Hitachi Energy MACH GWS products

SUMMARY Hitachi Energy is aware of the multiple vulnerabilities that affect the MACH GWS product versions listed in this document. An attacker successfully exploiting these vulnerabilities can cause confidentiality, integrity and availability impacts. Please refer to the Recommended Immediate...

Malicious code in vue-gws (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 557d3dde7707f6cebfde77623067da836191b95969867f4855b6706e5a027e56 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

Hitachi Energy Gateway Station

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: Improper Input Validation, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause part of...

Hitachi Energy Gateway Station

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause affected modules to...

gws-rechner.de Cross Site Scripting vulnerability OBB-2892476

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

MAL-2022-424 Malicious code in @mcd-gws/fetlife-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f7e3548154ce243518484ab09d6c6ccbe53bfc1678708ba4b25c0ed08ba642a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

gws-rechner.de Cross Site Scripting vulnerability OBB-2623971

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

gws-wohnen.de XSS vulnerability

Vulnerable URL: http://www.gws-wohnen.de/default.aspx/G/111327/L/1031/R/-1/T/111427/A/1/PM/1/ID/127641/Z/'%22--!%3E%3Cimg%20src=x%20onerror=alert%22openbugbounty%22%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability...