17 matches found
EUVD-2024-32782
Malicious code in bioql PyPI...
CVE-2024-4230
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure,...
CVE-2024-4230
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure,...
CVE-2024-4230
CVE-2024-4230 affects Edgecross Basic Software for Windows (1.00 and later) and Edgecross Basic Software for Developers (1.00 and later). The root cause is an External Control of File Name or Path vulnerability that could allow a local attacker to execute arbitrary code, with potential for inform...
CVE-2024-4230
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure,...
CVE-2024-4229
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering...
PT-2024-29839 · Unknown · Edgecross Basic Software For Windows +1
Name of the Vulnerable Software and Affected Versions: Edgecross Basic Software for Windows versions 1.00 and later Edgecross Basic Software for Developers versions 1.00 and later Description: The issue allows a malicious local attacker to execute arbitrary malicious code, resulting in informatio...
PT-2024-29850 · Unknown · Edgecross Basic Software For Windows +1
Name of the Vulnerable Software and Affected Versions: Edgecross Basic Software for Windows versions 1.00 and later Edgecross Basic Software for Developers versions 1.00 and later Description: The issue allows a malicious local attacker to execute arbitrary malicious code, resulting in informatio...
Multiple vulnerabilities in Edgecross Basic Software for Windows
Overview Edgecross Basic Software for Windows provided by Edgecross Consortium contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2024-4229 External control of file name or path CWE-73 - CVE-2024-4230 Edgecross Consortium reported these vulnerabilities to...
Edgecross Basic Software 安全漏洞
Edgecross Basic Software is a software platform used in the Edge Computing space from Edgecross, Inc. that provides a variety of features to support data utilization and processing. A security vulnerability exists in Edgecross Basic Software ECP-BS1-W 1.00 and prior versions, which stems from...
Edgecross Basic Software 安全漏洞
Edgecross Basic Software is a software platform used in the Edge Computing space from Edgecross, Inc. that provides a variety of features to support data utilization and processing. A security vulnerability exists in Edgecross Basic Software ECP-BS1-W-D 1.00 and earlier versions, which originates...
CVE-2020-7566
A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...
CVE-2020-7567
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke t...
CVE-2020-7565
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...
Design/Logic Flaw
A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...
CVE-2020-7565
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...
High-Severity Flaws Patched in Schneider Electric Products
Schneider Electric has released fixes for a slew of vulnerabilities that can be exploited remotely in two of its industrial control system products. The two flaws, which exist in Schneider Electric’s power management system, PowerLogic PM5560, and its programmable logic controller, Modicon M221,...