888 matches found
CVE-2024-20514
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...
CVE-2023-20260
A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...
CVE-2021-20827
Plaintext storage of a password vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows an...
CVE-2019-10953
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets...
Delta Electronics ISPSoft Stack Buffer Overflow Vulnerability (CNVD-2025-12375)
Delta Electronics ISPSoft is a programmable logic controller PLC programming software from Delta Electronics. A stack buffer overflow vulnerability exists in Delta Electronics ISPSoft, which can be exploited by an attacker to execute arbitrary code using debugging logic when parsing CBDGL files...
Delta Electronics ISPSoft Stack Buffer Overflow Vulnerability
Delta Electronics ISPSoft is a programmable logic controller PLC programming software from Delta Electronics. A stack buffer overflow vulnerability exists in Delta Electronics ISPSoft, which can be exploited by an attacker to execute arbitrary code while parsing a DVP file...
libplctag 缓冲区错误漏洞
libplctag is an open source C library for libplctag that provides a portable and simple API for accessing Allen-Bradley and Modbus PLC data over Ethernet. A buffer error vulnerability exists in libplctag versions 2.0 through 2.6.3, which stems from an out-of-bounds read in the unpackresponse...
RevealNet: Distributed Traffic Correlation for Attack Attribution on Programmable Networks
Network attackers have increasingly resorted to proxy chains, VPNs, and anonymity networks to conceal their activities. To tackle this issue, past research has explored the applicability of traffic correlation techniques to perform attack attribution, i.e., to identify an attacker's true network...
Low Latency FPGA Implementation of Twisted Edward Curve Cryptography Hardware Accelerator over Prime Field
The performance of any elliptic curve cryptography hardware accelerator significantly relies on the efficiency of the underlying point multiplication PM architecture. This article presents a hardware implementation of field-programmable gate array FPGA based modular arithmetic, group operation, a...
PT-2025-28994
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential null pointer dereference issue was identified in the fpga mgr test img load sgt function. The function allocates memory for sgt using kunit kzalloc, but fails to verify if...
CISA: Key Secure by Demand Elements for Operational Technology Fact Sheet
This fact sheet addresses key elements for operational technology OT owners and operators to consider when purchasing digital products that automate physical processes, e.g. programmable logic controllers PLCs, human-machine interfaces HMIs, and remote terminal units RTUs. CISA strongly advises...
A Unified Hardware Accelerator for Fast Fourier Transform and Number Theoretic Transform
The Number Theoretic Transform NTT is an indispensable tool for computing efficient polynomial multiplications in post-quantum lattice-based cryptography. It has strong resemblance with the Fast Fourier Transform FFT, which is the most widely used algorithm in digital signal processing. In this...
The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...
The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...
CVE-2025-20120
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...
CVE-2025-20120
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...
CVE-2025-20203
CVE-2025-20203 details (Cisco EPNM and Cisco Prime Infrastructure): A stored XSS vulnerability exists in the web-based management interface due to improper validation of user input. An authenticated attacker with valid admin credentials could inject malicious code into data fields, potentially ex...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...