CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

148 matches found

CVE•added 2024/07/21 7:10 a.m.•56 views

CVE-2024-38435

CVE-2024-38435 affects Unitronics Vision PLC. The issue is CWE-703: improper check or handling of exceptional conditions leading to denial of service. It is listed as exploitable remotely over the network, with availability impact, and no vendor-provided fix/version details are present in the con...

7.5CVSS6.5AI score0.00106EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/07/21 7:8 a.m.•12 views

CVE-2024-38434 Unitronics Vision PLC - CWE-676: Use of Potentially Dangerous Function

Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass...

6.5CVSS0.00052EPSS

Exploits0References1

Vulnrichment•added 2024/07/21 7:8 a.m.•10 views

CVE-2024-38434 Unitronics Vision PLC - CWE-676: Use of Potentially Dangerous Function

Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass...

6.5CVSS7.4AI score0.00052EPSS

Exploits0References1

CVE•added 2024/07/21 7:8 a.m.•39 views

CVE-2024-38434

CVE-2024-38434 corresponds to CWE-676: Use of Potentially Dangerous Function, potentially bypassing security features. The IBM Engineering Systems Design Rhapsody bulletin lists affected products and versions (Rhapsody 9.0.2, 10.0, 10.0.1) with iFix updates (iFix004, iFix002, iFix003) as remediat...

6.5CVSS6.7AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2024/07/18 12:0 a.m.•2 views

PT-2024-5268 · Unitronics · Unitronics Vision Plc

Name of the Vulnerable Software and Affected Versions: Unitronics Vision PLC affected versions not specified Description: The issue is related to improper check or handling of exceptional conditions, which may allow denial of service. An attacker, acting remotely, can exploit this to cause a...

7.5CVSS6.3AI score0.00106EPSS

Exploits0References8

NVD•added 2024/04/19 10:15 p.m.•12 views

CVE-2024-1480

Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without authentication...

7.5CVSS7.6AI score0.00113EPSS

Exploits0References2

Vulnrichment•added 2024/04/19 9:19 p.m.•12 views

CVE-2024-1480 Unitronics Vision Standard Unauthenticated Password Retrieval

Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without authentication...

7.5CVSS7.3AI score0.00113EPSS

Exploits0References2

Cvelist•added 2024/04/19 9:19 p.m.•15 views

CVE-2024-1480 Unitronics Vision Standard Unauthenticated Password Retrieval

Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without authentication...

7.5CVSS7.8AI score0.00113EPSS

Exploits0References2

CNNVD•added 2024/04/19 12:0 a.m.•1 views

Unitronics Vision series PLCs 安全漏洞

Unitronics Vision series PLCs are a series of PLCs from Unitronics, Inc. A security vulnerability exists in Unitronics Vision series PLCs that originates from a vulnerability that allows an attacker to retrieve message mode passwords without authentication. Affected products and versions:...

7.5CVSS6.8AI score0.00113EPSS

Exploits0References3

CISA•added 2024/04/18 12:0 p.m.•6 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-109-01 Unitronics Vision Series PLCs ICSA-21-287-03 Mitsubishi Electric MELSEC iQ-R...

7AI score

Exploits0References3

ICS•added 2024/04/18 6:0 a.m.•43 views

Unitronics Vision Legacy series (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Unitronics Equipment : Vision Legacy series Vulnerability : Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...

7.5CVSS8.1AI score0.00113EPSS

Exploits0References10

OSV•added 2024/03/18 2:15 p.m.•3 views

CVE-2024-27772

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE...

8.8CVSS5.8AI score

Exploits0References2

OSV•added 2024/03/18 2:15 p.m.•0 views

CVE-2024-27773

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE...

8.8CVSS5.8AI score0.00082EPSS

Exploits0References2

NVD•added 2024/03/18 2:15 p.m.•13 views

CVE-2024-27772

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE...

8.8CVSS8.8AI score0.00695EPSS

Exploits0References2

NVD•added 2024/03/18 2:15 p.m.•11 views

CVE-2024-27774

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware...

7.5CVSS7.5AI score0.00067EPSS

Exploits0References2

OSV•added 2024/03/18 2:15 p.m.•1 views

CVE-2024-27774

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware...

6.5CVSS5.8AI score

Exploits0References2

NVD•added 2024/03/18 2:15 p.m.•9 views

CVE-2024-27773

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE...

8.8CVSS8.8AI score0.00082EPSS

Exploits0References2

OSV•added 2024/03/18 2:15 p.m.•3 views

CVE-2024-27771

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE...

8.8CVSS5.8AI score0.00162EPSS

Exploits0References2