Lucene search
+L

493 matches found

Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.7 views

PT-2023-31120 · Peplink · Peplink Balance

Name of the Vulnerable Software and Affected Versions: Peplink Balance Two versions prior to 8.4.0 Description: An issue was discovered in the traceroute feature of the administration console, allowing command injection. This enables users with admin privileges to execute arbitrary commands as...

7.2CVSS7.7AI score0.03423EPSS
Exploits1References8
OSV
OSV
added 2023/11/14 11:15 a.m.3 views

CVE-2023-46099

A vulnerability has been identified in SIMATIC PCS neo All versions V4.1. There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later...

4.8CVSS5.7AI score0.00388EPSS
Exploits0References1
Prion
Prion
added 2023/11/14 11:15 a.m.13 views

Cross site scripting

A vulnerability has been identified in SIMATIC PCS neo All versions V4.1. There is a stored cross-site scripting vulnerability in the Administration Console of the affected product, that could allow an attacker with high privileges to inject Javascript code into the application that is later...

4.3CVSS5.9AI score0.00388EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.3 views

PT-2023-7000 · Siemens · Simatic Pcs Neo

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS neo versions prior to V4.1 Description: The issue is related to a stored cross-site scripting vulnerability in the Administration Console of SIMATIC PCS neo. This vulnerability could allow an attacker with high privileges to injec...

5.4CVSS5.1AI score0.00388EPSS
Exploits0References6
Citrix
Citrix
added 2023/10/02 12:0 a.m.15 views

WEM - All Organizational Units under Active Directory Objects are not listed

In some customer environment all OUs Organizational Unit may not be listed in WEM Administration Console - Active Directory Objects - Machines - Add OU. However, administrator can manually add computer objects without any issue...

7.2AI score
Exploits0
CNVD
CNVD
added 2023/09/15 12:0 a.m.53 views

Siemens SIMATIC PCS neo (Administration Console) Information Disclosure Vulnerability

SIMATIC PCS neo Administration Console is a distributed control system DCS. An information disclosure vulnerability exists in Siemens SIMATIC PCS neo Administration Console, which can be exploited by an attacker to obtain credentials and impersonate an administrator user to gain administrator...

5.5CVSS6.4AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2023/09/14 11:15 a.m.11 views

CVE-2023-38558

A vulnerability has been identified in SIMATIC PCS neo Administration Console V4.0 All versions, SIMATIC PCS neo Administration Console V4.0 Update 1 All versions. The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the...

5.5CVSS5.7AI score0.00166EPSS
Exploits0References1
NVD
NVD
added 2023/09/14 11:15 a.m.33 views

CVE-2023-38558

A vulnerability has been identified in SIMATIC PCS neo Administration Console V4.0 All versions, SIMATIC PCS neo Administration Console V4.0 Update 1 All versions. The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the...

5.5CVSS5.3AI score0.00166EPSS
Exploits0References1
Prion
Prion
added 2023/09/14 11:15 a.m.20 views

Design/Logic Flaw

A vulnerability has been identified in SIMATIC PCS neo Administration Console V4.0 All versions, SIMATIC PCS neo Administration Console V4.0 Update 1 All versions. The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the...

1.7CVSS5.3AI score0.00166EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/14 10:39 a.m.54 views

CVE-2023-38558

Summary of CVE-2023-38558 : Siemens SIMATIC PCS neo Administration Console (V4.0 and V4.0 Update 1) contains an information-disclosure vulnerability that leaks Windows admin credentials to an attacker with local access, enabling impersonation of an admin and potential access to other Windows syst...

5.5CVSS5.3AI score0.00166EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/09/14 10:39 a.m.34 views

CVE-2023-38558

A vulnerability has been identified in SIMATIC PCS neo Administration Console V4.0 All versions, SIMATIC PCS neo Administration Console V4.0 Update 1 All versions. The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the...

5.5CVSS5.6AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/14 12:0 a.m.5 views

PT-2023-5168 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS neo Administration Console versions V4.0 through V4.0 Update 1 Description: The issue is related to a leak of information about files and directories in the administration console of the SIMATIC PCS neo system, which can lead to t...

5.5CVSS5.2AI score0.00166EPSS
Exploits0References5
ICS
ICS
added 2023/09/14 12:0 a.m.35 views

Siemens SIMATIC PCS neo Administration Console

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.5CVSS5.7AI score0.00166EPSS
Exploits0References12
NVD
NVD
added 2023/08/08 11:15 a.m.12 views

CVE-2023-3717

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farmakom Remote Administration Console allows SQL Injection. This issue affects Remote Administration Console: before 1.02...

9.8CVSS10AI score0.00523EPSS
Exploits0References2
Prion
Prion
added 2023/08/08 11:15 a.m.17 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farmakom Remote Administration Console allows SQL Injection.This issue affects Remote Administration Console: before 1.02...

7.5CVSS9.8AI score0.00523EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/08 10:46 a.m.45 views

CVE-2023-3717

CVE-2023-3717 describes an SQL injection in Farmakom Remote Administration Console (prior to version 1.02) caused by improper neutralization of special elements in SQL commands. The CVSS 3.1 score is 9.8 (CRITICAL) with network attack vector, no privileges, no user interaction, and high impact on...

9.8CVSS7.4AI score0.00523EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/08 10:46 a.m.12 views

CVE-2023-3717 SQLi in Farmakoms Remote Administration Console

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farmakom Remote Administration Console allows SQL Injection. This issue affects Remote Administration Console: before 1.02...

9.8CVSS7.4AI score0.00523EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/08 10:46 a.m.24 views

CVE-2023-3717 SQLi in Farmakoms Remote Administration Console

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Farmakom Remote Administration Console allows SQL Injection. This issue affects Remote Administration Console: before 1.02...

9.8CVSS10AI score0.00523EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 10:13 p.m.34 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager (CVE-2019-4030)

Summary IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager version 3.9 & 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager version 4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has bee...

5.4CVSS5.5AI score0.00695EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/05/12 2:15 p.m.9 views

CVE-2023-27823

An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials...

9.8CVSS9.6AI score0.53312EPSS
Exploits3References1
Rows per page
Query Builder