Lucene search
+L

231 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-47552

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00423EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/22 12:0 a.m.3 views

Elevation of Privilege Vulnerability in Multiple SIEMENS Products

SIMATIC Information Server is used to report and visualize process data stored in SIMATIC Process Historian.SIMATIC PDM MS provides independent field device management, diagnostics, and data acquisition functions across a wide range of communication protocols that are independent of the automatio...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/08/06 6:28 a.m.5 views

CVE-2025-7376

Windows Shortcut Following .LNK vulnerability in multiple processes of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper Historian versions...

5.9CVSS6AI score0.00192EPSS
Exploits0References4Affected Software7
RedhatCVE
RedhatCVE
added 2025/05/23 10:26 a.m.6 views

CVE-2024-6456

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

8.5CVSS7.8AI score0.00423EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:27 p.m.10 views

CVE-2021-27395

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier All versions, SIMATIC Process Historian 2014 All versions SP3 Update 6, SIMATIC Process Historian 2019 All versions, SIMATIC Process Historian 2020 All versions. An interface in the software that is used for critica...

8.1CVSS6.8AI score0.00776EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.8 views

CVE-2013-0673

Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL...

9.4CVSS7AI score0.03029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:1 a.m.12 views

CVE-2011-3320

Cross-site scripting XSS vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS5.9AI score0.00908EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:47 p.m.16 views

CVE-2020-13500

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL...

9.8CVSS7.8AI score0.02912EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 1:45 p.m.13 views

CVE-2020-13499

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...

9.8CVSS7.8AI score0.02912EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/05 1:45 p.m.15 views

CVE-2020-13501

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticate...

9.8CVSS7.8AI score0.02912EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/04 10:13 p.m.7 views

CVE-2024-35783

A vulnerability has been identified in SIMATIC BATCH V9.1 All versions, SIMATIC Information Server 2020 All versions V2020 SP2 Update 5, SIMATIC Information Server 2022 All versions V2022 SP1 Update 2, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC06, SIMATIC Process Historian 2020 All versions V202...

9.4CVSS7.5AI score0.0061EPSS
Exploits0
ICS
ICS
added 2024/10/22 6:0 a.m.36 views

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite, Mitsubishi Electric MC Works64 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability could...

7.8CVSS8.5AI score0.00193EPSS
Exploits0References10
CVE
CVE
added 2024/09/10 9:36 a.m.54 views

CVE-2024-35783

CVE-2024-35783 affects Siemens SIMATIC SCADA/PCS7 family (e.g., SIMATIC BATCH, Information Server, PCS 7, Process Historian, WinCC variants). The root cause is privilege-management errors allowing the database server to run with elevated privileges, enabling an authenticated attacker to execute a...

9.4CVSS9.4AI score0.0061EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/10 9:36 a.m.20 views

CVE-2024-35783

A vulnerability has been identified in SIMATIC BATCH V9.1 All versions, SIMATIC Information Server 2020 All versions V2020 SP2 Update 5, SIMATIC Information Server 2022 All versions V2022 SP1 Update 2, SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC06, SIMATIC Process Historian 2020 All versions V202...

9.4CVSS0.0061EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/09/02 12:0 a.m.7 views

The vulnerability in the AVEVA (Wonderware) Historian web server’s data archiving mechanism involves a lack of protection for the SQL query structure, allowing attackers to execute arbitrary code.

The vulnerability of AVEVA Wonderware Historian’s data archiving server is related to the lack of security measures for handling SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that the user specifically visits a specially crafted U...

9.4CVSS6AI score0.00423EPSS
Exploits0References4
NVD
NVD
added 2024/08/15 9:15 p.m.18 views

CVE-2024-6456

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

8.5CVSS0.00423EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/15 8:10 p.m.14 views

CVE-2024-6456 SQL Injection vulnerability in AVEVA Historian Server

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

8.5CVSS7.8AI score0.00423EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/15 8:10 p.m.24 views

CVE-2024-6456 SQL Injection vulnerability in AVEVA Historian Server

AVEVA Historian Server has a vulnerability, if exploited, could allow a malicious SQL command to execute under the privileges of an interactive Historian REST Interface user who had been socially engineered by a miscreant into opening a specially crafted URL...

8.5CVSS0.00423EPSS
Exploits0References1
CVE
CVE
added 2024/08/15 8:10 p.m.49 views

CVE-2024-6456

CVE-2024-6456 describes a SQL Injection vulnerability in AVEVA Historian Server. Public sources in the connected documents indicate that an attacker could exploit the issue by enticing a user to open a specially crafted URL via the interactive Historian REST Interface, allowing the execution of S...

8.5CVSS7.4AI score0.00423EPSS
Exploits0References1
ICS
ICS
added 2024/08/15 6:0 a.m.17 views

AVEVA Historian Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : Historian Server Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to get read and write...

8.5CVSS7.3AI score0.00423EPSS
Exploits0References10
Rows per page
Query Builder