16 matches found
EUVD-2002-1477
Malware in sbrugna...
EUVD-2019-2680
Malware in sbrugna...
CVE-2019-10966
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
CVE-2019-10966
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
Code injection
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
CVE-2019-10966
CVE-2019-10966 affects GE Aestiva and Aespire anesthesia devices (7100/7900) where serial ports extended to TCP/IP via an unsecured terminal server. Root cause is improper authentication, enabling remote modification of device configuration and silencing of alarms without user interaction. The IC...
CVE-2019-10966
In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exists where serial devices are connected via an added unsecured terminal server to a TCP/IP network configuration, which could allow an attacker to remotely modify device configuration and silence alarms...
GE Aestiva and Aespire Anesthesia (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Aestiva and Aespire Anesthesia Vulnerability: Improper Authentication 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSMA-19-190-01 GE...
Aestiva HTML/OS 2.4 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In particular,...
CVE-2002-1494
The CVE-2002-1494 entry describes a Cross-site Scripting (XSS) vulnerability in Aestiva HTML/OS. The root cause is that an attacker can insert arbitrary HTML or script by placing the script after a trailing / character, causing the script to appear in error messages generated by the application. ...
CVE-2002-1494
Cross-site scripting XSS vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message...
CVE-2002-1494
Cross-site scripting XSS vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message...
Cross-Site Scripting in Aestiva's HTML/OS
"Aestiva HTML/OS is a high-performance database engine and development suite for building advanced web sites and web-based software products." SUMMARY: The Aestiva HTML/OS CGIs appear vulnerable to XSS due to poor error reporting no metacharacter filtering. Anything you want can be appended to an...
Crossite scripting in Aestiva's HTML/OS
No description provided...
Aestiva HTMLOS 2.4 - Cross-Site Scripting
Aestiva HTMLOS 2.4 - Cross-Site Scripting source: https://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In...
Aestiva HTML/OS 2.4 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In particular, attackers may inject HTML into erro...