Lightspeed Classroom 安全漏洞

Lightspeed Classroom is a teaching management platform developed by Lightspeed in the United States, used for classroom device management and student behavior monitoring. Version 5.1.2.1763770643 of Lightspeed Classroom contains a security vulnerability. This vulnerability stems from a client...

EUVD-2020-4823

Malware in sbrugna...

EUVD-2019-4023

Malware in sbrugna...

EUVD-2020-4821

Malware in sbrugna...

EUVD-2019-15208

Malware in sbrugna...

EUVD-2019-4022

Malware in sbrugna...

EUVD-2020-4819

Malware in sbrugna...

The vulnerability of microprogramming software in devices for remote control of lighting and energy consumption from Schneider Electric Sage lies in the possibility of writing beyond the buffer in memory, allowing attackers to bypass authentication procedures.

The vulnerability of microprogramming software in Schneider Electric Sage lighting and energy consumption remote control devices is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to bypass authentication procedures by...

The vulnerability of the web interface of microprogramming software for devices for remote control of lighting and energy consumption in Schneider Electric Sage. This allows a perpetrator to upload arbitrary files and embedded software.

The vulnerability of the web interface of microprogramming software for devices for remote control of lighting and energy consumption in Schneider Electric Sage is related to the default access settings. Exploiting this vulnerability allows a malicious actor to upload arbitrary files and embedded...

The vulnerability in the web interface of microprogramming software for devices for remote control of lighting and energy consumption from Schneider Electric Sage allows a perpetrator to compromise the integrity of protected information and cause service interruptions.

The vulnerability of the web interface of microprogramming software for devices for remote control of lighting and energy consumption in Schneider Electric Sage is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow a...

The vulnerability of the microprogramming software of Schneider Electric Easergy T200 remote control devices allows a intruder to gain unauthorized access to the system.

The vulnerability of the microprogramming software of Schneider Electric Easergy T200 remote control devices is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow an intruder to gain unauthorized access to the system...

PHOENIX CONTACT PLCnext Engineer and PLCnext Control Devices Security Vulnerability

PHOENIX CONTACT PLCnext Engineer and PHOENIX CONTACT PLCnext Control Devices are both products of PHOENIX CONTACT, Germany. PHOENIX CONTACT PLCnext Engineer is an engineering software platform for automation controllers and PHOENIX CONTACT PLCnext Control Devices are programmable logic controller...

CVE-2023-28810

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...

Siemens Industrial Product Denial of Service Vulnerability (CNVD-2022-87983)

SIMATIC Drive Controllers for the automation of production machines combine the functionality of SIMATIC S7-1500 CPUs with that of SINAMICS S120 drive controls.SIMATIC ET 200SP Open Controller is the PC-based version of the SIMATIC S7-1500 controller. Includes optional visualization features and...

The vulnerability of Cisco Expressway microprogramming software and Cisco TelePresence Video Communication Server microprogramming software for control devices is related to errors in the authentication process. This vulnerability allows attackers to execute a type of “man-in-the-middle” attack.

The vulnerability of Cisco Expressway microprogramming software and Cisco TelePresence Video Communication Server microprogramming software for call management devices is related to errors in the authentication process. Exploiting this vulnerability could allow a malicious actor to carry out a...

The software vulnerability is designed for calculating and selecting control devices for ProClima temperature settings. It involves the operation of data beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the software is designed for calculating and selecting devices that can control the temperature settings of ProClima. This vulnerability is related to the operation of the function that goes beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker t...

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices

Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology OT devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical...

Phoenix Contact PLCnext Control Devices Cross-Site Scripting Vulnerability

Phoenix Contact PLCnext Control Devices is a programmable logic controller for industrial environments from Phoenix Contact. A cross-site scripting vulnerability exists in Phoenix Contact PLCnext Control Devices prior to version 2021.0 LTS, which originates from an authenticated, low-privileged...

CVE-2020-12521

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot...

CVE-2020-12517

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website local privilege escalation...