Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-17393

Malware in sbrugna...

10CVSS9.2AI score0.01745EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-17391

Malware in sbrugna...

8.8CVSS8.6AI score0.0134EPSS
Exploits0References3
NVD
NVD
added 2020/12/22 10:15 p.m.23 views

CVE-2020-24678

An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges...

8.8CVSS9.1AI score0.01452EPSS
Exploits0References2
NVD
NVD
added 2020/12/22 10:15 p.m.21 views

CVE-2020-24673

In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database such as shutdown the DBMS, recover the content of a given file present on the DBMS file...

9.8CVSS9.9AI score0.01046EPSS
Exploits0References2
OSV
OSV
added 2020/12/22 10:15 p.m.4 views

CVE-2020-24680

In S+ Operations and S+ Historian, the passwords of internal users not Windows Users are encrypted but improperly stored in a database...

7CVSS7.1AI score0.00264EPSS
Exploits0References2
Prion
Prion
added 2020/12/22 10:15 p.m.17 views

Design/Logic Flaw

In S+ Operations and S+ Historian, the passwords of internal users not Windows Users are encrypted but improperly stored in a database...

4.6CVSS6.8AI score0.00264EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/12/22 10:15 p.m.20 views

Command injection

In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service DoS attack, execute arbitrary code, or obtain more privilege than intended on the machines...

9CVSS9AI score0.02875EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/12/22 10:15 p.m.21 views

Sql injection

In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database such as shutdown the DBMS, recover the content of a given file present on the DBMS file...

7.5CVSS9.6AI score0.01046EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2020/12/22 9:21 p.m.76 views

CVE-2020-24673

CVE-2020-24673 affects S+ Operations and S+ Historian. The vulnerability is a SQL injection that can allow an attacker to read sensitive data, modify data (Insert/Update/Delete), perform database administration operations (e.g., shutdown the DBMS), recover files from the DBMS file system, and pot...

9.8CVSS9.9AI score0.01046EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/12/22 9:20 p.m.34 views

CVE-2020-24674 Improper Authorization in Symphony Plus

In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service DoS attack, execute arbitrary code, or obtain more privilege than intended on the machines...

8.8CVSS9.1AI score0.02875EPSS
Exploits0References2
CVE
CVE
added 2020/12/22 9:20 p.m.66 views

CVE-2020-24674

CVE-2020-24674 affects S+ Operations and S+ Historian. The issue is improper authorization where not all client commands properly enforce user permissions. Authenticated but Unauthorized remote users could trigger a Denial-of-Service, execute arbitrary code, or gain higher privileges on affected ...

9CVSS9.1AI score0.02875EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/12/22 9:18 p.m.29 views

CVE-2020-24680 Improper Credential Storage in Symphony Plus

In S+ Operations and S+ Historian, the passwords of internal users not Windows Users are encrypted but improperly stored in a database...

7CVSS6.9AI score0.00264EPSS
Exploits0References2
CVE
CVE
added 2020/12/22 9:17 p.m.68 views

CVE-2020-24679

CVE-2020-24679 concerns the S+ Operations and S+ Historian service. Public sources describe a DoS with specially crafted messages that can crash the service and, in some wording, may allow arbitrary code execution on the host. The NVD entry lists impact including high confidentiality, integrity, ...

10CVSS9AI score0.01745EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/12/22 9:16 p.m.27 views

CVE-2020-24677 Insecure Web Service in Symphony Plus

Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data...

8.8CVSS9AI score0.0134EPSS
Exploits0References2
CVE
CVE
added 2020/12/22 9:13 p.m.68 views

CVE-2020-24678

CVE-2020-24678 affects S+ Operations or S+ Historian database. An authenticated user may execute malicious code under their user context and escalate privileges to take control of the system. Public details from NVD indicate CVSSv3.1 base score 8.8 (HIGH) with NETWORK attack vector, LOW attack co...

8.8CVSS9.1AI score0.01452EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder