EUVD-2018-19562

Malware in sbrugna...

Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability

Summary An exploitable reliance on untrusted inputs vulnerability exists in the strategy transfer function of the Schneider Electric Unity Pro L Programming Software. When a specially crafted strategy is programmed to a Modicon M580 Programmable Automation Controller, and UnityProL is used to rea...

CVE-2018-7850

A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software...

Design/Logic Flaw

A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software...

CVE-2018-7850

A CWE-807: Reliance on Untrusted Inputs in a Security Decision vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause invalid information displayed in Unity Pro software...

WordPress WooCommerce GloBee Payment Gateway 1.1.1 Bypass / Spoofing

?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018 Public Disclosure Date: 14.02.2019 Exploit Author: GeekHack Contact: https://t.me/GeekHack Vendor Homepage: https://globee.com/...

Circle with Disney Token Routing Vulnerability(CVE-2017-12085)

Summary An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability. Tested...