75 matches found
EUVD-2019-7126
Malware in sbrugna...
EUVD-2021-15935
Malware in sbrugna...
EUVD-2021-15934
Malware in sbrugna...
EUVD-2022-35030
Malicious code in bioql PyPI...
EUVD-2022-35034
Malicious code in bioql PyPI...
EUVD-2022-35032
Malicious code in bioql PyPI...
EUVD-2022-35029
Malicious code in bioql PyPI...
EUVD-2022-35031
Malicious code in bioql PyPI...
CVE-2022-2793
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2792
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists...
CVE-2022-2790
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic PDT files and data blocks data BLD/BLK files...
CVE-2022-2789
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic...
CVE-2022-2788
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
Design/Logic Flaw
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2791
CVE-2022-2791 affects Emerson Proficy Machine Edition versions 9.00 and prior. The vulnerability is CWE-434 Unrestricted Upload of File with Dangerous Type: the software will upload any file written into the PLC logic folder to the connected PLC. Impact described in connected documents includes p...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...