28 matches found
EUVD-2020-5779
Malware in sbrugna...
EUVD-2020-5780
Malware in sbrugna...
CVE-2021-21957
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2020-13533
A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...
CVE-2020-13534
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...
The vulnerability of Dream Report and AVEVA Reports for Operations, which are used for generating production reports and analytics, stems from errors in processing the relative path to the catalog. This allows an attacker to execute arbitrary code.
The vulnerability of Dream Report and AVEVA Reports for Operations, which are used for generating production reports and analytics, is related to errors in processing the relative path to the catalog. Exploiting this vulnerability could allow an attacker to execute arbitrary code by loading a...
CVE-2024-6618
In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...
CVE-2024-6619
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...
CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...
CVE-2024-6619
In the provided documents, CVE-2024-6619 is described as an Incorrect Permission Assignment for Critical Resource affecting Ocean Data Systems Dream Report. Affected components are Dream Report 2023 (and AVEVA Reports for Operations 2023) with versions up to 23.0.17795.1010. The root cause is inc...
CVE-2024-6619 Incorrect Permission Assignment for Critical Resource in Ocean Data Systems Dream Report
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service...
CVE-2024-6618 Path Traversal in Ocean Data Systems Dream Report
In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...
CVE-2024-6618 Path Traversal in Ocean Data Systems Dream Report
In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link library DLL...
Ocean Data Systems Dream Report
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Ocean Data Systems Equipment : Dream Report 2023 Vulnerabilities : Path Traversal, Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these...
Ocean Data Systems Dream Report 5 R20-2 Has an Unspecified Vulnerability
Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. A security vulnerability exists in Dream Report 5 R20-2, which can be triggered by an attacker providing a malicious file...
Unspecified Vulnerability in Ocean Data Systems Dream Report 5 R20-2 (CNVD-2021-28326)
Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. Dream Report 5 R20-2 suffers from a security vulnerability that allows an attacker to misuse registry entries which refer to weakly-privileged binarie...
Unspecified Vulnerability in Ocean Data Systems Dream Report 5 R20-2 (CNVD-2021-28325)
Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. Dream Report 5 R20-2 has a security vulnerability that allows an attacker to replace the Syncfusion Dashboard Service service binary to escalate...
CVE-2020-13534
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...
CVE-2020-13533
A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...
CVE-2020-13534
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...