Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

seebug.org
seebug.orgadded 2014/02/12 12:0 a.m.46 views

KingSCADA/KingGraphic远程代码执行漏洞

CVECAN ID: CVE-2013-2827 KingSCADA系列产品是基于Windows的控制、监督和数据收集应用程序。 KingSCADA、KingGraphic 3.1及之前版本处理 "ProjectURL" 属性时,ActiveX组件内出现错误,成功利用后可导致下载并执行任意代码。 0 kingview KingSCADA = 3.1 kingview KingGraphic = 3.1 厂商补丁: kingview -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kingview.com...

7.5CVSS6.4AI score0.60519EPSS
Exploits5
NVD
NVDadded 2014/01/15 4:8 p.m.7 views

CVE-2013-2827

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...

7.5CVSS7AI score0.60519EPSS
Exploits5References1
Prion
Prionadded 2014/01/15 4:8 p.m.13 views

Code injection

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...

7.5CVSS7.6AI score0.60519EPSS
Exploits5References1Affected Software3
CVE
CVEadded 2014/01/15 4:0 p.m.50 views

CVE-2013-2827

CVE-2013-2827 concerns an unresolved ActiveX control in WellinTech KingSCADA (before 3.1.2), KingAlarm&Event (before 3.1), and KingGraphic (before 3.1.2) that allows remote code execution by abusing the ProjectURL property to download and execute a DLL on a client. Root cause: insufficient saniti...

7.5CVSS7.2AI score0.60519EPSS
Exploits5References1Affected Software3
Cvelist
Cvelistadded 2014/01/15 4:0 p.m.11 views

CVE-2013-2827

An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value...

7AI score0.60519EPSS
Exploits5References1
CVE
CVEadded 2014/01/15 4:0 p.m.50 views

CVE-2013-2826

CVE-2013-2826 affects WellinTech KingSCADA prior to 3.1.2, KingAlarm&Event prior to 3.1, and KingGraphic prior to 3.1.2. Authentication is performed at the KAEClientManager console, not the server, enabling a remote attacker to discover credentials by sending a crafted packet to TCP port 8130. Co...

6.4CVSS7.1AI score0.00272EPSS
Exploits0References1Affected Software3
Cvelist
Cvelistadded 2014/01/15 4:0 p.m.13 views

CVE-2013-2826

WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP...

6.9AI score0.00272EPSS
Exploits0References1
ICS
ICSadded 2013/09/12 6:0 a.m.38 views

WellinTech Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on December 10, 2013, and is now being released to the NCCIC/ICS-CERT Web site. NCCIC/ICS-CERT received reports from the Zero Day Initiative ZDI regarding a remote code execution vulnerability and an information...

7.5CVSS7.5AI score0.60519EPSS
Exploits5References10
Rows per page
Query Builder