20 matches found
EUVD-2023-38468
Malicious code in bioql PyPI...
CVE-2023-34389
An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more...
CVE-2023-34388
An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details...
CVE-2023-34390
An input validation vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to create a denial of service against the system and locking out services. See product Instruction Manual Appendix A dated 20230830 for more details...
CVE-2023-31176
An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details...
CVE-2023-31177
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for mor...
CVE-2023-31177
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for mor...
Cross site scripting
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for mor...
CVE-2023-34390
The connected documents confirm an input validation error in Schweitzer Engineering Laboratories SEL-451 (stand-alone system) that could let a remote authenticated attacker cause a denial of service and lock out services. Root cause: input validation fault. Exploit details and a definitive remedi...
CVE-2023-34389 Allocation of resources without limits could lead to denial of service
An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more...
CVE-2023-34389
CVE-2023-34389 describes an unbounded resource allocation vulnerability in Schweitzer Engineering Laboratories (SEL) equipment, notably the SEL-451. The issue allows a remote authenticated attacker to render the device unavailable for an indefinite period by exhausting resources. The description ...
CVE-2023-34388
The CVE-2023-34388 entry concerns the Schweitzer Engineering Laboratories SEL-451 device with an Improper Authentication vulnerability that could let a remote, unauthenticated attacker hijack sessions and bypass authentication. Public details consistently reference the SEL-451 and relate the issu...
CVE-2023-31177
CVE-2023-31177 describes an XSS vulnerability in Schweitzer Engineering Laboratories SEL-451. The issue arises from improper input neutralization during web page generation, enabling an attacker to craft a link that could execute arbitrary code on a victim’s system. Reported references consistent...
CVE-2023-31177 Improper neutralizataion of input could lead to execution of arbitrary code
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for mor...
CVE-2023-31176
The CVE-2023-31176 entry concerns Schweitzer Engineering Laboratories SEL-451. The vulnerability arises from insufficient entropy in the device’s microprogram, enabling an unauthenticated remote attacker to brute-force session tokens and bypass authentication. Affected component: SEL-451 (protect...
PT-2023-23203 · Schweitzer Engineering Laboratories · Sel-451
Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-451 affected versions not specified Description: An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' could allow an attacker to craft a link that could execute arbitrar...
Schweitzer Engineering Laboratories SEL-451 Cross-Site Scripting Vulnerability
Schweitzer Engineering Laboratories SEL-451 is a complete standalone system from Schweitzer Engineering Laboratories, USA. A security vulnerability exists in Schweitzer Engineering Laboratories SEL-451 that stems from the presence of a cross-site scripting vulnerability that could allow an attack...
PT-2023-7442 · Schweitzer Engineering Laboratories · Sel-451
Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-451 affected versions not specified Description: The issue is related to insufficient entropy in the microprogram of the protective relay phase sequence of the Schweitzer Engineering Laboratories SEL-45...
Schweitzer Engineering Laboratories SEL-451 Security Feature Issue Vulnerability
Schweitzer Engineering Laboratories SEL-451 is a complete standalone system from Schweitzer Engineering Laboratories, Inc. A security vulnerability exists in the Schweitzer Engineering Laboratories SEL-451 that stems from the presence of an Entropy Insufficiency Vulnerability, which could allow a...
PT-2023-7440 · Schweitzer Engineering Laboratories · Sel-451
Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-451 affected versions not specified Description: The issue is related to insufficient input validation in the software of the SEL-451 protective relay, which could allow a remote authenticated attacker ...