Lucene search
K

138 matches found

NVD
NVD
added 2024/07/04 9:15 a.m.28 views

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

6.7CVSS0.00192EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/04 9:2 a.m.21 views

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

6.7CVSS6.1AI score0.00192EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/04 9:2 a.m.32 views

CVE-2024-1574

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in the licensing feature of Mitsubishi Electric GENESIS64 versions 10.97.2 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.2 and prior, Mitsubishi Electric Hyper Historian versions 10.97.2 a...

6.7CVSS0.00192EPSS
Exploits0References3
CVE
CVE
added 2024/07/04 9:2 a.m.53 views

CVE-2024-1574

CVE-2024-1574 is an Unsafe Reflection vulnerability in the licensing service of ICONICS/Mitsubishi Electric products. Affected: ICONICS GENESIS64 and ICONICS Suite (GENESIS64, Hyper Historian, AnalytiX, MobileHMI) up to version 10.97.2; ICONICS GENESIS32/BizViz lines up to 9.7; MC Works64 all ver...

6.7CVSS6.1AI score0.00192EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.6 views

PT-2024-8945

Name of the Vulnerable Software and Affected Versions: ICONICS GENESIS64 versions 10.97 to 10.97.2 Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.2 Mitsubishi Electric MC Works64 all versions Description: The issue is related to the use of externally-controlled input to select classes or...

6.7CVSS6.9AI score0.00192EPSS
Exploits0References8
ICS
ICS
added 2024/06/27 12:0 a.m.46 views

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.0 ATTENTION : Exploitable remotely Vendor : ICONICS, Mitsubishi Electric Equipment : ICONICS Product Suite Vulnerabilities : Allocation of Resources Without Limits or Throttling, Improper Neutralization, Uncontrolled Search Path Element, Improper...

7.8CVSS7.3AI score0.73461EPSS
Exploits0References9
OSV
OSV
added 2024/06/02 10:30 p.m.96 views

GHSA-CJCC-P67M-7QXM Unsafe Reflection in base Component class in yiisoft/yii2

Yii2 supports attaching Behaviors to Components by setting properties having the format 'as '. Internally this is done using the set magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject$value. However, ther...

8.1CVSS8.3AI score0.7939EPSS
Exploits1References9
GithubExploit
GithubExploit
added 2024/03/18 3:19 a.m.279 views

Exploit for Unsafe Reflection in Github Enterprise_Server

Intro This repository contains exploits we have developed for...

9.8CVSS8.9AI score0.71725EPSS
Exploits1
Veracode
Veracode
added 2024/03/13 5:13 a.m.20 views

Unsafe Reflection

stimulusreflex is vulnerable to Unsafe Reflection. The vulnerability is due to insufficient validation of methods that can be called on Reflex instances. This vulnerability allows attackers to execute methods not intended for client-side interaction...

8.8CVSS7AI score0.01555EPSS
Exploits3References6Affected Software1
Snyk
Snyk
added 2024/03/12 3:44 p.m.3 views

Unsafe Reflection

Overview stimulusreflex is an exciting new way to build modern, reactive, real-time apps with Ruby on Rails. Affected versions of this package are vulnerable to Unsafe Reflection due to the handling of websocket messages that allow specifying a classname and methodname. An attacker can manipulate...

8.8CVSS7.3AI score0.01555EPSS
Exploits3References2
OSV
OSV
added 2024/01/30 9:15 a.m.5 views

CVE-2023-6943

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...

9.8CVSS6AI score0.01844EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/30 9:9 a.m.4 views

CVE-2023-6943

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...

9.8CVSS9.3AI score0.01844EPSS
Exploits0References3
CVE
CVE
added 2024/01/30 9:9 a.m.72 views

CVE-2023-6943

CVE-2023-6943 affects Mitsubishi Electric FA Engineering Software: EZSocket (v3.0–5.92), FR Configurator2 (all), GT Designer3 GOT1000 (all up to 1.325P), GT Designer3 GOT2000 (up to 1.320J), GX Works2 (1.11M+), GX Works3 (all), MELSOFT Navigator (1.04E–2.102G), MT Works2 (all), MX Component (4.00...

9.8CVSS9.3AI score0.01844EPSS
Exploits0References3Affected Software10
Cvelist
Cvelist
added 2024/01/30 9:9 a.m.62 views

CVE-2023-6943

Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1GOT1000 versions 1.325P and prior, GT Designer3 Version1GOT2000 versions 1.320J and prior, GX Works2 versions 1.11M...

9.8CVSS9.9AI score0.01844EPSS
Exploits0References3
ICS
ICS
added 2024/01/30 7:0 a.m.63 views

Mitsubishi Electric FA Engineering Software Products (Update D)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...

9.8CVSS9.2AI score0.01844EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.5 views

PT-2024-1401 · Mitsubishi · Mx +8

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92 GT Designer3 Version1GOT1000 versions 1.325P and prior GT Designer3 Version1GOT2000 versions 1.320J and prior GX Works2 versions 1.11M and later GX Works3 versions 1.106L and prior...

9.8CVSS8.1AI score0.01844EPSS
Exploits0References20
The Hacker News
The Hacker News
added 2024/01/17 7:41 a.m.66 views

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to credentials within a production container. The Microsoft-owned subsidiary said it was made aware of the problem on December 26, 2023, and that it address...

9.8CVSS8.2AI score0.71725EPSS
Exploits1
PyPA
PyPA
added 2023/12/07 5:15 a.m.6 views

PYSEC-2023-260

A reflected Cross-Site Scripting XSS vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the us...

6.5CVSS5.7AI score0.01649EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploit
added 2023/11/24 10:30 a.m.114 views

Exploit for Unsafe Reflection in Hsqldb Hypersql_Database

Research into CVE-2022-41853: Using static functions to obtian...

9.8CVSS8.8AI score0.03519EPSS
Exploits1
Veracode
Veracode
added 2023/08/06 10:4 p.m.24 views

Unsafe Reflection

thunderbird is vulnerable to Unsafe Reflection. This results in possible spoofing attacks since the website obscures fullscreen notifications using a URL scheme handled by an external program...

6.5CVSS6.7AI score0.00739EPSS
Exploits0References9Affected Software3
Rows per page
Query Builder