Lucene search
+L

315 matches found

NVD
NVD
added 2025/05/12 4:15 p.m.15 views

CVE-2025-46738

An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...

6.6CVSS0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/12 4:13 p.m.8 views

CVE-2025-46750 Authentication Bypass

SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set...

4.4CVSS7.2AI score0.0015EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/12 4:7 p.m.7 views

CVE-2025-46738 Deserialization of Untrusted Data

An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...

6.6CVSS7.4AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/12 4:7 p.m.19 views

CVE-2025-46738 Deserialization of Untrusted Data

An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...

6.6CVSS0.00151EPSS
Exploits0References1
CVE
CVE
added 2025/05/12 4:7 p.m.62 views

CVE-2025-46738

CVE-2025-46738 affects Schweitzer Engineering Laboratories SEL-5033 acSELerator RTAC Software. An authenticated attacker can modify layout data files located in the SEL-5033 installation directory to execute arbitrary code. This is a local access vulnerability with low privileges required and use...

6.6CVSS7.5AI score0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.6 views

PT-2025-20722 · Sel Bios · Sel Bios

Name of the Vulnerable Software and Affected Versions: SEL BIOS packages versions prior to 1.3.49152.117 SEL BIOS packages versions prior to 2.6.49152.98 Description: A local attacker can bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file...

4.4CVSS6.6AI score0.0015EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.4 views

PT-2025-20720 · Schweitzer Engineering Laboratories · Sel Blueframe Os

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An issue exists where an authenticated user can change their password without needing to provide the current password. Recommendations: At the moment, there is no information about a newer...

2.7CVSS6.1AI score0.00215EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.7 views

PT-2025-20709 · Schweitzer Engineering Laboratories · Sel-5037 Sel Grid Configurator

Name of the Vulnerable Software and Affected Versions: Schweitzer Engineering Laboratories SEL-5037 Grid Configurator versions prior to 6.4.0.58 Description: The issue is related to an overly permissive Cross Origin Resource Sharing CORS configuration for a data gateway service in the application...

7.4CVSS6.3AI score0.00147EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/12 12:0 a.m.6 views

PT-2025-20710 · Sel-5033 · Sel-5033

Name of the Vulnerable Software and Affected Versions: SEL-5033 affected versions not specified Description: An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. Recommendations: At the moment, there is no information...

6.6CVSS6.7AI score0.00151EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/03/21 12:0 a.m.7 views

The vulnerability of the init_sel_fs() function in the security/selinux/selinuxfs.c module of the Linux kernel allows a attacker to cause a service failure.

The vulnerability of the initselfs function in the security/selinux/selinuxfs.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS6.5AI score0.00226EPSS
Exploits0References29Affected Software2
OSV
OSV
added 2025/01/14 3:15 p.m.6 views

CVE-2024-39799

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS6AI score0.01298EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.6 views

CVE-2024-39803

Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...

7.2CVSS6.4AI score0.01233EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.6 views

CVE-2024-39798

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS7.5AI score0.01862EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.9 views

PT-2025-2580 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the qos.cgi qos settings functionality. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an...

9.1CVSS7.5AI score0.01233EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.10 views

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability, which is caused by the selmode parameter of the qos.cgi qossettings function failing to properly validate the length of the input data, which can be exploited by an...

9.1CVSS8.1AI score0.01233EPSS
Exploits1References2
NVD
NVD
added 2024/04/04 4:15 p.m.29 views

CVE-2024-2103

Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5...

6.5CVSS6.3AI score0.00455EPSS
Exploits0References1
CVE
CVE
added 2024/04/04 3:18 p.m.67 views

CVE-2024-2103

CVE-2024-2103 covers an “inclusion of undocumented features” vulnerability affecting SEL relays: SEL-700BT, SEL-700G, SEL-710-5, SEL-751, SEL-787-2/ -3/ -4, and SEL-787Z. The issue arises when an attacker with privileged access can trigger undocumented features, causing the relay to behave unpred...

6.5CVSS6.3AI score0.00455EPSS
Exploits0References1
ICS
ICS
added 2024/04/04 6:0 a.m.59 views

Schweitzer Engineering Laboratories SEL 700 series relays

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL 700 series relays Vulnerability : Inclusion of Undocumented Features 2. RISK EVALUATION Successful exploitation of this vulnerability...

6.5CVSS6.8AI score0.00455EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/12/06 12:0 a.m.5 views

The vulnerability of the microprogrammed protection system for the SEL-451 phase-change order relay exists due to an unreliable authentication mechanism. This allows attackers to execute session hijacking attacks and bypass the authentication process.

The vulnerability of the SEL-451 phase-changing protection relay’s microprogramming software exists due to an unreliable authentication mechanism. Exploiting this vulnerability allows a malicious actor to perform session hijacking attacks and bypass the authentication process...

10CVSS7.8AI score0.00913EPSS
Exploits0References4
CNVD
CNVD
added 2023/12/04 12:0 a.m.9 views

Schweitzer Engineering Laboratories SEL-411L Input Validation Error Vulnerability

The Schweitzer Engineering Laboratories SEL-411L is a state-of-the-art line differential protection, automation and control system from Schweitzer Engineering Laboratories, USA. An input validation error vulnerability exists in the Schweitzer Engineering Laboratories SEL-411L, which can be...

5.4CVSS6.6AI score0.00405EPSS
Exploits0References1
Rows per page
Query Builder