CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-47679

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.0155EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-47680

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.0011EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:43 a.m.•1 views

CVE-2024-6619

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS6.8AI score0.0011EPSS

Exploits0References1

NVD•added 2024/08/13 5:15 p.m.•6 views

CVE-2024-6619

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS0.0011EPSS

Exploits0References1

NVD•added 2024/08/13 5:15 p.m.•12 views

CVE-2024-6618

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...

8.5CVSS0.0155EPSS

Exploits0References1

CVE•added 2024/08/13 4:41 p.m.•34 views

CVE-2024-6619

In the provided documents, CVE-2024-6619 is described as an Incorrect Permission Assignment for Critical Resource affecting Ocean Data Systems Dream Report. Affected components are Dream Report 2023 (and AVEVA Reports for Operations 2023) with versions up to 23.0.17795.1010. The root cause is inc...

8.5CVSS6.6AI score0.0011EPSS

Exploits0References1

Vulnrichment•added 2024/08/13 4:41 p.m.•9 views

CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS6.9AI score0.0011EPSS

Exploits0References1

Cvelist•added 2024/08/13 4:41 p.m.•13 views

CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...

8.5CVSS0.0011EPSS

Exploits0References1

CVE•added 2024/08/13 4:37 p.m.•49 views

CVE-2024-6618

CVE-2024-6618 affects Ocean Data Systems Dream Report (and AVEVA Reports for Operations). The root cause is errors in processing relative paths to directories, enabling path traversal that could allow remote code execution via injection of a malicious DLL. Affected products/versions include Dream...

8.5CVSS7.7AI score0.0155EPSS

Exploits0References1

Cvelist•added 2024/08/13 4:37 p.m.•16 views

CVE-2024-6618 Path Traversal in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...

8.5CVSS0.0155EPSS

Exploits0References1

Vulnrichment•added 2024/08/13 4:37 p.m.•12 views

CVE-2024-6618 Path Traversal in Ocean Data Systems Dream Report

In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...

8.5CVSS8AI score0.0155EPSS

Exploits0References1

ICS•added 2024/08/13 6:0 a.m.•18 views

Ocean Data Systems Dream Report

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Ocean Data Systems Equipment : Dream Report 2023 Vulnerabilities : Path Traversal, Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these...

8.5CVSS7.8AI score0.0155EPSS

Exploits0References10

CNVD•added 2021/04/14 12:0 a.m.•6 views

Ocean Data Systems Dream Report 5 R20-2 Has an Unspecified Vulnerability

Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. A security vulnerability exists in Dream Report 5 R20-2, which can be triggered by an attacker providing a malicious file...

9.3CVSS6.7AI score0.00217EPSS

Exploits1References1

CNVD•added 2021/04/14 12:0 a.m.•6 views

Unspecified Vulnerability in Ocean Data Systems Dream Report 5 R20-2 (CNVD-2021-28326)

Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. Dream Report 5 R20-2 suffers from a security vulnerability that allows an attacker to misuse registry entries which refer to weakly-privileged binarie...

9.3CVSS6.7AI score0.00039EPSS

Exploits1References1

CNVD•added 2021/04/14 12:0 a.m.•5 views

Unspecified Vulnerability in Ocean Data Systems Dream Report 5 R20-2 (CNVD-2021-28325)

Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. Dream Report 5 R20-2 has a security vulnerability that allows an attacker to replace the Syncfusion Dashboard Service service binary to escalate...

9.3CVSS7AI score0.00052EPSS

Exploits1References1

CNNVD•added 2021/04/08 12:0 a.m.•2 views

Ocean Data Systems Dream Report 5 R20-2 安全漏洞

9.3CVSS5.6AI score0.00217EPSS

Exploits1References2

ICS•added 2012/10/27 6:0 a.m.•33 views

Ocean Data Systems Dream Reports XSS and Write Access Violation Vulnerabilities

Overview Independent researchers Billy Rios and Terry McCorkle identified cross-site scripting XSS and write access violation vulnerabilities in Ocean Data Systems Dream Report application. ICS-CERT has coordinated these vulnerabilities with Ocean Data Systems, which has produced a new version th...

9.3CVSS6.9AI score0.02564EPSS

Exploits0References10

NVD•added 2012/02/10 7:55 p.m.•13 views

CVE-2011-4038

Cross-site scripting XSS vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters...

4.3CVSS5.8AI score0.02033EPSS

Exploits0References4

Prion•added 2012/02/10 7:55 p.m.•9 views

Code injection

Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."...

9.3CVSS8.1AI score0.02564EPSS

Exploits0References4Affected Software2

Prion•added 2012/02/10 7:55 p.m.•11 views

Cross site scripting

4.3CVSS6.2AI score0.02033EPSS

Exploits0References4Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by