12 matches found
EUVD-2021-27514
Malicious code in bioql PyPI...
EUVD-2021-27515
Malicious code in bioql PyPI...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM ICSA-21-334-02 Mitsubishi MELSEC and MELIPC Series Update F CISA...
CVE-2021-40336
A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session...
CVE-2021-40335
A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This cause a Cross Site Request Forgery CSRF, which if exploited could lead an attack...
CVE-2021-40335
A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This cause a Cross Site Request Forgery CSRF, which if exploited could lead an attack...
CVE-2021-40336
A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session...
Design/Logic Flaw
A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session...
CVE-2021-40336 HTTP Response Splitting in Hitachi Energy’s MSM Product
A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into the user’s web browser, such as to steal the session...
Hitachi Energy MSM 跨站请求伪造漏洞
Hitachi Energy MSM is Hitachi Energy Switzerland's solution for monitoring, managing and analyzing the performance of all types of high-voltage switchgear in new installations, as well as retrofitting existing high-voltage assets. A security vulnerability exists in Hitachi Energy MSM version 2.2...
Hitachi Energy MSM 注入漏洞
Hitachi Energy MSM is Hitachi's solution for monitoring, managing, and analyzing the performance of all types of high-voltage switchgear in new installations, as well as retrofitting existing high-voltage assets. An injection vulnerability exists in Hitachi Energy MSM 2.2 and prior versions, whic...
PT-2022-5005 · Hitachi Energy · Hitachi Energy Msm
Name of the Vulnerable Software and Affected Versions: Hitachi Energy MSM versions V2.2 and prior Description: A vulnerability exists in the HTTP web interface where it does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted th...