62 matches found
CVE-2021-27416
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
Hitachi ABB AFS Double Free (CVE-2022-4450)
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This plugin only works wi...
Hitachi ABB AFS Use After Free (CVE-2023-0215)
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This plugin only works wi...
EUVD-2021-14624
Malware in sbrugna...
EUVD-2021-22165
Malware in sbrugna...
EUVD-2021-14170
Malware in sbrugna...
EUVD-2021-13629
Malware in sbrugna...
EUVD-2021-14168
Malware in sbrugna...
EUVD-2021-22163
Malware in sbrugna...
EUVD-2021-22162
Malware in sbrugna...
EUVD-2021-13961
Malware in sbrugna...
CVE-2021-27414
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
CVE-2021-27416
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
CVE-2021-27414
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
Session fixation
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
Authentication flaw
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
CVE-2021-27414 User interface misrepresentation of critical information in Hitachi ABB Power Grids Ellipse EAM
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials...
CVE-2021-27416 Cross-site scripting in Hitachi ABB Power Grids Ellipse EAM
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
CVE-2021-27416 Cross-site scripting in Hitachi ABB Power Grids Ellipse EAM
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management EAM versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of...
CVE-2021-27416
CVE-2021-27416 affects Hitachi ABB Power Grids Ellipse EAM, prior to and including 9.0.25. The issue is cross-site scripting: an attacker entices a user to click a malicious link, potentially exposing confidential data or hijacking a session. Mitigation per multiple sources: update to Ellipse EAM...