Lucene search
+L

243 matches found

ICS
ICS
added 2024/08/13 12:0 a.m.15 views

Siemens LOGO! V8.3 BM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

5.1CVSS4.9AI score0.00213EPSS
Exploits0References10
NVD
NVD
added 2024/08/02 7:16 p.m.26 views

CVE-2024-28298

SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SECIDF, LIEIDF, PLANFIDF, CLIIDF, DOSIDF, and possibly other parameters to /BMServerR.dll/BMRest...

8.8CVSS0.00458EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.6 views

BM SOFT BMPlanning 安全漏洞

BM SOFT BMPlanning is a powerful resource planning tool from the French company BM SOFT. A security vulnerability exists in BM SOFT BMPlanning version 1.0.0.1, which originates from the presence of a SQL injection vulnerability that allows an authenticated user to execute arbitrary SQL commands...

8.8CVSS8.1AI score0.00458EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/08/02 12:0 a.m.30 views

CVE-2024-28298

SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SECIDF, LIEIDF, PLANFIDF, CLIIDF, DOSIDF, and possibly other parameters to /BMServerR.dll/BMRest...

0.00458EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/02 12:0 a.m.14 views

CVE-2024-28298

SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SECIDF, LIEIDF, PLANFIDF, CLIIDF, DOSIDF, and possibly other parameters to /BMServerR.dll/BMRest...

8.4AI score0.00458EPSS
Exploits1References2
CVE
CVE
added 2024/08/02 12:0 a.m.38 views

CVE-2024-28298

CVE-2024-28298 is a SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1. Authenticated users can pass crafted values to /BMServerR.dll/BMRest via parameters such as SEC_IDF, LIE_IDF, PLANF_IDF, CLI_IDF, and DOS_IDF to execute arbitrary SQL commands. Public references (NVD/Red Hat/CVE record...

8.8CVSS8.5AI score0.00458EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2024/05/21 1:59 a.m.4 views

SUSE CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

5.5CVSS6.1AI score0.0022EPSS
Exploits0References19
NVD
NVD
added 2024/05/17 2:15 p.m.14 views

CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

5.5CVSS7.3AI score0.0022EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/05/17 2:15 p.m.21 views

CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

5.5CVSS6.3AI score0.0022EPSS
Exploits0References16
OSV
OSV
added 2024/05/17 2:15 p.m.11 views

UBUNTU-CVE-2024-35837

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References17
Cvelist
Cvelist
added 2024/05/17 2:2 p.m.34 views

CVE-2024-35837 net: mvpp2: clear BM pool before initialization

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

6.3AI score0.0022EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/05/17 2:2 p.m.15 views

CVE-2024-35837 net: mvpp2: clear BM pool before initialization

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

6.6AI score0.0022EPSS
Exploits0References6
OSV
OSV
added 2024/05/17 2:2 p.m.16 views

CVE-2024-35837 net: mvpp2: clear BM pool before initialization

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue...

5.5CVSS5.8AI score0.0022EPSS
Exploits0References10
Openbugbounty
Openbugbounty
added 2024/04/09 8:54 a.m.4 views

bm-service24.ru Cross Site Scripting vulnerability OBB-3911495

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/03/01 8:38 p.m.8 views

bm-racing.nl Improper Access Control vulnerability OBB-3862995

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
CNVD
CNVD
added 2023/12/13 12:0 a.m.29 views

Unspecified Vulnerability in Siemens LOGO! BM (Base Module) Devices

Siemens LOGO! BM Base Module devices are used for basic small-scale automation tasks. An unspecified vulnerability exists in the Siemens LOGO! BM Base Module device due to the susceptibility of the affected device to electromagnetic fault injection. An attacker could exploit the vulnerability to...

7.6CVSS7.4AI score0.00248EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.23 views

Siemens LOGO! 8 BM Missing Authentication For Critical Function (CVE-2019-10919)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerabili...

9.4CVSS7.1AI score0.02746EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.22 views

Siemens LOGO! 8 BM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-25230)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device. This plugin only works with Tenable.ot. Please visi...

7.5CVSS7.4AI score0.004EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.30 views

Siemens LOGO! 8 BM Missing Authentication For Critical Function (CVE-2020-25228)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...

10CVSS7.1AI score0.01372EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.15 views

Siemens LOGO! 8 BM Insufficiently Protected Credentials (CVE-2020-25235)

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins. This plugin on...

7.5CVSS7.4AI score0.01147EPSS
Exploits0References3
Rows per page
Query Builder