Lucene search
K

68 matches found

EUVD
EUVD
added 2025/12/31 12:31 a.m.5 views

EUVD-2022-55923

ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET parameter that allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers can craft specially formed requests to execute arbitrary scripts in victim browser sessions, potentiall...

6.1CVSS6.1AI score0.00297EPSS
Exploits1References7
OSV
OSV
added 2025/12/30 11:15 p.m.4 views

CVE-2022-50802

ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET parameter that allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers can craft specially formed requests to execute arbitrary scripts in victim browser sessions, potentiall...

5.1CVSS5.9AI score0.00297EPSS
Exploits1References6
NVD
NVD
added 2025/12/30 11:15 p.m.5 views

CVE-2022-50802

ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET parameter that allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers can craft specially formed requests to execute arbitrary scripts in victim browser sessions, potentiall...

6.1CVSS0.00297EPSS
Exploits1References6
CVE
CVE
added 2025/12/30 10:42 p.m.9 views

CVE-2022-50802

ETAP Safety Manager 1.0.0.32 is affected by an unauthenticated reflected XSS in the 'action' GET parameter. The vulnerability allows injection of HTML/JavaScript to execute in victims’ browsers, potentially leaking credentials or enabling unauthorized actions. The issue is documented across multi...

6.1CVSS6.2AI score0.00297EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/30 10:42 p.m.2 views

CVE-2022-50802 ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected Cross-Site Scripting via Action Parameter

ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET parameter that allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers can craft specially formed requests to execute arbitrary scripts in victim browser sessions, potentiall...

6.1CVSS6.2AI score0.00297EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/30 10:42 p.m.26 views

CVE-2022-50802 ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected Cross-Site Scripting via Action Parameter

ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET parameter that allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers can craft specially formed requests to execute arbitrary scripts in victim browser sessions, potentiall...

6.1CVSS0.00297EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.5 views

ETAP Safety Manager 跨站脚本漏洞

ETAP Safety Manager is a centralized monitoring and management system for emergency lighting from ETAP. A cross-site scripting vulnerability exists in ETAP Safety Manager version 1.0.0.32, which stems from a cross-site scripting vulnerability in the action GET parameter that could lead to malicio...

6.1CVSS6AI score0.00297EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.5 views

PT-2025-54249

Name of the Vulnerable Software and Affected Versions ETAP Safety Manager version 1.0.0.32 Description ETAP Safety Manager version 1.0.0.32 contains a cross-site scripting issue in the action GET parameter. This allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers c...

6.1CVSS6.4AI score0.00297EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52264

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.0073EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52265

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00345EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-44164

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00463EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.7 views

CVE-2022-30314

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022-0052, there is a Honeywell Experion PKS Safety Manager hardcoded credentials issue. The affected components are characterized as: POLO bootloader. The potential impact is: Manipulate firmware. The...

4.6CVSS6.9AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.12 views

CVE-2022-30315

Honeywell Experion PKS Safety Manager SM and FSC through 2022-05-06 has Insufficient Verification of Data Authenticity. According to FSCT-2022-0053, there is a Honeywell Experion PKS Safety Manager insufficient logic security controls issue. The affected components are characterized as: Honeywell...

9.8CVSS8.7AI score0.0073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.11 views

CVE-2022-30313

Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected components are...

7.5CVSS6.9AI score0.00722EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.19 views

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Improper Handling of Length Parameter Inconsistency (CVE-2023-5393)

Server receiving a malformed message that causes a disconnect to a hostname may causing a stack overflow resulting in possible remote code execution. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and...

8.3AI score0.00711EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.21 views

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2023-5394)

Server receiving a malformed message that where the GCL message hostname may be too large which may cause a stack overflow; resulting in possible remote code execution. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations...

7.9AI score0.00711EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.24 views

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5395)

Server receiving a malformed message that uses the hostname in an internal table may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit...

8.4AI score0.00746EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.36 views

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Stack-based Buffer Overflow (CVE-2023-5401)

Server receiving a malformed message based on a using the specified key values can cause a stack overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This...

8.3AI score0.00746EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.16 views

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Heap-based Buffer Overflow (CVE-2023-5400)

Server receiving a malformed message based on a using the specified key values can cause a heap overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This...

8.2AI score0.00746EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.28 views

Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC Heap-based Buffer Overflow (CVE-2023-5404)

Server receiving a malformed message can cause a pointer to be overwritten which can result in a remote code execution or failure. See Honeywell Security Notification for recommendations on upgrading and versioning. This plugin only works with Tenable.ot. Please visit...

8AI score0.00724EPSS
Exploits0References3
Rows per page
Query Builder