15 matches found
EUVD-2014-2542
Malware in sbrugna...
EUVD-2016-5517
Malware in sbrugna...
PT-2025-13591 · Onenav · Onenav
Name of the Vulnerable Software and Affected Versions: OneNav version 1.1.0 Description: The issue is related to Server-Side Request Forgery SSRF in custom headers. This means an attacker could potentially force the server to make requests to arbitrary domains, which could lead to unauthorized...
CVE-2022-1794
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system...
Yokogawa Exaopc 安全漏洞
The Yokogawa Exaopc is an OPC data access server from Yokogawa Electric Yokogawa, Japan. A security vulnerability exists in the Yokogawa CENTUM CS 3000 that stems from a violation of security design principles...
CVE-2016-4530
OSIsoft PI SQL Data Access Server aka OLE DB 2016 1.5 allows remote authenticated users to cause a denial of service service outage and data loss via a message...
CVE-2016-4530
CVE-2016-4530 affects the OSIsoft PI SQL Data Access Server (OLE DB) 2016 (1.5). The vulnerability arises from improper input validation in the PI SQL Data Access Server when processing a message from an authenticated connection, enabling a remote denial-of-service that can cause a service outage...
CVE-2016-4530
OSIsoft PI SQL Data Access Server aka OLE DB 2016 1.5 allows remote authenticated users to cause a denial of service service outage and data loss via a message...
OSIsoft PI JDBC Driver and PI ODBC Driver Denial of Service Vulnerabilities
OSIsoft PI JDBC Driver and PI ODBC Driver are drivers for connecting to access databases from OSIsoft, USA. A de-security vulnerability exists in OSIsoft PI JDBC Driver and PI ODBC Driver SQL Data Access Server fails to properly process input, which could be exploited by remote attackers to submi...
OSIsoft PI SQL Data Access Server Input Validation Vulnerability
OVERVIEW OSIsoft has identified an input validation vulnerability in its own PI SQL Data Access Server. OSIsoft has produced a new version of PI SQL Data Access Server OLE DB 2016 1.5 to address this issue. This vulnerability could be exploited remotely. AFFECTED PRODUCTS Affected versions of PI...
Ingres Data Access Server Detection
The remote service is an Ingres Data Access Server, which translates requests from the JDBC driver and .NET Data Provider into an internal format and forwards them to the appropriate DBMS server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Ingress数据库服务器多个堆溢出漏洞
Ingres是很多CA产品默认所使用的数据库后端。 CA产品所捆绑Ingres数据库服务器在处理请求数据时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 Ingres数据库服务器的通讯服务器(iigcc.exe)和数据访问服务器(iigcd.exe)组件没有正确验证用户所提供数据的长度便将数据拷贝到了固定大小的堆缓冲区。如果远程攻击者在10916(iigcc)或10923(iigcd)端口上建立的TCP会话的话,就可以向数据库服务器发送畸形请求触发漏洞,导致执行任意指令。 Computer Associates eTrust Secure Content Manager r8...
CVE-2007-3334
Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...
Heap overflow
Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...
CVE-2007-3334
Multiple heap-based buffer overflows in the 1 Communications Server iigcc.exe and 2 Data Access Server iigcd.exe components for Ingres Database Server 3.0.3, as used in CA Computer Associates products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitra...