36 matches found
CVE-2024-41979
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not enforce mandatory authorization on some functionality level at server side. This could allow an authenticated attacker to gain complete acce...
EUVD-2024-54870
Malicious code in bioql PyPI...
EUVD-2024-54867
Malicious code in bioql PyPI...
EUVD-2024-54868
Malicious code in bioql PyPI...
Multiple Vulnerabilities in SIEMENS Opcenter Quality Modules Opcenter QL Home (SC), SOA Audit and SOA Cockpit
Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce defects and rework costs, and achieve operational excellence by improving process stability. Its integrated process capabilities control charts, statistics, quality gat...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41986
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...
CVE-2024-41986
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41980
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive...
CVE-2024-41982
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information...
CVE-2024-41982
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41984
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications...
CVE-2024-41979
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not enforce mandatory authorization on some functionality level at server side. This could allow an authenticated attacker to gain complete acce...
CVE-2024-41986
CVE-2024-41986 affects Siemens SmartClient modules used by Opcenter QL Home, SOA Audit, and SOA Cockpit. The vulnerability arises because the affected applications support insecure TLS 1.0 and 1.1, enabling possible man‑in‑the‑middle attacks that could compromise confidentiality and data integrit...
CVE-2024-41986
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...
CVE-2024-41985
CVE-2024-41985 affects Siemens SmartClient modules Opcenter QL Home, SOA Audit and SOA Cockpit (versions 13.2 through 2505; note 2506+ not affected). The root cause is that the affected application does not expire sessions on user inactivity, potentially allowing an attacker to gain unauthorized ...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...