82 matches found
EUVD-2015-6397
Malware in sbrugna...
EUVD-2015-6400
Malware in sbrugna...
EUVD-2020-28132
Malware in sbrugna...
EUVD-2020-8206
Malware in sbrugna...
EUVD-2023-44124
Malicious code in bioql PyPI...
EUVD-2023-12636
Malicious code in bioql PyPI...
CVE-2020-16244
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data...
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an...
CVE-2020-16240
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference IDOR vulnerability allows user account data to be downloaded in JavaScript object notation JSON format by users who should not have access to such functionality. An attacker can download sensitive data related to...
CVE-2020-27263
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, ar...
CVE-2023-4487 GE Digital CIMPLICITY Process Control
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software...
CVE-2023-4487 GE Digital CIMPLICITY Process Control
GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software...
GE Digital CIMPLICITY
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Process Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3...
CVE-2023-3463
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...
CVE-2023-3463
Ge Digital CIMPLICITY is affected by a heap-based buffer overflow due to memory corruption from insufficient input validation. All CIMPLICITY versions are implicated when documents from untrusted sources are accepted, allowing issues such as out-of-bounds reads/writes, use-after-free, and buffer ...
CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...
CVE-2023-3463 GE Digital CIMPLICITY Heap-based Buffer Overflow
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer...
GE Digital CIMPLICITY
1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption issues resulting in unwanted...
PT-2023-4364 · Ge Digital · Ge Digital Cimplicity
Name of the Vulnerable Software and Affected Versions: GE Digital CIMPLICITY versions affected versions not specified Description: The issue is related to memory corruption due to insufficient input validation, including out-of-bounds reads and writes, use-after-free, stack-based buffer overflows...
GE iFIX
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: iFIX Vulnerability: Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation and full control of the system. 3. TECHNICAL DETAILS 3.1...