Lucene search
K

43 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27866

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.02822EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-37704

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-27865

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.02371EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-37705

Malicious code in bioql PyPI...

6.7CVSS5.7AI score0.00277EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37706

Malicious code in bioql PyPI...

5.1CVSS5.4AI score0.00383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:44 a.m.6 views

CVE-2022-22722

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information disclosure. If an attacker were to obtain the SSH cryptographic key for the device and take active control of the local operational network connected to the product they could potentially observe and...

7.5CVSS6.5AI score0.02371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.10 views

CVE-2022-22723

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could lead to a buffer overflow causing program crashes and arbitrary code execution when specially crafted packets are sent to the device over the network. Protection functions and tripping function via GOOSE can be...

8.8CVSS8.1AI score0.02822EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.7 views

The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices arises from copying buffers without checking the size of the input data. This allows a malicious actor to execute arbitrary code.

The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices lies in the copying of buffers without checking the size of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.8CVSS8.2AI score0.01288EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.5 views

The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices, related to the use of cryptographic algorithms containing defects, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality,...

6.7CVSS5.9AI score0.00277EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/15 12:0 a.m.6 views

The vulnerability of microprogrammed software in Schneider Electric Easergy P5 relay protection and control devices, related to insufficient verification of input data, allows a intruder to disable the device’s control function.

The vulnerability of the microprogramming software in Schneider Electric Easergy P5 relay protection and control devices is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to disable the device’s control functions...

5.2CVSS5.6AI score0.00383EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/07/13 9:15 p.m.2 views

CVE-2022-34756

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 V01.401.102 and prior...

9.8CVSS7.8AI score0.01288EPSS
Exploits0References1
NVD
NVD
added 2022/07/13 9:15 p.m.28 views

CVE-2022-34758

A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 V01.401.102 and prior...

5.1CVSS0.00383EPSS
Exploits0References1
OSV
OSV
added 2022/07/13 9:15 p.m.4 views

CVE-2022-34758

A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 V01.401.102 and prior...

4.9CVSS5.8AI score0.00383EPSS
Exploits0References1
OSV
OSV
added 2022/07/13 9:15 p.m.3 views

CVE-2022-34757

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...

5.3CVSS5.8AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2022/07/13 9:15 p.m.20 views

CVE-2022-34756

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 V01.401.102 and prior...

9.8CVSS0.01288EPSS
Exploits0References1
Prion
Prion
added 2022/07/13 9:15 p.m.15 views

Design/Logic Flaw

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI. Affected Products: Easergy P5 V01.401.102 and prior...

7.5CVSS9.7AI score0.01288EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/07/13 9:15 p.m.14 views

Design/Logic Flaw

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...

5CVSS5.3AI score0.00277EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/07/13 9:15 p.m.19 views

Input validation

A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 V01.401.102 and prior...

3.3CVSS5.8AI score0.00383EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/07/13 9:10 p.m.88 views

CVE-2022-34758

CVE-2022-34758 affects Schneider Electric Easergy P5 (firmware prior to v01.401.102). It is an Improper Input Validation vulnerability (CWE-20) that could disable the device watchdog if an attacker has privileged credentials. The published advisories confirm vulnerable P5 firmware and provide a p...

5.1CVSS5AI score0.00383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/13 9:10 p.m.23 views

CVE-2022-34758

A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 V01.401.102 and prior...

5.1CVSS5.4AI score0.00383EPSS
Exploits0References1
Rows per page
Query Builder