Lucene search
K

117 matches found

NVD
NVD
added 2024/11/18 1:15 a.m.23 views

CVE-2024-11305

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

6.5CVSS0.03725EPSS
Exploits0References4
CVE
CVE
added 2024/11/18 12:31 a.m.90 views

CVE-2024-11305

Altenergy Power Control Software contains a SQL injection in the get_status_zigbee function (file /index.php/display/status_zigbee) index parameter date. The vulnerability affects versions up to 20241108 and can be exploited remotely. The nuclei template specifies that authenticated attackers cou...

6.5CVSS6.8AI score0.03725EPSS
In wildExploits0References4
Vulnrichment
Vulnrichment
added 2024/11/18 12:31 a.m.17 views

CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

6.5CVSS7.2AI score0.03725EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/18 12:31 a.m.27 views

CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

6.5CVSS0.03725EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/17 12:0 a.m.4 views

PT-2024-16898 · Unknown · Altenergy Power Control

Name of the Vulnerable Software and Affected Versions: Altenergy Power Control Software versions up to 20241108 Description: A critical issue has been found in the software, affecting some unknown processing of the file /index.php/display/database/, leading to improper authorization. The attack m...

6.9CVSS5.5AI score0.00534EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2024/11/06 3:48 a.m.4 views

SUSE CVE-2024-50122

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

5.5CVSS7.5AI score0.00186EPSS
Exploits0References5
NVD
NVD
added 2024/11/05 6:15 p.m.33 views

CVE-2024-50122

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

5.5CVSS0.00186EPSS
Exploits0References2
OSV
OSV
added 2024/11/05 6:15 p.m.3 views

UBUNTU-CVE-2024-50122

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

5.5CVSS5.7AI score0.00186EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/11/05 5:10 p.m.3 views

CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

7.4AI score0.00186EPSS
Exploits0References2
CVE
CVE
added 2024/11/05 5:10 p.m.92 views

CVE-2024-50122

CVE-2024-50122 is a Linux kernel vulnerability in the PCI subsystem (power control code) where a race between the power-control device rescanning and host controller probe can leave two incomplete devices and trigger a crash when removing the device via sysfs. The root cause is not fully detailed...

5.5CVSS5.2AI score0.00186EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/11/05 5:10 p.m.17 views

CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe

In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...

5.5CVSS5.9AI score0.00186EPSS
Exploits0References5
NVD
NVD
added 2024/05/22 4:15 p.m.20 views

CVE-2024-33226

An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...

9.9CVSS7.6AI score0.00436EPSS
Exploits0References1
CVE
CVE
added 2024/05/22 3:17 p.m.75 views

CVE-2024-33226

CVE-2024-33226 affects Wistron Corporation TBT Force Power Control v1.0.0.0 via the Access64.sys component. The root cause is access-control/IOCTL handling that enables privilege escalation and arbitrary code execution when a crafted IOCTL request is sent. Public references in the connected docum...

9.9CVSS7.9AI score0.00436EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.2 views

Wistron Corporation TBT Force Power Control 安全漏洞

Wistron Corporation TBT Force Power Control is a power management solution from Wistron Corporation China. A security vulnerability exists in Wistron Corporation TBT Force Power Control version v1.0.0.0, which originates from a security flaw in the component Access64.sys. The vulnerability can be...

9.9CVSS7.5AI score0.00436EPSS
Exploits0References2
ICS
ICS
added 2024/01/23 7:0 a.m.44 views

APsystems Energy Communication Unit (ECU-C) Power Control Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable via adjacent network / low attack complexity Vendor : APsystems Equipment : Energy communication Unit ECU-C Power Control Software Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this...

8.8CVSS9AI score0.00642EPSS
Exploits1References8
Citrix
Citrix
added 2023/12/27 12:0 a.m.7 views

The "Power Status" of all VDAs are displayed as "Unknown"

In DaaS management, the "Power Status" of all VDAs was displayed as "Unknown",Power control startup, shutdown, restart, etc. could not be performed. Also, when power control was executed, the log on the Citrix side would show "Success".However, the power action was not executed on the Azure VDA...

7AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2023/12/04 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-28343

OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...

9.8CVSS7.3AI score0.85332EPSS
Exploits5References1
OSV
OSV
added 2023/08/14 4:15 a.m.3 views

CVE-2023-3259

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the...

9.8CVSS5.8AI score0.00937EPSS
Exploits0References1
CISA
CISA
added 2023/08/01 12:0 p.m.3 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on August 1, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-213-01 APSystems Altenergy Power Control CISA encourages users and administrators to review...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/13 12:0 a.m.4 views

PT-2023-22789 · Pcu · Pcu

Name of the Vulnerable Software and Affected Versions: PCU affected versions not specified Description: The issue concerns the insecure data flow between the PCU and its modules. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device whil...

6.1CVSS6AI score0.00169EPSS
Exploits0References4
Rows per page
Query Builder