CVE-2020-7514

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker access to the authorization credentials for a device and gain full access...

CVE-2020-7518

A CWE-20: Improper input validation vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to modify project configuration files...

CVE-2020-7515

A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker to decrypt a password...

CVE-2020-7519

A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to compromise a user account...

EUVD-2020-28642

Malware in sbrugna...

EUVD-2020-28641

Malware in sbrugna...

EUVD-2020-28640

Malware in sbrugna...

EUVD-2020-28644

Malware in sbrugna...

EUVD-2020-28643

Malware in sbrugna...

EUVD-2020-28639

Malware in sbrugna...

EUVD-2022-37703

Malicious code in bioql PyPI...

CVE-2020-7516

A CWE-316: Cleartext Storage of Sensitive Information in Memory vulnerability exists in Easergy Builder V1.4.7.2 and prior which could allow an attacker access to login credentials...

CVE-2020-7517

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to read user credentials...

Schneider Electric Easergy Builder Code Issue Vulnerability

Schneider Electric Easergy Builder is a set of configuration software for Easergy remote terminal units and controllers from Schneider Electric, France. A code issue vulnerability exists in Schneider Electric Easergy Builder version 1.7.23 and earlier, which stems from the presence of an...

CVE-2022-34755

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a...

CVE-2022-34755

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a...

Path traversal

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a...

CVE-2022-34755

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a...

CVE-2022-34755

CVE-2022-34755 affects Schneider Electric Easergy Builder Installer (versions ≤ 1.7.23). It is caused by an uncontrolled search path element, allowing a locally privileged attacker to place a crafted file and potentially execute arbitrary code during the installation process initiated by a valid ...

CVE-2022-34755

A CWE-427 - Uncontrolled Search Path Element vulnerability exists that could allow an attacker with a local privileged account to place a specially crafted file on the target machine, which may give the attacker the ability to execute arbitrary code during the installation process initiated by a...