EulerOS 2.0 SP5 : kernel (EulerOS-SA-2023-2152)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack...

The vulnerability of the Advantech WebAccss/SCADA SCADA system, related to the unlimited loading of dangerous type files, allows a intruder to execute arbitrary code.

The vulnerability of the Advantech WebAccss/SCADA SCADA system is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-2866

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto Advantech WebAccess version 8.4.5, a web shell could be used to give the attacker full control of the SCADA server...

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation, USA. A buffer error vulnerability exists in Horner Automation Cscape v9.90 SP8 and Cscape EnvisionRV v4.70, which stems from a lack of proper validation of user-supplied...

Oracle Linux 9 : git (ELSA-2023-3245)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3245 advisory. 2.39.3-1 - Update to 2.39.3 - Resolves: 2188352, 2188361, 2189976, 2189977 Tenable has extracted the preceding description block directly from the Orac...

Important: Red Hat Security Advisory: git security update

An update for git is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Important: Red Hat Security Advisory: git security update

An update for git is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Industrial and Manufacturing CVEs: Addressing the SCADA in the Room

Industrial and Manufacturing CVEs: Addressing the SCADA in the Room By Trellix · May 22, 2023 This blog was written by Charles McFarland The industrial and manufacturing spaces are critical to the global economy. They produce the goods and services we rely on every day, from food and clothing to...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2023-1973)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM : Git vulnerabilities (USN-6050-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6050-2 advisory. USN-6050-1 fixed several vulnerabilities in Git. This update provides the corresponding updates for CVE-2023-25652 and CVE-2023-29007 on Ubuntu 16.04 LTS...

CVE-2022-47393

creationtimestamp| type| source ---|---|--- 2023-05-15 14:29:35+00:00| seen| https://t.me/cibsecurity/64092 2023-08-11 08:14:17+00:00| seen| Telegram/mZjVEjJ9UySCRyqlZinbXkTti1EvxKvFP59xnKSPk7h14g 2023-08-11 09:09:47+00:00| seen| https://t.me/KomunitiSiber/635 2026-03-17 12:00:00+00:00| seen|...

CVE-2022-22508

creationtimestamp| type| source ---|---|--- 2023-05-15 14:29:28+00:00| seen| https://t.me/cibsecurity/64087 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

CVE-2022-47378

creationtimestamp| type| source ---|---|--- 2023-05-15 14:29:27+00:00| seen| https://t.me/cibsecurity/64086 2023-08-11 09:09:47+00:00| seen| https://t.me/KomunitiSiber/635 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...

EulerOS 2.0 SP9 : git (EulerOS-SA-2023-1841)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33....

SDG PnPSCADA

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SDG Technologies Equipment: PnPSCADA Vulnerabilities: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to interact with the database and retrieve...

CVE-2023-1934

The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...

CVE-2023-1934

The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...

CVE-2023-1934

The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...

The vulnerability of the mySCADA myPRO industrial process visualization and control system lies in insufficient validation of the arguments transmitted in commands, allowing a hacker to execute arbitrary code in the operating system.

The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to insufficient verification of the arguments sent in commands. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the operating system...

The vulnerability of the mySCADA myPRO industrial process visualization and control system, related to insufficient verification of arguments transmitted in commands, allows a perpetrator to execute arbitrary code in the operating system.

The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to insufficient verification of the arguments sent in commands. Exploiting this vulnerability allows a malicious actor to execute any code in the operating system...