Lucene search
K

110 matches found

NVD
NVD
added 2022/12/26 8:15 p.m.26 views

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5.3CVSS0.0045EPSS
Exploits0References1
Prion
Prion
added 2022/12/26 8:15 p.m.15 views

Code injection

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5CVSS5.4AI score0.0045EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/12/26 7:15 p.m.25 views

CVE-2020-12067

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...

7.5CVSS0.00509EPSS
Exploits0References1
Prion
Prion
added 2022/12/26 7:15 p.m.16 views

Default credentials

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...

5CVSS7.6AI score0.00509EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.10 views

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5.4AI score0.0045EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.8 views

PT-2022-8323 · 3S Smart Software Solutions +1 · Codesys Development System +1

Name of the Vulnerable Software and Affected Versions: Pilz PMC programming tool versions 3.x through 3.5.16 Description: A security issue allows an attacker to change a user's password without knowing the current password. This is possible in the Pilz PMC programming tool, which is based on the...

7.5CVSS7.5AI score0.00509EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/26 12:0 a.m.10 views

PT-2022-8324 · 3S Smart Software Solutions +1 · Codesys V3 +1

Name of the Vulnerable Software and Affected Versions: CODESYS V3 products versions prior to 3.5.16.0 Pilz PMC programming tool versions 3.x prior to 3.5.17 Description: The issue is related to a weak hashing algorithm used for storing online communication passwords in the CODESYS Control runtime...

7.8CVSS7.3AI score0.00164EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/12/26 12:0 a.m.29 views

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...

5.4AI score0.0045EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/26 12:0 a.m.6 views

Pilz PMC programming tool 安全漏洞

The Pilz PMC programming tool is a PMC programming tool from Pilz, Germany. A security vulnerability exists in Pilz PMC programming tool versions 3.x through 3.5.17 and earlier, which originates from an attacker being able to recognize a valid user name...

5.3CVSS6.9AI score0.0045EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/26 12:0 a.m.34 views

CVE-2020-12067

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...

7.6AI score0.00509EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.4 views

CVE-2020-12067

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, a user's password may be changed by an attacker without knowledge of the current password...

7.6AI score0.00509EPSS
Exploits0References1
CVE
CVE
added 2022/12/26 12:0 a.m.62 views

CVE-2020-12067

Pilz PMC programming tool up to v3.5.16 is affected (based on CODESYS Development System). The issue allows a password change by an attacker without knowing the current password. Remediation: upgrade to version 3.5.17 or later. Public exploitation status is not detailed in the provided sources; o...

7.5CVSS7.6AI score0.00509EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/12/26 12:0 a.m.77 views

CVE-2019-9011

CVE-2019-9011 affects Pilz PMC programming tool 3.x (based on CODESYS Development System). A remote attacker can enumerate valid usernames via the vulnerable flow, exposing an information-disclosure condition with network attack vector and no required privileges. The vulnerability is documented t...

5.3CVSS5.3AI score0.0045EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/08/31 8:15 p.m.14 views

Command injection

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

4CVSS8.7AI score0.00464EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/31 8:5 p.m.17 views

CVE-2022-34383

Dell Edge Gateway 5200 EGW versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM...

8.1CVSS8.9AI score0.00464EPSS
Exploits0References1
Prion
Prion
added 2022/02/09 11:15 p.m.24 views

Input validation

Improper locking in the Power Management Controller PMC for some Intel Chipset firmware before versions pmcfwlbgc1-21ww02a and pmcfwlbgb0-21ww02a may allow a privileged user to potentially enable denial of service via local access...

2.1CVSS4.8AI score0.00166EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/02/09 10:4 p.m.99 views

CVE-2021-0147

Impact summary (CVE-2021-0147) : The issue is an improper locking fault in the Power Management Controller (PMC) within certain Intel Chipset firmware. This vulnerability could allow a local, authenticated attacker to cause a denial of service, as described in multiple sources. The affected PMC v...

4.4CVSS4.5AI score0.00166EPSS
Exploits0References1Affected Software1
Intel
Intel
added 2022/02/08 12:0 a.m.53 views

2021.2 IPU – Intel® Chipset Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Chipset Firmware in Intel® Server Platform Services SPS, Intel® Active Management Technology AMT and the Intel Power Management Controller PMC may allow escalation of privilege or denial of service. Intel is releasing firmware updates to...

7.2CVSS6.2AI score0.0084EPSS
Exploits0
OSV
OSV
added 2021/12/30 2:45 a.m.11 views

GSD-2021-1002834 platform/x86: intel_pmc_core: fix memleak on registration failure

platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2021/12/30 2:44 a.m.15 views

GSD-2021-1002808 platform/x86: intel_pmc_core: fix memleak on registration failure

platform/x86: intelpmccore: fix memleak on registration failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.89 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder