Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-38472

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00454EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.6 views

The vulnerability of the SEL-5037 SEL Grid Configurator software in terms of creating, managing, and deploying energy systems allows a hacker to perform a CSRF attack due to insufficient verification of the authenticity of the executed requests.

The vulnerability of the SEL-5037 SEL Grid Configurator software, which is used for creating, managing, and deploying energy systems, stems from insufficient verification of the authenticity of the requests being made. Exploiting this vulnerability could allow a malicious actor to carry out a CSR...

7.8CVSS6.5AI score0.00204EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/08/31 4:15 p.m.5 views

CVE-2023-31174

A Cross-Site Request Forgery CSRF vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more...

6.5CVSS5.8AI score0.00204EPSS
Exploits0References2
OSV
OSV
added 2023/08/31 4:15 p.m.5 views

CVE-2023-31173

Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before...

8.4CVSS5.8AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2023/08/31 4:15 p.m.20 views

CVE-2023-31175

An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more...

9.8CVSS9.2AI score0.00422EPSS
Exploits0References2
Prion
Prion
added 2023/08/31 4:15 p.m.24 views

Authentication flaw

A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated...

6.8CVSS8.8AI score0.00454EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/31 4:15 p.m.20 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more...

4.3CVSS6.6AI score0.00204EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/31 4:15 p.m.29 views

Design/Logic Flaw

An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more...

7.5CVSS9.5AI score0.00422EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/08/31 4:15 p.m.20 views

Hardcoded credentials

Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before...

4.6CVSS8.4AI score0.00199EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/31 3:31 p.m.39 views

CVE-2023-34392

The CVE-2023-34392 entry describes a Missing Authentication for Critical Function flaw in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator, enabling an attacker to execute arbitrary commands on managed devices via an authorized operator. Affected software is SEL-5037 Grid Config...

8.8CVSS8.7AI score0.00454EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/31 3:31 p.m.58 views

CVE-2023-31175

The CVE-2023-31175 issue affects SEL-5037 SEL Grid Configurator (pre-4.5.0.20). It is a privilege-related execution flaw that could allow an attacker to run arbitrary commands with the highest privileges on the host. Affected component is SEL Grid Configurator; root cause is improper privilege ha...

9.8CVSS9.5AI score0.00422EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/08/31 3:31 p.m.34 views

CVE-2023-31174

The CVE-2023-31174 entry describes a Cross-Site Request Forgery (CSRF) in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator. Affected product/version: SEL-5037 Grid Configurator prior to 4.5.0.20. Underlying issue: CSRF could enable an attacker to embed instructions that are exec...

7.4CVSS6.7AI score0.00204EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/31 3:31 p.m.28 views

CVE-2023-31174 Cross-Site Request Forgery (CSRF)

A Cross-Site Request Forgery CSRF vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more...

7.4CVSS7.6AI score0.00204EPSS
Exploits0References2
CVE
CVE
added 2023/08/31 3:30 p.m.45 views

CVE-2023-31173

CVE-2023-31173 affects Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator for Windows, with the root cause identified as hard-coded credentials that enable authentication bypass. The issue applies to versions before 4.5.0.20. According to the connected sources, the vulnerability i...

8.4CVSS8.1AI score0.00199EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.4 views

PT-2023-4876 · Schweitzer Engineering Laboratories · Sel-5037 Sel Grid Configurator

Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator versions prior to 4.5.0.20 Description: The issue is related to an Execution with Unnecessary Privileges vulnerability in the SEL-5037 SEL Grid Configurator, which could allow...

10CVSS9.4AI score0.00422EPSS
Exploits0References5
Rows per page
Query Builder