Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8978

Malware in sbrugna...

6.5CVSS6.6AI score0.01075EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8979

Malware in sbrugna...

7.5CVSS7.6AI score0.00816EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-12667

Malware in sbrugna...

7.5CVSS7.6AI score0.02181EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8980

Malware in sbrugna...

5.4CVSS5.6AI score0.00647EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.7 views

CVE-2024-40395

An Insecure Direct Object Reference IDOR in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level...

6.5CVSS6.8AI score0.00622EPSS
Exploits0
NVD
NVD
added 2024/08/27 4:15 p.m.32 views

CVE-2024-40395

An Insecure Direct Object Reference IDOR in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level...

6.5CVSS0.00622EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/27 12:0 a.m.14 views

CVE-2024-40395

An Insecure Direct Object Reference IDOR in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level...

6.8AI score0.00622EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/27 12:0 a.m.27 views

CVE-2024-40395

An Insecure Direct Object Reference IDOR in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level...

0.00622EPSS
Exploits0References1
CVE
CVE
added 2024/08/27 12:0 a.m.60 views

CVE-2024-40395

CVE-2024-40395 : Concrete details across multiple connected sources confirm an Insecure Direct Object Reference (IDOR) in PT C ThingWorx v9.5.0 that lets an attacker view sensitive information, including PII, regardless of access level. The root cause is an IDOR in ThingWorx 9.5.0; impact is expo...

6.5CVSS6.5AI score0.00622EPSS
Exploits0References1Affected Software1
Source Incite
Source Incite
added 2022/03/29 12:0 a.m.330 views

SRC-2023-0001 : PTC Thingworx Edge C-SDK twHeader_fromStream Integer Overflow Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PTC Thingworx Edge C-SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the twHeaderfromStream function. An integer wrap occurs...

9.8CVSS10AI score0.02937EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/05/17 12:0 a.m.39 views

PTC OPC UA Server Multiple vulnerabilities

Binary data ptcopcuamultivulns.nbin...

9.8CVSS9.3AI score0.10062EPSS
Exploits0References6
NVD
NVD
added 2018/12/17 7:29 p.m.13 views

CVE-2018-20092

PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request...

7.5CVSS7.5AI score0.02181EPSS
Exploits0References2
Prion
Prion
added 2018/12/17 7:29 p.m.13 views

Directory traversal

PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request...

5CVSS7.5AI score0.02181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/12/17 6:0 p.m.23 views

CVE-2018-20092

PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request...

7.5AI score0.02181EPSS
Exploits0References2
CVE
CVE
added 2018/12/17 6:0 p.m.59 views

CVE-2018-20092

CVE-2018-20092 affects PTC ThingWorx Platform up to version 8.3.0. The vulnerability is a directory traversal flaw in ZIP file handling via a POST request. The underlying impact, as stated, is partial confidentiality with no other impacts (integrity/availability not affected) and no user interact...

7.5CVSS7.4AI score0.02181EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2018/10/03 12:0 a.m.74 views

PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities

PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x. ======================================================================= title: Password disclosure vulnerability & XSS product: PTC ThingWor...

6.4AI score0.01075EPSS
Exploits1
Prion
Prion
added 2018/10/01 1:29 a.m.15 views

Design/Logic Flaw

An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users...

4CVSS6.5AI score0.01075EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/10/01 1:29 a.m.15 views

CVE-2018-17216

An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users...

6.5CVSS6.6AI score0.01075EPSS
Exploits1References1
NVD
NVD
added 2018/10/01 1:29 a.m.18 views

CVE-2018-17218

An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is reflected XSS in the SQUEAL search function...

5.4CVSS5.4AI score0.00647EPSS
Exploits1References1
Prion
Prion
added 2018/10/01 1:29 a.m.11 views

Hardcoded credentials

An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key...

5CVSS7.6AI score0.00816EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder