CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2022/04/13 12:0 a.m.•16 views

Siemens PROFINET Stack Integrated on Interniche Stack Denial of Service Vulnerability

The SIMATIC S7-400 CPU series is designed for process control in industrial environments.The SIMATIC S7-300 CPU series is designed for discrete and continuous control in industrial environments.The SIMATIC S7-1500 CPU series is designed for discrete and continuous control in industrial...

7.5CVSS6.8AI score0.00145EPSS

Trend Micro Simply Security•added 2022/04/08 12:0 a.m.•6 views

Why the Mitre Engenuity ATT&CK Evaluations Matter

This year’s MITRE Engenuity™ ATT&CK Evaluation simulates techniques associated with notorious threat groups Wizard Spider and Sandworm to test solutions' ability to detect and stop APT and Targeted Attacks...

2.2AI score

Rapid7 Blog•added 2022/04/04 1:28 p.m.•21 views

Sharpen Your IR Capabilities With Rapid7’s Detection and Response Workshop

You’re tasked with protecting your environment, and you’ve invested significant time and resources into deploying and configuring your tools — but how do you know if the security controls you’ve put into place are effective? The challenge continues to grow as attacker tactics, techniques, and...

7.2AI score

OSV•added 2022/02/24 7:15 p.m.•1 views

CVE-2020-10635

Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext...

4.3CVSS5.8AI score0.00076EPSS

NVD•added 2022/02/24 7:15 p.m.•8 views

CVE-2020-10635

Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext...

4.3CVSS0.00076EPSS

Cvelist•added 2022/02/24 6:27 p.m.•14 views

CVE-2020-10635 ICSA-20-098-05 KUKA.Sim Pro Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext...

4.3CVSS4.8AI score0.00076EPSS

Kitploit•added 2022/02/22 11:30 a.m.•26 views

Chain-Reactor - An Open Source Framework For Composing Executables That Simulate Adversary Behaviors And Techniques On Linux Endpoints

Chain Reactor is an open-source tool for testing detection and response coverage on Linux machines. The tool generates executables that simulate sequences of actions like process creation and network connection. Chain Reactor assumes no prior engineering experience; the tool consumes JSON, so...

7AI score

Exploits0References4

Akamai Blog•added 2022/02/14 2:0 p.m.•18 views

Log4j Bringing You Down? Try Infection Monkey’s New Log4Shell Attack Simulation

What if you could see how a real cyberattack might unfold in your network? Imagine the insights you would gain into your security posture if you could safely and easily simulate the behavior of malicious actors before they hit your defenses. That’s what the Infection Monkey does...

7AI score

CNVD•added 2022/02/08 12:0 a.m.•19 views

Siemens Simcenter Femap Out-of-Bounds Write Vulnerability (CNVD-2022-10010)

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens, Germany. It is used to create, edit and import/reuse mesh-based finite element analysis models of complex products or systems. Siemens Simcenter Femap is vulnerable to an out-of-bounds write vulnerability...

CNVD•added 2022/02/08 12:0 a.m.•23 views

Siemens Simcenter Femap Out-of-Bounds Writing Vulnerability (CNVD-2022-10013)

CNVD•added 2022/02/08 12:0 a.m.•23 views

Siemens Simcenter Femap Memory Corruption Vulnerability (CNVD-2022-10012)

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens, Germany. It is used to create, edit and import/reuse mesh-based finite element analysis models of complex products or systems. Siemens Simcenter Femap suffers from a memory corruption vulnerability that can...

7.8CVSS5.4AI score0.0038EPSS

CNVD•added 2022/02/08 12:0 a.m.•19 views

Siemens Simcenter Femap类型混淆漏洞

7.8CVSS3.8AI score0.00454EPSS

CNVD•added 2022/02/08 12:0 a.m.•31 views

Siemens Simcenter Femap Out-of-Bounds Writing Vulnerability (CNVD-2022-10009)

CNVD•added 2022/02/08 12:0 a.m.•24 views

Siemens Simcenter Femap Out-of-Bounds Writing Vulnerability (CNVD-2022-10008)

CNVD•added 2022/02/08 12:0 a.m.•25 views

Siemens Simcenter Femap内存破坏漏洞

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens, Germany. It is used to create, edit and import/reuse mesh-based finite element analysis models of complex products or systems. Siemens Simcenter Femap suffers from a memory corruption vulnerability that can...

7.8CVSS5.2AI score0.00454EPSS

CNVD•added 2022/02/08 12:0 a.m.•27 views

Siemens Simcenter Femap File Parsing Vulnerability

7.8CVSS5AI score0.00342EPSS

CNVD•added 2022/02/08 12:0 a.m.•17 views

Siemens Simcenter Femap Stack Buffer Overflow Vulnerability (CNVD-2022-10011)

Siemens Simcenter Femap is a cutting-edge engineering simulation application from Siemens, Germany. Siemens Simcenter Femap is vulnerable to a stack buffer overflow when parsing NEU files, which could be exploited to execute code in the context of the current process...

7.8CVSS5.4AI score0.01242EPSS

Imperva Blog•added 2022/02/03 4:18 p.m.•17 views

What Does an Internal Attack Resulting in a Data Breach Look Like in Today’s Threat Landscape?

In my last blog, I explained why taking the approach of setting up perimeter defenses, restricting data access, patching vulnerabilities, applying sensors to data movement, and encrypting data is no longer solely effective at stopping data breaches in today’s threat landscape. I also discussed th...

7AI score