24 matches found
EUVD-2022-35061
Malicious code in bioql PyPI...
EUVD-2022-35082
Malicious code in bioql PyPI...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2023-29447 Insufficiently Protected Credentials in PTC's Kepware KEPServerEX
An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication...
CVE-2023-29446 Improper Input Validation in PTC's Kepware KEPServerEX
An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline...
CVE-2023-29445 Uncontrolled Search Path Element in PTC's Kepware KEPServerEX
An uncontrolled search path element vulnerability DLL hijacking has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM...
PTC Kepware KEPServerEX Security Vulnerability
PTC Kepware KEPServerEX is an industrial automation data connectivity solution from PTC Corporation. A security vulnerability exists in PTC Kepware KEPServerEX 6.14.263.0 and earlier versions, which stems from the vulnerability of KEPServerEX's installer to DLL search order hijacking, which could...
PTC Kepware KEPServerEX Security Vulnerability
PTC Kepware KEPServerEX is an industrial automation data connectivity solution from PTC Corporation. A security vulnerability exists in PTC Kepware KepServerEX 6.14.263.0 and prior versions, which originates from a locally authenticated attacker who can escalate privileges to administrator by...
PTC Kepware KepServerEX (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Kepware KepServerEX Vulnerabilities : Uncontrolled Search Path Element, Improper Input Validation, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2848
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2825
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lac...
CVE-2022-2825
The CVE-2022-2825 issue affects Kepware KEPServerEX 6.11.718.0, with a stack-based buffer overflow in the handling of text encoding conversions caused by improper validation of the length of user-supplied data. It allows remote attackers to execute arbitrary code with SYSTEM privileges without au...
(Pwn2Own) Kepware KEPServerEX Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...
PTC Kepware KEPServerEX (Update A)
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Kepware KEPServerEX Vulnerabilities: Heap-based Buffer Overflow, Stack-based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled...
PTC OPC UA Server Multiple vulnerabilities
Binary data ptcopcuamultivulns.nbin...
Kepware Kepserverex Buffer Error Vulnerability
Kepware Kepserverex is a software application from Kepware USA that communicates with a wide range of industrial equipment. The software supports more than 150 communication protocols and supports the delivery of reliable real-time data to organizations through a single platform. Kepware...