CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1659 matches found

Prion•added 2024/01/23 11:15 p.m.•24 views

Authentication flaw

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. The device provides a WiFi access point for initial configuration. The WiFi network provided has no network authentication such as an encryption key and persists permanently, including after enrollment and setup is complete. The WiF...

7.5CVSS7.6AI score0.00508EPSS

Exploits0References4Affected Software1

CNNVD•added 2024/01/23 12:0 a.m.•4 views

SolaX Pocket WiFi Security Vulnerability

SolaX Power SolaX Pocket WiFi is a portable WiFi from SolaX Power. A security vulnerability exists in SolaX Pocket WiFi version 3 through 3.001.02, which stems from a WiFi network that provides a web-based configuration utility and an unauthenticated ModBus protocol interface...

9.8CVSS7AI score0.00508EPSS

Exploits0References2

CVE•added 2024/01/23 12:0 a.m.•51 views

CVE-2023-35835

The CVE-2023-35835 issue affects SolaX Pocket WiFi (versions 3–3.001.02) where the device exposes a WiFi access point for initial configuration that lacks network authentication and remains active after setup, paired with an unauthenticated ModBus interface and a web-based configuration utility. ...

9.8CVSS9.6AI score0.00508EPSS

Exploits0References4Affected Software1

Cvelist•added 2024/01/23 12:0 a.m.•32 views

CVE-2023-35835

9.9AI score0.00508EPSS

Exploits0References4

Positive Technologies•added 2024/01/23 12:0 a.m.•6 views

PT-2024-12512 · Solax · Solax Pocket Wifi

Name of the Vulnerable Software and Affected Versions: SolaX Pocket WiFi versions 3 through 3.001.02 Description: An issue was discovered where the device provides a WiFi access point with no network authentication, such as an encryption key, and this network persists permanently. The WiFi networ...

9.8CVSS9.3AI score0.00508EPSS

Exploits0References5

Tenable Nessus•added 2024/01/17 12:0 a.m.•22 views

Hitachi Energy RTU500 Stack-Based Buffer Overflow (CVE-2022-2081)

A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to...

7.5CVSS7.3AI score0.00636EPSS

Exploits0References3

OSV•added 2024/01/04 10:15 a.m.•2 views

CVE-2022-2081

7.5CVSS5.8AI score0.00636EPSS

Exploits0References1

NVD•added 2024/01/04 10:15 a.m.•21 views

CVE-2022-2081

7.5CVSS7.6AI score0.00636EPSS

Exploits0References1

Prion•added 2024/01/04 10:15 a.m.•14 views

Stack overflow

5CVSS7.5AI score0.00636EPSS

Exploits0References1Affected Software4

Cvelist•added 2024/01/04 9:15 a.m.•34 views

CVE-2022-2081

7.5CVSS7.7AI score0.00636EPSS

Exploits0References1

Vulnrichment•added 2024/01/04 9:15 a.m.•4 views

CVE-2022-2081

7.5CVSS7.5AI score0.00636EPSS

Exploits0References1

CVE•added 2024/01/04 9:15 a.m.•56 views

CVE-2022-2081

CVE-2022-2081 affects Hitachi Energy RTU500 CMU firmware via the HCI Modbus TCP function. A lack of flood control allows remote, high-rate Modbus TCP packets to cause a stack overflow and reboot the CMU when HCI Modbus TCP is enabled. Affected products span multiple RTU500 firmware lines (e.g., 1...

7.5CVSS7.5AI score0.00636EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/12/20 12:0 a.m.•4 views

PT-2023-8173 · Voltronic Power · Voltronic Power Viewpower

Name of the Vulnerable Software and Affected Versions: Voltronic Power ViewPower affected versions not specified Description: The issue is related to the getModbusPassword method and is caused by insufficient protection of service data. This allows remote attackers to disclose sensitive informati...

7.8CVSS6.5AI score0.36038EPSS

Exploits0References6

Tenable Nessus•added 2023/11/07 12:0 a.m.•14 views

Mitsubishi Electric GOT and Tension Controller (CVE-2021-20589)

Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model...

7.1AI score0.01476EPSS

Exploits0References4

OSV•added 2023/10/09 10:15 p.m.•3 views

CVE-2023-5462

A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The...

7.5CVSS5.2AI score

Exploits0References3

NVD•added 2023/10/09 10:15 p.m.•10 views

CVE-2023-5462

7.5CVSS6.8AI score0.00895EPSS

Exploits0References3

Prion•added 2023/10/09 10:15 p.m.•33 views

Design/Logic Flaw

6.1CVSS7.5AI score0.00895EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2023/10/09 9:31 p.m.•14 views

CVE-2023-5462 XINJE XD5E-30R-E Modbus denial of service

6.5CVSS6.7AI score0.00895EPSS

Exploits0References3

Cvelist•added 2023/10/09 9:31 p.m.•27 views

CVE-2023-5462 XINJE XD5E-30R-E Modbus denial of service

6.5CVSS7.7AI score0.00895EPSS

Exploits0References3

CVE•added 2023/10/09 9:31 p.m.•86 views

CVE-2023-5462

CVE-2023-5462 affects XINJE XD5E-30R-E running version 3.5.3b. The vulnerability targets an unknown functionality within the Modbus Handler, and its manipulation leads to a denial of service. The exploit has been disclosed publicly and the vulnerability is associated with VDB-241585; vendor respo...

7.5CVSS6.8AI score0.00895EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by