Pulsar Plus System Controller 安全特征问题漏洞

Pulsar Plus System Controller is a Pulsar Plus series controller. A security vulnerability exists in the ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant, which stems from the presence of an Insufficient Use of Random Values vulnerability. The following products and versions...

CVE-2022-1607

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

CVE-2022-1607

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

CVE-2022-1607 Cross Site Scripting vulnerability in NE843 Pulsar Plus Controller

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

CVE-2022-1607 Cross Site Scripting vulnerability in NE843 Pulsar Plus Controller

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

CVE-2022-1607

ABB Pulsar Plus System Controller NE843_S and ABB Infinity DC Power Plant (H5692448 variants) are affected by CSRF (CVE-2022-1607). The issue arises from vulnerable web interfaces allowing unauthorized state-changing actions via forged requests. Affected versions include NE843_S comcode 150042936...

Pulsar Plus System Controller 跨站请求伪造漏洞

The Pulsar Plus System Controller is the Pulsar Plus family of controllers. A security vulnerability exists in ABB Pulsar Plus System Controller version NE843S, which originates from ABB Infinity DC Power Plant allowing cross-site request forgery, affecting the following products and versions:...

PT-2023-3375 · Abb · Abb Infinity Dc Power Plant +1

Name of the Vulnerable Software and Affected Versions: ABB Pulsar Plus System Controller NE843 S version comcode 150042936 ABB Infinity DC Power Plant versions H5692448 G104, H5692448 G842, H5692448 G224L, H5692448 G630-4, H5692448 G451C2, H5692448 G4612 – comcode 150047415 Description: The issue...

Norway Seizes $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers

Norwegian police agency Økokrim has announced the seizure of 60 million NOK about $5.84 million worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack. "This case shows that we also have a great capacity to follow the money on the blockchai...

SUSE CVE-2017-7781

An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINTATINFINITY" when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an...

SUSE CVE-2017-14245

An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values...

SUSE CVE-2017-14246

An out of bounds read in the function d2ulawarray in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values...

SUSE CVE-2020-26890

Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into th...

SUSE CVE-2021-29510

Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...

SUSE-SU-2022:3598-1 Security update for exiv2

This update for exiv2 fixes the following issues: - CVE-2021-37621: Fixed denial of service due to infinite loop in Image:printIFDStructure bsc1189333. - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read bsc1189332. - CVE-2021-37619: Fixed out-of-bounds read in...

Infinity loop can lead to denial of service

Lines of code Vulnerability details Impact Infinity loop can lead to denial of service Proof of Concept Tools Used None. Recommended Mitigation Steps Refactor code if is possible. --- The text was updated successfully, but these errors were encountered: All reactions...

U.S. Offers $10 Million Reward for Information on North Korean Hackers

The U.S. State Department has announced rewards of up to $10 million for any information that could help disrupt North Korea's cryptocurrency theft, cyber-espionage, and other illicit state-backed activities. "If you have information on any individuals associated with the North Korean...

Pexip Infinity Resource Management Error Vulnerability (CNVD-2022-54730)

Pexip Infinity is a video conferencing cloud collaboration platform from Pexip, a Norwegian company. Pexip Infinity versions prior to 27.3 contain a resource management error vulnerability that can be exploited by remote, unauthenticated attackers to cause a software crash and denial of service...

Pexip Infinity Input Validation Error Vulnerability (CNVD-2022-54731)

Pexip Infinity is a video conferencing cloud collaboration platform from Pexip, a Norwegian company. Pexip Infinity versions prior to 27.3 contain an input validation error vulnerability that can be exploited by remote, unauthenticated attackers to cause a denial of service...