Lucene search
K

38 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-28954

Malicious code in bioql PyPI...

9CVSS9AI score0.0177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:57 p.m.8 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS6.5AI score0.00537EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:57 p.m.6 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS6.6AI score0.00826EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:56 p.m.5 views

CVE-2022-24039

A vulnerability has been identified in Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such...

9CVSS7.2AI score0.0177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.7 views

CVE-2021-41545

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...

7.5CVSS6.6AI score0.0085EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.27 views

Siemens Desigo PXC and DXR Devices Uncontrolled Resource Consumption (CVE-2022-24040)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application fails to enforce an upper bound to the cost factor of the PBKD...

6.5CVSS6.4AI score0.00781EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.32 views

Siemens Desigo PXC and DXR Devices Failure to Sanitize Special Elements Into a Different Plane (CVE-2022-24039)

A vulnerability has been identified in Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The addCell JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such th...

9CVSS8.4AI score0.0177EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/06/29 12:0 a.m.5 views

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules lies in the exposure to information leakage due to inconsistencies in the system. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules is related to the exposure of information through incompatibility issues. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

5.3CVSS5.9AI score0.0099EPSS
Exploits0References3Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/05/31 12:0 a.m.6 views

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 unit stations involves the absence of the “Secure”, “HttpOnly”, or “SameSite” flags in the session cookie files. This allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the microprogramming software for the Desigo DXR2, PXC3, PXC4, and PXC5 station modules is related to the absence of the “Secure”, “HttpOnly”, or “SameSite” flags in the session cookies files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

7.8CVSS6.5AI score0.00537EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.3 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS5.5AI score0.00537EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.3 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS5.5AI score0.0099EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/20 1:15 p.m.2 views

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application does not employ any countermeasures...

7.5CVSS5.5AI score0.00826EPSS
Exploits0References2
OSV
OSV
added 2022/05/20 1:15 p.m.5 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS5.7AI score0.00537EPSS
Exploits0References1
NVD
NVD
added 2022/05/20 1:15 p.m.21 views

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The application, after a successful login, sets the session cookie on the browser...

6.5CVSS0.00537EPSS
Exploits0References1
Prion
Prion
added 2022/05/20 1:15 p.m.14 views

Design/Logic Flaw

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5CVSS5.9AI score0.0099EPSS
Exploits0References1Affected Software4
OSV
OSV
added 2022/05/10 11:15 a.m.4 views

CVE-2022-24040

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application fails to enforce an upper bound to the cost factor of the PBKD...

6.5CVSS6.5AI score0.00781EPSS
Exploits0References1
NVD
NVD
added 2022/05/10 11:15 a.m.16 views

CVE-2022-24041

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

6.5CVSS0.0044EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/10 11:15 a.m.3 views

CVE-2022-24039

A vulnerability has been identified in Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such...

9CVSS5.8AI score0.0177EPSS
Exploits0References2
NVD
NVD
added 2022/05/10 11:15 a.m.19 views

CVE-2022-24039

A vulnerability has been identified in Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The “addCell” JavaScript function fails to properly sanitize user-controllable input before including it into the generated XML body of the XLS report document, such...

9CVSS0.0177EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/10 11:15 a.m.1 views

CVE-2022-24041

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application stores the PBKDF2 derived key of users passwords with a low...

6.5CVSS5.4AI score0.0044EPSS
Exploits0References2
Rows per page
Query Builder