243 matches found
Siemens LOGO! V8.3 BM Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
CVE-2024-28298
SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SECIDF, LIEIDF, PLANFIDF, CLIIDF, DOSIDF, and possibly other parameters to /BMServerR.dll/BMRest...
BM SOFT BMPlanning 安全漏洞
BM SOFT BMPlanning is a powerful resource planning tool from the French company BM SOFT. A security vulnerability exists in BM SOFT BMPlanning version 1.0.0.1, which originates from the presence of a SQL injection vulnerability that allows an authenticated user to execute arbitrary SQL commands...
CVE-2024-28298
SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SECIDF, LIEIDF, PLANFIDF, CLIIDF, DOSIDF, and possibly other parameters to /BMServerR.dll/BMRest...
CVE-2024-28298
SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SECIDF, LIEIDF, PLANFIDF, CLIIDF, DOSIDF, and possibly other parameters to /BMServerR.dll/BMRest...
CVE-2024-28298
CVE-2024-28298 is a SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1. Authenticated users can pass crafted values to /BMServerR.dll/BMRest via parameters such as SEC_IDF, LIE_IDF, PLANF_IDF, CLI_IDF, and DOS_IDF to execute arbitrary SQL commands. Public references (NVD/Red Hat/CVE record...
SUSE CVE-2024-35837
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
CVE-2024-35837
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
CVE-2024-35837
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
UBUNTU-CVE-2024-35837
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
CVE-2024-35837 net: mvpp2: clear BM pool before initialization
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
CVE-2024-35837 net: mvpp2: clear BM pool before initialization
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
CVE-2024-35837 net: mvpp2: clear BM pool before initialization
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...
bm-service24.ru Cross Site Scripting vulnerability OBB-3911495
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bm-racing.nl Improper Access Control vulnerability OBB-3862995
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Unspecified Vulnerability in Siemens LOGO! BM (Base Module) Devices
Siemens LOGO! BM Base Module devices are used for basic small-scale automation tasks. An unspecified vulnerability exists in the Siemens LOGO! BM Base Module device due to the susceptibility of the affected device to electromagnetic fault injection. An attacker could exploit the vulnerability to...
Siemens LOGO! 8 BM Missing Authentication For Critical Function (CVE-2019-10919)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerabili...
Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25230)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device. This plugin only works with Tenable.ot. Please visi...
Siemens LOGO! 8 BM Missing Authentication For Critical Function (CVE-2020-25228)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
Siemens LOGO! 8 BM Insufficiently Protected Credentials (CVE-2020-25235)
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins. This plugin on...