Lucene search
K

52 matches found

CVE
CVE
added 2022/08/31 8:54 p.m.63 views

CVE-2022-2894

CVE-2022-2894 – Measuresoft ScadaPro Server is associated with unmaintained ActiveX controls that may permit seven untrusted pointer dereference instances when processing a specific project file. The affected product is Measuresoft ScadaPro Server (and Client per related advisories) across all ve...

7.8CVSS7.5AI score0.00288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/31 8:54 p.m.29 views

CVE-2022-2896 Measuresoft ScadaPro Server Use After Free

Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...

7.8CVSS7.9AI score0.0031EPSS
Exploits0References1
CVE
CVE
added 2022/08/31 8:54 p.m.56 views

CVE-2022-2896

Measuresoft ScadaPro Server (All Versions) is affected by CVE-2022-2896 due to a use-after-free in processing a specific project file (ORM-related parsing). The vulnerability can lead to arbitrary code execution, as described by multiple sources (ZDI: remote code execution requiring user interact...

7.8CVSS7.7AI score0.0031EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/31 8:54 p.m.31 views

CVE-2022-2894 Measuresoft ScadaPro Server Untrusted Pointer Dereference

Measuresoft ScadaPro Server All Versions uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file...

7.8CVSS7.8AI score0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/31 8:54 p.m.8 views

CVE-2022-2896 Measuresoft ScadaPro Server Use After Free

Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...

7.8CVSS7.7AI score0.0031EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/31 8:54 p.m.30 views

CVE-2022-2892 Measuresoft ScadaPro Server Out-of-bounds Write

Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...

7.8CVSS7.8AI score0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/31 8:54 p.m.6 views

CVE-2022-2892 Measuresoft ScadaPro Server Out-of-bounds Write

Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...

7.8CVSS7.6AI score0.00294EPSS
Exploits0References1
CVE
CVE
added 2022/08/31 8:54 p.m.53 views

CVE-2022-2895

CVE-2022-2895 affects Measuresoft ScadaPro Server (All Versions). The vulnerability stems from unmaintained ActiveX controls used by ScadaPro Server, enabling two stack-based buffer overflow instances while processing a specific project file. ZDI advisories describe remote code execution with use...

7.8CVSS7.8AI score0.00294EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.19 views

Measuresoft ScadaPro Server ORM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.3AI score0.00294EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.14 views

Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS5.4AI score0.00284EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/23 12:0 a.m.3 views

PT-2022-4413 · Measuresoft · Measuresoft Scadapro Server

Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server versions prior to 6.8.0.1 Description: The issue is related to an out-of-bounds write condition in the Measuresoft ScadaPro Server, potentially allowing an attacker to execute arbitrary code in the target system by...

7.8CVSS7.8AI score0.00294EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.17 views

Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS5.4AI score0.00284EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.24 views

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.9AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/23 12:0 a.m.9 views

PT-2022-4634 · Measuresoft · Measuresoft Scadapro Server

Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server All Versions Description: The issue is related to the use of unmaintained ActiveX controls in Measuresoft ScadaPro Server, which may lead to two stack-based buffer overflow instances when processing a specific...

7.8CVSS8AI score0.00294EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.23 views

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.9AI score0.00288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.22 views

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.9AI score0.00288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.22 views

Measuresoft ScadaPro Server Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exist...

6.1CVSS3.5AI score0.0022EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/23 12:0 a.m.7 views

PT-2022-4633 · Measuresoft · Measuresoft Scadapro Server

Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server All Versions Description: The issue is related to the use of unmaintained ActiveX controls in Measuresoft ScadaPro Server, which may allow untrusted pointer deference instances while processing a specific project...

7.8CVSS7.8AI score0.00288EPSS
Exploits0References11
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.20 views

Measuresoft ScadaPro Server ORM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4AI score0.00294EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/08/23 12:0 a.m.25 views

Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.9AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder