Lucene search
K

118 matches found

Positive Technologies
Positive Technologies
added 2021/04/21 12:0 a.m.6 views

PT-2021-6930 · Elcomplus · Elcomplus Smartptt

Name of the Vulnerable Software and Affected Versions: Elcomplus SmartPTT affected versions not specified Description: The issue is related to authorization errors in the Elcomplus SmartPTT scada-server, allowing a low-authenticated user to access higher-level administration authorization. This c...

9CVSS8.3AI score0.00594EPSS
Exploits0References6
NVD
NVD
added 2020/02/19 9:15 p.m.21 views

CVE-2020-6970

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 if Modbus or ROC Interfaces have been installed and are in use and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server...

9.8CVSS9.7AI score0.02579EPSS
Exploits0References1
Prion
Prion
added 2020/02/19 9:15 p.m.13 views

Heap overflow

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 if Modbus or ROC Interfaces have been installed and are in use and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server...

7.5CVSS9.6AI score0.02579EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/02/19 8:19 p.m.88 views

CVE-2020-6970

The CVE-2020-6970 issue affects Emerson OpenEnterprise SCADA Server: OpenEnterprise Server 2.83 (with Modbus or ROC Interfaces in use) and OpenEnterprise 3.1–3.3.3. It is a heap-based buffer overflow enabling a specially crafted script to execute code on the OpenEnterprise Server. Mitigation per ...

9.8CVSS9.5AI score0.02579EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2020/02/18 12:0 a.m.67 views

Emerson OpenEnterprise

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: OpenEnterprise SCADA Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA...

9.8CVSS9.7AI score0.02579EPSS
Exploits0References5
Zero Science Lab
Zero Science Lab
added 2016/05/08 12:0 a.m.83 views

Certec EDV atvise SCADA server 2.5.9 Privilege Escalation Vulnerability

Summary atvise scada is based on newest technologies and standards: The visualization in pure web technology as well as a consistent vertical object orientation based on OPC UA changes the world of process management systems. Description The application suffers from an unquoted search path issue...

6.2AI score
Exploits0
seebug.org
seebug.org
added 2016/03/15 12:0 a.m.13 views

Ecava IntegraXor SCADA Server权限访问漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2015/04/03 10:59 a.m.23 views

CVE-2015-0990

Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory...

4.4CVSS6.5AI score0.00358EPSS
Exploits0References1
Prion
Prion
added 2015/04/03 10:59 a.m.15 views

Design/Logic Flaw

Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory...

4.4CVSS7AI score0.00358EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/04/03 10:0 a.m.60 views

CVE-2015-0990

Affected product: Ecava IntegraXor SCADA Server prior to version 4.2.4488. Issue: Untrusted search path (CWE-427) allows a local attacker to escalate privileges by placing a renamed DLL in the default install directory; the DLL is loaded by the application, executing code with the application’s p...

4.4CVSS6.7AI score0.00358EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2014/09/15 2:55 p.m.15 views

CVE-2014-2376

SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.3AI score0.02035EPSS
Exploits0References2
Prion
Prion
added 2014/09/15 2:55 p.m.19 views

Sql injection

SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.02035EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/09/15 2:55 p.m.23 views

Code injection

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag...

5CVSS7.2AI score0.01836EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/09/15 2:0 p.m.22 views

CVE-2014-2376 Ecava IntegraXor SCADA Server SQL Injection

SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.3AI score0.02035EPSS
Exploits0References1
CVE
CVE
added 2014/09/15 2:0 p.m.48 views

CVE-2014-2376

CVE-2014-2376 refers to an SQL injection vulnerability in Ecava IntegraXor SCADA Server, affecting stable 4.1.4360 and earlier and beta 4.1.4392 and earlier. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors, enabling potential reading/modifying of files ...

7.5CVSS8.6AI score0.02035EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/09/15 2:0 p.m.49 views

CVE-2014-2377

The CVE-2014-2377 entry affects Ecava IntegraXor SCADA Server versions 4.1.4360 and earlier (stable) and 4.1.4392 and earlier (beta), where built-in application tags can disclose full pathnames via environmental variables, enabling information exposure. Affected component: IntegraXor SCADA Server...

5CVSS6.8AI score0.01836EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/09/15 2:0 p.m.21 views

CVE-2014-2375 Ecava IntegraXor SCADA Server External Control of File Name or Path

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service disk consumption, via the CSV export feature...

8.3CVSS6.8AI score0.02315EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/09/15 2:0 p.m.19 views

CVE-2014-2377 Ecava IntegraXor SCADA Server Information Exposure Through Environmental Variables

Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag...

5CVSS6.6AI score0.01836EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2014/08/01 12:25 p.m.9 views

Vulnerability Fixed in Subnet Solutions SCADA Server

A hole has been fixed in a popular industrial control system data management server that if left unpatched, could result in a remotely exploitable denial of service condition. Subnet Solutions, Inc., a Canadian manufacturer of electric utility products, fixed the vulnerability – along with anothe...

0.6AI score
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.39 views

RealWin SCADA Server DATAC Login Buffer Overflow

No description provided by source. $Id: realwinonfcslogin.rb 13007 2011-06-22 22:36:55Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

7.1AI score
Exploits0
Rows per page
Query Builder