EUVD-2022-35121

Malicious code in bioql PyPI...

EUVD-2022-35127

Malicious code in bioql PyPI...

EUVD-2022-35123

Malicious code in bioql PyPI...

The vulnerability of the security descriptor of the SCADA server Measuresoft ScadaPro Server, which allows a hacker to execute arbitrary commands with system privileges

The vulnerability of the security descriptor of the SCADA server Measuresoft ScadaPro Server is related to access control deficiencies. Exploiting this vulnerability allows an attacker to execute arbitrary commands with system privileges...

Measuresoft ScadaPro Server Improper Access Control Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2022-3263

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

Design/Logic Flaw

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

CVE-2022-3263

CVE-2022-3263 affects Measuresoft ScadaPro Server 6.7. The issue is an improper access control (CWE-284) where the ORCHESTRATOR service has inconsistent permissions, allowing a local low-privileged user to modify the service binary path and execute commands with SYSTEM privileges. Public sources ...

CVE-2022-3263 Measuresoft ScadaPro Server Improper Access Control

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges...

Measuresoft ScadaPro Server 访问控制错误漏洞

Measuresoft ScadaPro Server is a powerful real-time data acquisition software package from Measuresoft Ireland. It provides monitoring, data logging, simulation development and report generation. An access control error vulnerability exists in Measuresoft ScadaPro Server version 6.7. An attacker...

Measuresoft ScadaPro Server

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Measuresoft Equipment: ScadaPro Server Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local user with limited privileges to modify the service binary...

The vulnerability of the ActiveX control on the SCADA server of Measuresoft ScadaPro Server allows a intruder to execute arbitrary code.

The vulnerability of the ActiveX control in the SCADA server of Measuresoft ScadaPro Server relates to the use of an untrusted indicator. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ActiveX control on SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client allows attackers to enhance their privileges.

The vulnerability of the ActiveX control used by SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

The vulnerability of the ActiveX control on SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client allows attackers to enhance their privileges.

The vulnerability of the ActiveX control used by SCADA servers of Measuresoft ScadaPro Server and ScadaPro Server Client is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

CVE-2022-2892

Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...

CVE-2022-2895

Measuresoft ScadaPro Server All Versions uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file...

CVE-2022-2896

Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...

CVE-2022-2894

Measuresoft ScadaPro Server All Versions uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file...

Design/Logic Flaw

Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...

Double free

Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...