37 matches found
Siemens blueplanet SQL注入漏洞
Siemens Blueplanet is a series of solar inverter and energy monitoring products developed by German company Siemens, aimed at photovoltaic power generation and energy storage systems. Several Siemens products have SQL injection vulnerabilities, which stem from improper handling of special element...
EUVD-2025-21832
Malicious code in bioql PyPI...
CVE-2025-6185
Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious payload in URL parameters, which would execute in a client browser when accessed by a user, steal session tokens, and control the service...
CVE-2025-6185
Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious payload in URL parameters, which would execute in a client browser when accessed by a user, steal session tokens, and control the service...
CVE-2025-6185
Leviton AcquiSuite and Energy Monitoring Hub are affected by a cross-site scripting (XSS) vulnerability in URL parameters, enabling an attacker to craft a payload that executes in a user’s browser, potentially stealing session tokens and allowing control of the service. Root cause: XSS in URL par...
CVE-2025-6185 Leviton AcquiSuite and Energy Monitoring Hub Cross-site Scripting
Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious payload in URL parameters, which would execute in a client browser when accessed by a user, steal session tokens, and control the service...
CVE-2025-6185 Leviton AcquiSuite and Energy Monitoring Hub Cross-site Scripting
Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious payload in URL parameters, which would execute in a client browser when accessed by a user, steal session tokens, and control the service...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on July 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-198-01 Leviton AcquiSuite and Energy Monitoring Hub ICSMA-25-198-01 Panoramic Corporati...
Leviton AcquiSuite和Leviton Energy Monitoring Hub 跨站脚本漏洞
Leviton AcquiSuite and Leviton Energy Monitoring Hub are industrial-grade energy data collection and monitoring gateways from Leviton Corporation. A cross-site scripting vulnerability exists in Leviton AcquiSuite and Leviton Energy Monitoring Hub, which stems from a cross-site scripting...
PT-2025-29942 · Leviton · Energy Monitoring Hub +1
Name of the Vulnerable Software and Affected Versions: Leviton AcquiSuite and Energy Monitoring Hub affected versions not specified Description: Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting issue. An attacker can craft a malicious payload within URL...
The vulnerability of the BLE (Bluetooth Low Energy) component of the microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000/1100 allows a intruder to trigger a service failure.
The vulnerability of the BLE Bluetooth Low Energy component of the microprogramming software for monitoring and controlling energy systems in Sentron Powercenter 1000/1100 is related to synchronization errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the software for energy monitoring systems, including EcoStruxure Power Monitoring Expert, EcoStruxure Power Operation (EPO) with Advanced Reports, and EcoStruxure Power SCADA Operation with Advanced Reports, is related to deficiencies in the deserialization mechanism. This allows attackers to execute arbitrary code.
The vulnerabilities of the software for energy monitoring, including EcoStruxure Power Monitoring Expert, EcoStruxure Power Operation EPO with Advanced Reports, and EcoStruxure Power SCADA Operation with Advanced Reports, are related to deficiencies in the deserialization mechanism. Exploiting...
Delta Electronics DIAEnergie 代码问题漏洞
Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A code issue...
Xen Platypus information leak via power sidechannel (XSA-351)
An information disclosure vulnerability exists in power/energy monitoring interfaces, which can be used to create covert channels and infer the operations and data used by other contexts within the system. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid142889;...
CVE-2020-28368
A flaw was found in Xen where access to power/energy monitoring interfaces was not properly restricted to privileged software. This flaw allows an unprivileged guest administrator to create covert channels and infer the operations or data used by other contexts within the system, such as AES keys...
CVE-2020-28368
Xen through 4.14.x allows guest OS administrators to obtain sensitive information such as AES keys from outside the guest via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for...
CVE-2020-28368
Xen through 4.14.x allows guest OS administrators to obtain sensitive information such as AES keys from outside the guest via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for...
Mitsubishi CTF-200A Energy Monitoring Module Detection
Binary data 754994.prm...
Mitsubishi EMU-CT100 Energy Monitoring Module Detection
Binary data 751766.prm...
Mitsubishi CTF-100A Energy Monitoring Module Detection
Binary data 754993.prm...