EUVD-2015-1001

Malware in sbrugna...

EUVD-2015-0984

Malware in sbrugna...

EUVD-2015-1003

Malware in sbrugna...

EUVD-2015-1000

Malware in sbrugna...

CVE-2015-0995

Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack...

CVE-2015-0994

Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests...

Cross site scripting

Cross-site scripting XSS vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Design/Logic Flaw

Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests...

Default credentials

Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack...

CVE-2015-0993

Inductive Automation Ignition 7.7.2 is affected by CVE-2015-0993, where sessions are not terminated on logout, allowing a remote attacker to bypass access controls via an unattended workstation. Connected sources confirm Ignition is vulnerable in 7.7.x (notably

CVE-2015-0976

CVE-2015-0976 is an XSS vulnerability in Inductive Automation Ignition 7.7.2. The issue stems from improper neutralization of input in web page generation, with the server reflecting HTTP request data back in the HTTP response, enabling remote attackers to inject arbitrary script. Several connect...