182 matches found
mv-turnau.at Cross Site Scripting vulnerability OBB-3883674
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mv-turnau.at Cross Site Scripting vulnerability OBB-3881864
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mv-tankt-strom.de Improper Access Control vulnerability OBB-3774996
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
offene-kirche-mv.de Cross Site Scripting vulnerability OBB-3711171
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-35920
A vulnerability has been identified in SIMATIC MV540 H All versions V3.3.4, SIMATIC MV540 S All versions V3.3.4, SIMATIC MV550 H All versions V3.3.4, SIMATIC MV550 S All versions V3.3.4, SIMATIC MV560 U All versions V3.3.4, SIMATIC MV560 X All versions V3.3.4. Affected devices cannot properly...
Siemens SINAMICS Medium Voltage Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...
Malicious code in mv-browser-support (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8942832656feb0a5ad201155c0335c5e5d8bd5c8fa7efcb575a25b9542327cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-611 Malicious code in mv-browser-support (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8942832656feb0a5ad201155c0335c5e5d8bd5c8fa7efcb575a25b9542327cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
mv-sachsen-anhalt.de Cross Site Scripting vulnerability OBB-3224723
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Code injection
MV iDigital Clinic Enterprise iDCE 1.0 stores passwords in cleartext...
PT-2023-13034 · Unknown · Mv Idigital Clinic Enterprise
Name of the Vulnerable Software and Affected Versions: MV iDigital Clinic Enterprise iDCE version 1.0 Description: The issue concerns the storage of passwords in cleartext. There is no information provided about the estimated number of potentially affected devices worldwide or details about...
CVE-2022-31405
MV iDigital Clinic Enterprise iDCE 1.0 stores passwords in cleartext...
CVE-2022-31405
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext, a vulnerability affecting confidentiality (C HIGH) due to plaintext credential storage. Multiple sources corroborate this issue; the root cause is improper password handling in iDCE 1.0. Documents do not detail existing explo...
PT-2022-36330 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.16 through 5.10.154 Description: A resource leak was discovered in the mv xor v2 remove function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 4.16...
PT-2022-36608 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.334 Description: A resource leak was discovered in the mv xor v2 remove function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2022-36559 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.300 Description: A resource leak was discovered in the mv xor v2 remove function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
PT-2022-9051 · Seagate · Seagate Central Nas
Name of the Vulnerable Software and Affected Versions: Seagate Central NAS versions STCG2000300, STCG3000300, and STCG4000300 Description: The web-management application on the affected devices allows OS command injection via mv backend launch in cirrus/application/helpers/mv backend helper.php b...
MV POWER CCTV DVR 安全漏洞
MV POWER CCTV DVR is a series of CCTV cameras from MV POWER. A security vulnerability exists in MV POWER CCTV DVR TV-7104HE version 1.8.4 115215B9 and TV7108HE version. An attacker can exploit this vulnerability to execute arbitrary operating system commands as the root user...
CVE-2022-33138
A vulnerability has been identified in SIMATIC MV540 H All versions V3.3, SIMATIC MV540 S All versions V3.3, SIMATIC MV550 H All versions V3.3, SIMATIC MV550 S All versions V3.3, SIMATIC MV560 U All versions V3.3, SIMATIC MV560 X All versions V3.3. Affected devices do not perform authentication f...
mv-tiefenstein.de Cross Site Scripting vulnerability OBB-2690960
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...