EUVD-2022-35123

Malicious code in bioql PyPI...

EUVD-2022-35121

Malicious code in bioql PyPI...

The vulnerability of the security descriptor of the SCADA server Measuresoft ScadaPro Server, which allows a hacker to execute arbitrary commands with system privileges

The vulnerability of the security descriptor of the SCADA server Measuresoft ScadaPro Server is related to access control deficiencies. Exploiting this vulnerability allows an attacker to execute arbitrary commands with system privileges...

Measuresoft ScadaPro Server Improper Access Control Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2022-3263 Measuresoft ScadaPro Server Improper Access Control

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

CVE-2022-3263

CVE-2022-3263 affects Measuresoft ScadaPro Server 6.7. The issue is an improper access control (CWE-284) where the ORCHESTRATOR service has inconsistent permissions, allowing a local low-privileged user to modify the service binary path and execute commands with SYSTEM privileges. Public sources ...

The vulnerability of the ActiveX control on the SCADA server of Measuresoft ScadaPro Server allows a intruder to execute arbitrary code.

The vulnerability of the ActiveX control in the SCADA server of Measuresoft ScadaPro Server relates to the use of an untrusted indicator. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ActiveX control on SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client allows attackers to enhance their privileges.

The vulnerability of the ActiveX control used by SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

The vulnerability of the ActiveX control on SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client allows attackers to enhance their privileges.

The vulnerability of the ActiveX control used by SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

CVE-2022-2896

Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...

CVE-2022-2894

CVE-2022-2894 – Measuresoft ScadaPro Server is associated with unmaintained ActiveX controls that may permit seven untrusted pointer dereference instances when processing a specific project file. The affected product is Measuresoft ScadaPro Server (and Client per related advisories) across all ve...

CVE-2022-2896 Measuresoft ScadaPro Server Use After Free

Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...

CVE-2022-2892 Measuresoft ScadaPro Server Out-of-bounds Write

Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...

Measuresoft ScadaPro Server ORM File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Measuresoft ScadaPro Server ORM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Measuresoft ScadaPro Server ORM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...