258 matches found
EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. "EncryptHub has been observed targeting users of popular applications, ...
CVE-2023-5122
Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured to send requests t...
Fuji Electric V-Server和Fuji Electric V-Server Lite 缓冲区错误漏洞
Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in its uncontrolled search algorithm, which allows attackers to escalate their privileges.
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow attackers to enhance their privileges...
The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.
The vulnerability of the centreon-web component of the IT infrastructure monitoring software lies in the lack of protective measures for the SQL query structure. This allows attackers to enhance their privileges and execute arbitrary code using a specially created SQL query...
The vulnerability of monitoring software and Performance Co-Pilot (PCP) systems, which involves creating temporary files with insecure permissions, allows attackers to carry out attacks using symbolic links and to circumvent user isolation measures provided by PCP.
The vulnerability of the Performance Co-Pilot PCP monitoring and performance visualization software is related to the mixed levels of privileges used by systemd services associated with PCP. Exploiting this vulnerability allows an attacker to carry out attacks using symbolic links and to circumve...
The vulnerability of the Cacti network monitoring software lies in the lack of security measures taken to protect the structure of the web page. This allows attackers to execute cross-site scripting attacks.
The vulnerability of the Cacti network monitoring software exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute cross-site scripting using a specially crafted page...
Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. A buffer overflow vulnerability exists in Fuji Electric Tellus Lite V-Simulator, which stems from an out-of-bounds write vulnerability that can be exploited by an attacker t...
Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability (CNVD-2025-13543)
Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. Fuji Electric Tellus Lite V-Simulator suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An...
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary SQL code.
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
The vulnerability of the Checkmk monitoring software for IT infrastructure allows a hacker to increase their privileges.
The vulnerability of Checkmk, a monitoring software for IT infrastructure, is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...
Voltronic Power ViewPower 安全漏洞
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An authentication bypass vulnerability exists in Voltronic Power ViewPower Pro, which can be exploited by an attacker to bypass authentication on the system...
Janitza GridVis 安全漏洞
Janitza GridVis is a grid monitoring software from Janitza. A security vulnerability exists in Janitza GridVis version 9.0.66 and prior versions that stems from the use of hard-coded credentials...
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures, allowing attackers to execute arbitrary SQL queries against the database.
The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform, due to insufficient comparison, allows a hacker to execute arbitrary commands with privileged privileges.
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to insufficient comparison. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with privileged privileges...
The vulnerability of the pollers.php script, a network monitoring software, allows a hacker to execute arbitrary code.
The vulnerability of the pollers.php script, a network monitoring software, is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2159406)
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower, which can be exploited by an attacker to execute code in the SYSTEM context...
Voltronic Power ViewPower Remote Code Execution Vulnerability (CNVD-2025-2160197)
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. A remote code execution vulnerability exists in Voltronic Power ViewPower Pro, which can be exploited by an attacker to execute code in the context of LOCAL SERVICE...
Progress Software WhatsUp Gold Cross-Site Scripting Vulnerability
Progress Software WhatsUp Gold is a network monitoring software from Progress Software, Inc. It is used to monitor the entire network infrastructure as well as applications, configurations and network traffic. A security vulnerability previously existed in Progress Software WhatsUp Gold version...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on December 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-346-01 Schneider Electric Easy UPS Online Monitoring Software ICSA-22-356-03 Mitsubis...