Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-6339

Malware in sbrugna...

6.1CVSS6.7AI score0.01726EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-6341

Malware in sbrugna...

9.8CVSS9.5AI score0.01005EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-6342

Malware in sbrugna...

10CVSS9.5AI score0.0377EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-6340

Malware in sbrugna...

9.8CVSS9.5AI score0.04032EPSS
Exploits0References4
Prion
Prion
added 2019/06/03 8:29 p.m.15 views

Stack overflow

A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25...

7.5CVSS9.9AI score0.07235EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/06/03 8:29 p.m.17 views

CVE-2017-14854

A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25...

9.8CVSS10AI score0.07235EPSS
Exploits0References3
Prion
Prion
added 2019/06/03 7:29 p.m.17 views

Cross site scripting

All known versions of the Orpak SiteOmat web management console is vulnerable to multiple instances of Stored Cross-site Scripting due to improper external user-input validation. An attacker with access to the web interface is able to hijack sessions or navigate victims outside of SiteOmat, to a...

4.3CVSS6.6AI score0.01726EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/06/03 7:29 p.m.17 views

CVE-2017-14853

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device...

10CVSS9.6AI score0.0377EPSS
Exploits0References3
OSV
OSV
added 2019/06/03 7:29 p.m.6 views

CVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

9.8CVSS5.8AI score0.01005EPSS
Exploits0References3
OSV
OSV
added 2019/06/03 7:29 p.m.6 views

CVE-2017-14853

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device...

9.8CVSS5.8AI score0.0377EPSS
Exploits0References3
Prion
Prion
added 2019/06/03 7:29 p.m.20 views

Sql injection

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass...

7.5CVSS9.8AI score0.04032EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2019/06/03 7:29 p.m.14 views

Design/Logic Flaw

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

5CVSS9.3AI score0.01005EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/06/03 7:29 p.m.13 views

CVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

9.8CVSS9.5AI score0.01005EPSS
Exploits0References3
OSV
OSV
added 2019/06/03 7:29 p.m.6 views

CVE-2017-14851

A SQL injection vulnerability exists in all Orpak SiteOmat versions prior to 2017-09-25. The vulnerability is in the login page, where the authentication validation process contains an insecure SELECT query. The attack allows for authentication bypass...

9.8CVSS5.8AI score0.04032EPSS
Exploits0References3
CVE
CVE
added 2019/06/03 7:1 p.m.90 views

CVE-2017-14854

The CVE-2017-14854 entry describes a stack-based buffer overflow in one of Orpak SiteOmat’s CGI components that enables remote code execution. Affected products are SiteOmat software prior to version 6.4.414.122 (with impact on versions prior to 2017-09-25 per the NVD entry). The ICS-CERT advisor...

9.8CVSS9.8AI score0.07235EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2019/06/03 7:1 p.m.8 views

CVE-2017-14854

A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25...

7.8AI score0.07235EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/06/03 7:0 p.m.25 views

CVE-2017-14853

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device...

9.6AI score0.0377EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2019/06/03 7:0 p.m.7 views

CVE-2017-14853

The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device...

7.4AI score0.0377EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/06/03 6:57 p.m.15 views

CVE-2017-14852

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

9.4AI score0.01005EPSS
Exploits0References3
CVE
CVE
added 2019/06/03 6:57 p.m.68 views

CVE-2017-14852

The CVE-2017-14852 entry concerns Orpak SiteOmat management console. The root cause is insecure communication due to an invalid SSL certificate, enabling an eavesdropper to capture and decrypt sensitive data in transit. Reported impact includes exposure of credentials and related data. Affected s...

9.8CVSS9.2AI score0.01005EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder