Lucene search
K

151 matches found

CNVD
CNVD
added 2023/03/20 12:0 a.m.36 views

Schneider Electric IGSS Data Server Code Issue Vulnerability

Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. A code issue vulnerability exists in Schneider Electric IGSS Data Server, which can be exploited by attackers to cause remote code execution...

7.9AI score0.06482EPSS
Exploits0Affected Software3
CNVD
CNVD
added 2023/03/20 12:0 a.m.41 views

Schneider Electric IGSS Data Server Access Control Error Vulnerability (CNVD-2023-29375)

Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An access control error vulnerability exists in Schneider Electric IGSS Data Server, which could be exploited by an attacker to create malicious report files in the IGSS...

8.8AI score0.00881EPSS
Exploits0Affected Software3
CNVD
CNVD
added 2023/03/20 12:0 a.m.21 views

Schneider Electric IGSS Data Server Input Validation Error Vulnerability

Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. Schneider Electric IGSS Data Server is vulnerable to an input validation error, which could be exploited by an attacker to cause remote code execution...

8.9AI score0.00609EPSS
Exploits0Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/17 12:0 a.m.6 views

The vulnerability of the SCADA system’s data server, IGSS Data Server, allows a intruder to execute arbitrary code.

The vulnerability of the IGSS Data Server SCADA system’s data server is related to the lack of authentication for critical functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...

10CVSS7.9AI score0.00881EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.3 views

PT-2023-1870 · Unknown · Igss Dashboard +2

Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions V16.0.0.23040 and prior IGSS Dashboard versions V16.0.0.23040 and prior Custom Reports versions V16.0.0.23040 and prior Description: The issue is related to insufficient verification of data authenticity, which could...

6.5CVSS6.4AI score0.00242EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.6 views

PT-2023-1688 · Unknown · Igss Dashboard +2

Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: A Missing Authentication for Critical Function issue exists in the Data Server TCP...

10CVSS8.8AI score0.00881EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.4 views

PT-2023-1871 · Unknown · Igss Dashboard +2

Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: The issue exists due to insufficient input validation in the Custom Reports component ...

8.8CVSS8.9AI score0.00609EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.5 views

PT-2023-1873 · Unknown · Igss Dashboard +2

Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: A Deserialization of Untrusted Data issue exists in the Dashboard module, potentially...

7.8CVSS7.9AI score0.06482EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.6 views

PT-2023-1874 · Unknown · Igss Dashboard +2

Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions V16.0.0.23040 and prior IGSS Dashboard versions V16.0.0.23040 and prior Custom Reports versions V16.0.0.23040 and prior Description: The issue is related to the absence of authentication for a critical function in th...

6.5CVSS5.4AI score0.00437EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.4 views

PT-2023-1855 · Unknown · Igss Dashboard +2

Name of the Vulnerable Software and Affected Versions: IGSS Data Server versions 16.0.0.23040 and prior IGSS Dashboard versions 16.0.0.23040 and prior Custom Reports versions 16.0.0.23040 and prior Description: A vulnerability exists in Custom Reports due to improper limitation of a pathname to a...

8.8CVSS8.9AI score0.00725EPSS
Exploits0References7
CNVD
CNVD
added 2023/02/06 12:0 a.m.22 views

Schneider Electric IGSS Data Server Integer Overflow Vulnerability

Schneider Electric IGSS Data Server is a data server for the interactive graphical Scada system from Schneider Electric France. An integer overflow vulnerability exists in Schneider Electric IGSS Data Server, which could be exploited by an attacker to submit special requests that could crash the...

9.5AI score0.02124EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/02/01 4:15 a.m.29 views

CVE-2022-2329

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

9.8CVSS9.8AI score0.02124EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 4:15 a.m.5 views

CVE-2022-24324

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions prior to...

9.8CVSS6.6AI score0.01204EPSS
Exploits0References1
NVD
NVD
added 2023/02/01 4:15 a.m.33 views

CVE-2022-24324

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions prior to...

9.8CVSS9.9AI score0.01204EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 4:15 a.m.4 views

CVE-2022-2329

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

9.8CVSS6.5AI score0.02124EPSS
Exploits0References1
Prion
Prion
added 2023/02/01 4:15 a.m.20 views

Integer overflow

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

7.5CVSS9.5AI score0.02124EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/02/01 4:15 a.m.15 views

Stack overflow

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions prior to...

7.5CVSS9.7AI score0.01204EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/01 12:0 a.m.26 views

CVE-2022-2329

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

9.8CVSS9.9AI score0.02124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/01 12:0 a.m.7 views

CVE-2022-2329

A CWE-190: Integer Overflow or Wraparound vulnerability exists that could cause heap-based buffer overflow, leading to denial of service and potentially remote code execution when an attacker sends multiple specially crafted messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

9.8CVSS7.9AI score0.02124EPSS
Exploits0References1
CVE
CVE
added 2023/02/01 12:0 a.m.47 views

CVE-2022-24324

CVE-2022-24324 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to v15.0.0.22073. Root cause is a CWE-120 buffer copy without checking input size, leading to a stack-based buffer overflow and potential remote code execution when a specially crafted message is received. Affec...

9.8CVSS9.8AI score0.01204EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder