Lucene search
K

60 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-52939

Malicious code in bioql PyPI...

10CVSS9.3AI score0.02323EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-52943

Malicious code in bioql PyPI...

9.1CVSS8.9AI score0.01627EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52941

Malicious code in bioql PyPI...

10CVSS8.9AI score0.01468EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-52946

Malicious code in bioql PyPI...

9CVSS8.7AI score0.01246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52942

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00972EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52940

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00895EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-52945

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00774EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.7 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software, related to security mechanism failures, allows a intruder to cause a service failure.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to security mechanism errors. Exploiting this vulnerability allows a malicious actor to cause service failure by loading arbitrary firmware files remotely...

7.8CVSS7.5AI score0.00895EPSS
Exploits0References7Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.5 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software, related to security mechanism failures, allows a intruder to alter the “notes” section on the web interface’s home page.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to security mechanism errors. Exploiting this vulnerability could allow a malicious actor to modify the “notes” section on the web interface’s home page using a specially created package...

5.3CVSS6.2AI score0.00774EPSS
Exploits0References7Affected Software9
The Hacker News
The Hacker News
added 2022/06/10 7:3 a.m.58 views

Researchers Disclose Critical Flaws in Industrial Access Controllers from HID Mercury

As many as four zero-day security vulnerabilities have been disclosed in the HID Mercury access controller system that's used widely in healthcare, education, transportation, and government facilities. "The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and loc...

10CVSS0.5AI score0.02323EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/06/10 12:0 a.m.8 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to cause malfunctions in the system.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure through a specially crafted HT...

7.8CVSS7.4AI score0.00972EPSS
Exploits0References7Affected Software9
BDU FSTEC
BDU FSTEC
added 2022/06/10 12:0 a.m.8 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software arises from the lack of measures taken to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary shell commands.

The vulnerability of HID Mercury programmable logic controllers exists due to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to remotely execute arbitrary shell commands by sending a special...

9CVSS8.2AI score0.01246EPSS
Exploits0References7Affected Software9
Trellix
Trellix
added 2022/06/09 12:0 a.m.16 views

Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System

Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System By Trellix · June 9, 2022 This story was also written by Steve Povolny and Sam Quinn. Today at the Hardwear.io Security Trainings and Conference, Trellix Threat Labs is sharing new research into...

10CVSS9.1AI score0.02323EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/06/08 12:0 a.m.7 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software relates to a flaw in the data protection mechanism, allowing an attacker to execute arbitrary shell commands.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to a breach in data protection mechanisms. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary shell commands by replacing the hostname with a specially...

10CVSS8.3AI score0.02323EPSS
Exploits0References7Affected Software9
OSV
OSV
added 2022/06/06 5:15 p.m.4 views

CVE-2022-31482

An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29...

7.5CVSS5.8AI score0.00972EPSS
Exploits0References1
OSV
OSV
added 2022/06/06 5:15 p.m.6 views

CVE-2022-31483

An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contai...

8.8CVSS7.6AI score
Exploits0References1
NVD
NVD
added 2022/06/06 5:15 p.m.19 views

CVE-2022-31480

An unauthenticated attacker could arbitrarily upload firmware files to the target device, ultimately causing a Denial-of-Service DoS. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior t...

7.5CVSS0.00895EPSS
Exploits0References1
NVD
NVD
added 2022/06/06 5:15 p.m.17 views

CVE-2022-31485

An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior t...

5.3CVSS0.00774EPSS
Exploits0References1
NVD
NVD
added 2022/06/06 5:15 p.m.19 views

CVE-2022-31486

An authenticated attacker can send a specially crafted route to the “editroute.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303...

9CVSS0.01246EPSS
Exploits0References1
NVD
NVD
added 2022/06/06 5:15 p.m.14 views

CVE-2022-31484

An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The impact of...

7.5CVSS0.00973EPSS
Exploits0References1
Rows per page
Query Builder