16 matches found
EUVD-2002-1477
Malware in sbrugna...
EUVD-2019-2680
Malware in sbrugna...
CVE-2019-10966
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
CVE-2019-10966
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
Code injection
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
CVE-2019-10966
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
CVE-2019-10966
CVE-2019-10966 affects GE Aestiva and Aespire anesthesia devices (7100/7900) where serial ports extended to TCP/IP via an unsecured terminal server. Root cause is improper authentication, enabling remote modification of device configuration and silencing of alarms without user interaction. The IC...
GE Aestiva and Aespire Anesthesia (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Aestiva and Aespire Anesthesia Vulnerability: Improper Authentication 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSMA-19-190-01 GE...
Aestiva HTML/OS 2.4 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In particular,...
CVE-2002-1494
Cross-site scripting XSS vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message...
CVE-2002-1494
The CVE-2002-1494 entry describes a Cross-site Scripting (XSS) vulnerability in Aestiva HTML/OS. The root cause is that an attacker can insert arbitrary HTML or script by placing the script after a trailing / character, causing the script to appear in error messages generated by the application. ...
CVE-2002-1494
Cross-site scripting XSS vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message...
Cross-Site Scripting in Aestiva's HTML/OS
"Aestiva HTML/OS is a high-performance database engine and development suite for building advanced web sites and web-based software products." SUMMARY: The Aestiva HTML/OS CGIs appear vulnerable to XSS due to poor error reporting no metacharacter filtering. Anything you want can be appended to an...
Crossite scripting in Aestiva's HTML/OS
No description provided...
Aestiva HTMLOS 2.4 - Cross-Site Scripting
Aestiva HTMLOS 2.4 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In...
Aestiva HTML/OS 2.4 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In particular, attackers may inject HTML into erro...