Lucene search
K

105 matches found

Positive Technologies
Positive Technologies
added 4 days ago5 views

PT-2026-56921

Name of the Vulnerable Software and Affected Versions OpenPLC Runtime version 3 Description An authenticated arbitrary file write exists in the legacy web UI program-upload workflow. The application stores an attacker-supplied filename prog file into the Programs.File database field and uses this...

9.9CVSS6.5AI score0.00616EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.14 views

PT-2026-53221

Name of the Vulnerable Software and Affected Versions Delta Electronics DTM Soft affected versions not specified Description The software is susceptible to the deserialization of untrusted data, which can allow an attacker to execute arbitrary code. Real-world exploitation has been observed where...

8.4CVSS6AI score0.00388EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40427

Name of the Vulnerable Software and Affected Versions Fuji Tellus affected versions not specified Description The installation of Fuji Tellus adds a driver to the kernel that grants all users read and write permissions. This improper driver permission allows for privilege escalation from a user...

7.8CVSS5.8AI score0.00146EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.6 views

PT-2026-31719

Name of the Vulnerable Software and Affected Versions versions not specified Description A remote attacker with low privileges can manipulate Modbus register values used in odorant injection logic, potentially causing over or under-injection of odorant into a gas line. Attackers have exploited th...

8.6CVSS5.8AI score0.00448EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.6 views

RTI Connext Professional 安全漏洞

RTI Connext Professional is a connectivity platform developed by RTI Corporation in the United States, specifically designed to meet the demanding requirements of Industrial Internet of Things IIoT. RTI Connext Professional has a security vulnerability that stems from improper restrictions on XML...

9.1CVSS5.8AI score0.00235EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.6 views

ThreatFormer-IDS: Robust Transformer Intrusion Detection with Zero-Day Generalization and Explainable Attribution

Intrusion detection in IoT and industrial networks requires models that can detect rare attacks at low false-positive rates while remaining reliable under evolving traffic and limited labels. Existing IDS solutions often report strong in-distribution accuracy, but they may degrade when evaluated ...

5.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11378

Malware in sbrugna...

6.1CVSS6.3AI score0.01573EPSS
Exploits2References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6634

Malware in sbrugna...

10CVSS8.7AI score0.02905EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/09 12:0 a.m.4 views

Radiflow iSAP Smart Collector 安全漏洞

Radiflow iSAP Smart Collector is a remote traffic collection and forwarding appliance designed for industrial networks from Radiflow USA. A security vulnerability exists in Radiflow iSAP Smart Collector that stems from an outdated underlying Linux distribution, which could result in an unmitigate...

8.7CVSS6.8AI score0.00334EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.5 views

Siemens SINEC NMS SQL注入漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A SQL injection vulnerability exists in Siemens SINEC NMS, which can ...

8.8CVSS8AI score0.0046EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.4 views

Siemens SINEC NMS 路径遍历漏洞

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...

8.8CVSS6.6AI score0.07166EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 12:57 p.m.12 views

CVE-2018-19694

HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form...

6.1CVSS6.2AI score0.01573EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2024/12/04 12:0 a.m.6 views

Phoenix Contact Classic Line Controllers Insufficient Verification of Data Authenticity (CVE-2022-31800)

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS/ProConOS eCLR in order to gain full control over the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

10CVSS8.5AI score0.01455EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.9 views

The vulnerability of the software for monitoring and analyzing network traffic in industrial networks, SINEC Traffic Analyzer, is related to deficiencies in access control. This vulnerability allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SINEC Traffic Analyzer software for monitoring and analyzing network traffic in industrial networks is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

6.8CVSS5.5AI score0.00305EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.8 views

The vulnerability of the network management system for monitoring industrial networks in Siemens SINEC NMS, related to insufficient privilege separation, allows a intruder to execute arbitrary commands.

The vulnerability of the Siemens SINEC NMS network management system for monitoring industrial networks is related to insufficient privilege separation. Exploiting this vulnerability could allow a attacker to execute arbitrary commands...

7.8CVSS5.8AI score0.00174EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/11 12:0 a.m.8 views

The vulnerability of the MXview One and MXview One Central Manager industrial network management platforms lies in the storage of credentials in an open manner, allowing a malicious actor to gain unauthorized access to protected information.

The vulnerability of the MXview One and MXview One Central Manager industrial network management platforms lies in the storage of credentials in an open manner. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information...

7.1CVSS5.4AI score0.00113EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.8 views

The vulnerability of the software platform for managing security in industrial networks, MXSecurity, arises from the use of dangerous methods or functions, allowing attackers to enhance their privileges.

The vulnerability of the MXSecurity software platform for managing security in industrial networks is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.5AI score0.00345EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/31 12:0 a.m.9 views

The vulnerability of the MXSecurity software platform for managing security in industrial networks lies in the use of strictly encrypted credentials, which allows attackers to disclose the protected information.

The vulnerability of the MXSecurity software platform for managing security in industrial networks is related to the use of strictly encrypted user credentials. Exploiting this vulnerability could allow an attacker to disclose the protected information...

7.8CVSS5.4AI score0.00274EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2024/08/19 12:0 a.m.507 views

Ewon Cosy+ Command Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-018 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Special Element...

7.1AI score0.04023EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/08/19 12:0 a.m.234 views

Ewon Cosy+ Improper Neutralization / Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-016 Product: Ewon Cosy+ Manufacturer: HMS Industrial Networks AB Affected Versions: Firmware Versions: 21.2s10 and 22.1s3 Tested Versions: Firmware Version: 21.2s7 Vulnerability Type: Improper Neutralization of Input During We...

7.4AI score0.00715EPSS
Exploits5
Rows per page
Query Builder