable file IGSSdataServer.exe of the Data Server module in the Interactive Graphical SCADA System (IGSS) allows a perpetrator to execute arbitrary code.
The vulnerability of the IGSSdataServer.exe executable file of the Data Server module in the Interactive Graphical SCADA System IGSS is related to a numerical overflow vulnerability. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted...
3S-Smart Software Solutions CODESYS 安全漏洞
CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in 3S-Smart Software Solutions CODESYS OPC DA Server versions prior to V3.5.18.20, which stems from the PLC storing passwords as plain text in its configuration file, which is...
The vulnerability of the Metasys Application and Data Server (ADS), Metasys Extended Application and Data Server (ADX), and Metasys Open Application Server (OAS) lies in the lack of necessary checks during password deletion, allowing attackers to execute arbitrary code.
The vulnerability of the Metasys Application and Data Server ADS, Metasys Extended Application and Data Server ADX, and Metasys Open Application Server OAS lies in the lack of necessary checks during password deletion. Exploiting this vulnerability allows a malicious actor to execute arbitrary co...
The vulnerabilities of the Metasys Application and Data Server (ADS), Metasys Extended Application and Data Server (ADX), and Metasys Open Application Server (OAS) are related to the lack of measures for cleaning incoming data, allowing a perpetrator to execute arbitrary code.
The vulnerabilities of the Metasys Application and Data Server ADS, Metasys Extended Application and Data Server ADX, and Metasys Open Application Server OAS are related to the lack of measures for cleaning incoming data. Exploiting these vulnerabilities allows a remote attacker to execute...
The vulnerability of the Data Server database in the interactive graphical SCADA system, allowing a intruder to execute arbitrary code.
The vulnerability of the Data Server database in the Interactive Graphical SCADA System IGSS involves copying buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted messages...
The vulnerability of the Data Server database in the interactive graphical SCADA system, allowing a intruder to execute arbitrary code.
The vulnerability of the Data Server database in the Interactive Graphical SCADA System IGSS involves copying buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted messages...
The vulnerability of the Data Server database in the interactive graphical SCADA system, allowing a intruder to execute arbitrary code.
The vulnerability of the Data Server database in the Interactive Graphical SCADA System IGSS involves copying buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted messages...
The vulnerability of the Data Server database in the interactive graphical SCADA system, allowing a intruder to execute arbitrary code.
The vulnerability of the Data Server database in the Interactive Graphical SCADA System IGSS involves copying buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted messages...
The vulnerability of the Data Server database in the interactive graphical SCADA system allows a intruder to gain access to read, modify, or delete files.
The vulnerability of the Data Server database in the Interactive Graphical SCADA System IGSS is related to the absence of authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, or delete files by sending specially crafted messages...