84 matches found
EUVD-2015-6400
Malware in sbrugna...
EUVD-2015-6397
Malware in sbrugna...
EUVD-2020-28132
Malware in sbrugna...
EUVD-2020-8206
Malware in sbrugna...
EUVD-2023-12636
Malicious code in bioql PyPI...
EUVD-2023-44124
Malicious code in bioql PyPI...
CVE-2020-16244
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data...
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...
CVE-2020-16240
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference IDOR vulnerability allows user account data to be downloaded in JavaScript object notation JSON format by users who should not have access to such functionality. An attacker can download sensitive data related to...
CVE-2020-27263
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, ar...
The software vulnerabilities of Kepware KEPServerEX, ThingWorx Industrial Connectivity, OPC-Aggregator, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server allow attackers to execute arbitrary code or cause service failures.
The vulnerabilities of the Kepware KEPServerEX, ThingWorx Industrial Connectivity, OPC-Aggregator, Rockwell Automation KEPServer Enterprise, and GE Digital Industrial Gateway Server software-related programs are related to the execution of operations outside the buffer in memory. Exploiting these...
The vulnerabilities of the OPC-server software products such as KEPServerEX, ThingWorx Kepware Server, ThingWorx Industrial Connectivity, OPC-Aggregator, ThingWorx Kepware Edge, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server, and Software Toolbox TOP Server are related to errors in the certificate validation process. These vulnerabilities allow attackers to bypass the certificate validation checks.
The vulnerabilities of the OPC-server software products such as KEPServerEX, ThingWorx Kepware Server, ThingWorx Industrial Connectivity, OPC-Aggregator, ThingWorx Kepware Edge, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server, and Software Toolbox TOP Server are...
CVE-2023-4487 GE Digital CIMPLICITY Process Control
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software...
CVE-2023-4487 GE Digital CIMPLICITY Process Control
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software...
GE Digital CIMPLICITY
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Process Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...
CVE-2023-3463
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...
CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...
CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...
CVE-2023-3463
Ge Digital CIMPLICITY is affected by a heap-based buffer overflow due to memory corruption from insufficient input validation. All CIMPLICITY versions are implicated when documents from untrusted sources are accepted, allowing issues such as out-of-bounds reads/writes, use-after-free, and buffer ...
GE Digital CIMPLICITY
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption issues resulting in unwanted...