117 matches found
CVE-2024-11305
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11305
Altenergy Power Control Software contains a SQL injection in the get_status_zigbee function (file /index.php/display/status_zigbee) index parameter date. The vulnerability affects versions up to 20241108 and can be exploited remotely. The nuclei template specifies that authenticated attackers cou...
CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
PT-2024-16898 · Unknown · Altenergy Power Control
Name of the Vulnerable Software and Affected Versions: Altenergy Power Control Software versions up to 20241108 Description: A critical issue has been found in the software, affecting some unknown processing of the file /index.php/display/database/, leading to improper authorization. The attack m...
SUSE CVE-2024-50122
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
CVE-2024-50122
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
UBUNTU-CVE-2024-50122
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
CVE-2024-50122
CVE-2024-50122 is a Linux kernel vulnerability in the PCI subsystem (power control code) where a race between the power-control device rescanning and host controller probe can leave two incomplete devices and trigger a crash when removing the device via sysfs. The root cause is not fully detailed...
CVE-2024-50122 PCI: Hold rescan lock while adding devices during host probe
In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter...
CVE-2024-33226
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...
CVE-2024-33226
CVE-2024-33226 affects Wistron Corporation TBT Force Power Control v1.0.0.0 via the Access64.sys component. The root cause is access-control/IOCTL handling that enables privilege escalation and arbitrary code execution when a crafted IOCTL request is sent. Public references in the connected docum...
Wistron Corporation TBT Force Power Control 安全漏洞
Wistron Corporation TBT Force Power Control is a power management solution from Wistron Corporation China. A security vulnerability exists in Wistron Corporation TBT Force Power Control version v1.0.0.0, which originates from a security flaw in the component Access64.sys. The vulnerability can be...
APsystems Energy Communication Unit (ECU-C) Power Control Software
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable via adjacent network / low attack complexity Vendor : APsystems Equipment : Energy communication Unit ECU-C Power Control Software Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this...
The "Power Status" of all VDAs are displayed as "Unknown"
In DaaS management, the "Power Status" of all VDAs was displayed as "Unknown",Power control startup, shutdown, restart, etc. could not be performed. Also, when power control was executed, the log on the Citrix side would show "Success".However, the power action was not executed on the Azure VDA...
VulnCheck KEV: CVE-2023-28343
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...
CVE-2023-3259
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the...
CISA Releases One Industrial Control Systems Advisory
CISA released one Industrial Control Systems ICS advisory on August 1, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-213-01 APSystems Altenergy Power Control CISA encourages users and administrators to review...
PT-2023-22789 · Pcu · Pcu
Name of the Vulnerable Software and Affected Versions: PCU affected versions not specified Description: The issue concerns the insecure data flow between the PCU and its modules. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device whil...