13 matches found
EUVD-2024-32053
Malicious code in bioql PyPI...
CVE-2024-3467
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
CVE-2024-3467
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
CVE-2024-3467
Vulnerability summary (CVE-2024-3467) : AVEVA PI Asset Framework Client is affected. The issue is described as Deserialization of Untrusted Data (CWE-502) in the PI System Explorer workflow, which could allow malicious code to execute under the privileges of an interactive user when XML data is s...
CVE-2024-3467 Deserialization of Untrusted Data in AVEVA PI Asset Framework Client
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
CVE-2024-3467 Deserialization of Untrusted Data in AVEVA PI Asset Framework Client
There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker...
Osisoft PI Asset Framework Code Issue Vulnerability
Osisoft PI Asset Framework AF is a repository for asset-centric models, hierarchies, objects, and devices from Osisoft Corporation, USA. A code issue vulnerability exists in Osisoft PI Asset Framework, which stems from a vulnerability that could allow malicious code to execute with the privileges...
AVEVA PI Asset Framework Client
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Low attack complexity Vendor : AVEVA Equipment : PI Asset Framework Client Vulnerability : Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow malicious code execution. 3. TECHNICAL...
PT-2024-4214 · Aveva · Aveva Pi Asset Framework Client
Name of the Vulnerable Software and Affected Versions: AVEVA PI Asset Framework Client affected versions not specified Description: The issue allows malicious code to execute on the PI System Explorer environment under the privileges of an interactive user. This can happen when an attacker social...
CVE-2018-19006
OSIsoft PI Vision, versions PI Vision 2017, and PI Vision 2017 R2, The application contains a cross-site scripting vulnerability where displays that reference AF elements and attributes containing JavaScript are affected. This vulnerability requires the ability of authorized AF users to store...
CVE-2016-8365
OSIsoft PI System software Applications using PI Asset Framework AF Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit SDK versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI...
CVE-2016-8365
OSIsoft PI System software Applications using PI Asset Framework AF Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit SDK versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI...
OSIsoft PI AF and PI SQL for AF Command Limit Bypass Vulnerability
OSIsoft PI AF Asset Framework is a set of asset frameworks that define a consistent presentation for assets and provide structured information, which supports correlation of asset attributes with relational databases, asset-based data analytics, and application calculations, etc. PI SQL for AF is...