PT-2023-2175 · Cisco · Cisco Prime Infrastructure +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface,...

PT-2023-2199 · Cisco · Cisco Identity Services Engine +2

Name of the Vulnerable Software and Affected Versions: Cisco Evolved Programmable Network Manager affected versions not specified Cisco Identity Services Engine affected versions not specified Cisco Prime Infrastructure affected versions not specified Description: The issue is related to multiple...

CVE-2023-20131 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

The vulnerabilities of the programming software for PLCs (programmable logic controllers), the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert allow a intruder to gain unauthorized access to project files.

The vulnerabilities of the programming software for PLCs programmable logic controllers, the configuration software SCADAPack RemoteConnect, and the automation system for technological processes EcoStruxure Process Expert are related to insufficient protection of registration data. Exploiting the...

Omron PLC CJ series 访问控制错误漏洞

The Omron PLC CJ series is a CJ series programmable logic controller PLC from Omron Japan. An Access Control Error vulnerability exists in Omron CJ1M PLC v4.0 and earlier versions, which arises from incorrect access control to a memory area where the UM password is stored...

CVE-2022-43902

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages. IBM X-Force ID: 240832...

Cisco Evolved Programmable Network Manager Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.0. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of...

JTEKT Kostac PLC Programming Software 缓冲区错误漏洞

JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an insufficient buffer size f...

The vulnerability of the MKLogic-500 PLC configuration protocol, related to the lack of authentication for critical functions, allows attackers to alter the device’s operating logic.

The vulnerability of the MKLogic-500 PLC configuration protocol lies in the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker, operating remotely, to alter the device’s operating logic...

The vulnerability of the PLK MKLogic-500, related to insufficient control of FTP configuration parameters, allows a hacker to trigger a service failure.

The vulnerability of the MKLogic-500 PLC is related to insufficient control over the parameters used in the configuration of programmable logic controllers, which are set via FTP. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Wago PLC Cycle Time Influences Uncontrolled Resource Consumption (CVE-2019-10953)

ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets. This plugin only works with Tenable.ot. Please visit...

The vulnerability in the web-based interface for controlling programmable logic controllers WAGO PFC100/PFC200, CC100, Edge Controller, and sensor panels WAGO Touch Panel 600 allows a intruder to execute arbitrary code.

The vulnerability of the web-based interface for controlling WAGO PFC100/PFC200, CC100, Edge Controller, and WAGO Touch Panel 600 programmable logic controllers is related to the absence of authentication for a critical function. Exploiting this vulnerability could allow an attacker operating...

多款WAGO产品 访问控制错误漏洞

WAGO Series PFC100 and others are products of WAGO, Germany.WAGO Series PFC100 is a programmable logic controller.WAGO Series PFC200 is a programmable logic controller.WAGO Edge Controller is an edge controller. An access control error vulnerability exists in multiple WAGO products. An attacker...

Intel Quartus Prime Pro 安全漏洞

Intel Quartus Prime Pro is a set of multi-platform design environments from the U.S. company Intel Intel. The product is primarily used for programming programmable logic devices. A security vulnerability exists in Intel Quartus Prime Pro. An attacker can exploit the vulnerability to escalate...

PT-2023-13348 · Intel · Intel Fpga Sdk For Opencl +1

Name of the Vulnerable Software and Affected Versions: IntelR FPGA SDK for OpenCLTM with IntelR QuartusR Prime Pro Edition software versions prior to 22.1 Description: The issue is related to improper access control, which may allow an authenticated user to potentially enable escalation of...

CVE-2023-22807

LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with the PLC by sending the packets to the PLC over its XGT protocol...

CVE-2023-22803

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform critical functions to the PLC. This could allow an attacker to change the PLC's mode arbitrarily...

SUSE CVE-2009-3640

The updatecr8intercept function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc1 does not properly handle the absence of an Advanced Programmable Interrupt Controller APIC, which allows local users to cause a denial of service NULL pointer dereference and system...

SUSE CVE-2011-4622

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...

SUSE CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...