Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2022-33561

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0053EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:44 p.m.20 views

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

6.1CVSS6.1AI score0.0053EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.5 views

The software for Mitsubishi Electric GX Works3 programming is vulnerable. The software includes control tools for applications in industrial automation systems, namely MELSOFT iQ AppPortal, MELSOFT Navigator, and Motion Control Setting. This vulnerability allows a malicious individual to execute arbitrary code, disclose protected information, and trigger service failures.

The vulnerabilities of the software for programming Mitsubishi Electric GX Works3, as well as the software tools for managing applications in industrial automation systems such as MELSOFT iQ AppPortal, MELSOFT Navigator, and Motion Control Setting, are related to external control mechanisms...

7.8CVSS7.4AI score0.00261EPSS
Exploits0References4
ICS
ICS
added 2023/11/30 7:0 a.m.25 views

Mitsubishi Electric FA Engineering Software Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...

7.8CVSS7.9AI score0.00261EPSS
Exploits0References10
ICS
ICS
added 2023/02/27 8:46 p.m.69 views

Mitsubishi Electric MELSOFT iQ AppPortal

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: HTTP Request Smuggling, Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS10AI score0.19008EPSS
Exploits2References4
The Hacker News
The Hacker News
added 2023/02/22 5:38 a.m.179 views

U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three security flaws to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of shortcomings is as follows - CVE-2022-47986 CVSS score: 9.8 - IBM Aspera Faspex Code...

9.8CVSS1.9AI score0.99999EPSS
Exploits19
CISA
CISA
added 2023/02/21 12:0 a.m.23 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two 2 Industrial Control Systems ICS advisories on February 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

2.1AI score
Exploits0References2
ICS
ICS
added 2022/05/12 12:0 a.m.96 views

Mitsubishi Electric MELSOFT iQ AppPortal

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT iQ AppPortal Vulnerabilities: Missing Authorization, Out-of-bounds Write, NULL Pointer Dereference, Classic Buffer Overflow, HTTP Request Smuggling, Infinite Loop...

9.8CVSS10AI score0.97108EPSS
Exploits5References5
CNVD
CNVD
added 2022/05/05 12:0 a.m.17 views

Ericom PowerTerm WebConnect Cross-Site Scripting Vulnerability

Ericom PowerTerm WebConnect is a web browser. version 6.0 of Ericom PowerTerm WebConnect is vulnerable to a cross-site scripting vulnerability that originates when the login portal insecurely writes a cross-site scripting attack load to a page from an AppPortal cookie. An attacker could exploit...

4.3CVSS5.9AI score0.0053EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/04/28 1:15 p.m.4 views

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

6.1CVSS6.4AI score0.0053EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/04/28 1:15 p.m.3 views

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

6.1CVSS5.8AI score0.0053EPSS
Exploits0References3
Prion
Prion
added 2022/04/28 1:15 p.m.14 views

Default credentials

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

4.3CVSS6AI score0.0053EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/04/28 12:37 p.m.72 views

CVE-2022-29152

The CVE-2022-29152 entry concerns Ericom PowerTerm WebConnect 6.0 Login Portal. Multiple sources (NVD, CNVD, Red Hat advisories, CVE list) describe a cross-site scripting vulnerability where an XSS payload from the AppPortal cookie can be written into the page, enabling client-side JavaScript exe...

6.1CVSS6AI score0.0053EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/04/28 12:0 a.m.4 views

Ericom PowerTerm WebConnect 跨站脚本漏洞

Ericom PowerTerm WebConnect is a web browser. version 6.0 of Ericom PowerTerm WebConnect is vulnerable to a cross-site scripting vulnerability that originates when the login portal insecurely writes a cross-site scripting attack load to a page from an AppPortal cookie. An attacker could exploit...

6.1CVSS5.6AI score0.0053EPSS
Exploits0References3
Rows per page
Query Builder