28 matches found
EUVD-2024-54868
Malicious code in bioql PyPI...
EUVD-2024-54870
Malicious code in bioql PyPI...
Multiple Vulnerabilities in SIEMENS Opcenter Quality Modules Opcenter QL Home (SC), SOA Audit and SOA Cockpit
Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce defects and rework costs, and achieve operational excellence by improving process stability. Its integrated process capabilities control charts, statistics, quality gat...
CVE-2024-41986
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...
CVE-2024-41986
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41982
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41980
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application do not encrypt the communication in LDAP interface by default. This could allow an authenticated attacker to gain unauthorized access to sensitive...
CVE-2024-41984
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications...
CVE-2024-41982
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not have adequate encryption of sensitive information. This could allow an authenticated attacker to gain access of sensitive information...
CVE-2024-41986
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...
CVE-2024-41986
CVE-2024-41986 affects Siemens SmartClient modules used by Opcenter QL Home, SOA Audit, and SOA Cockpit. The vulnerability arises because the affected applications support insecure TLS 1.0 and 1.1, enabling possible man‑in‑the‑middle attacks that could compromise confidentiality and data integrit...
CVE-2024-41985
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle...
CVE-2024-41985
CVE-2024-41985 affects Siemens SmartClient modules Opcenter QL Home, SOA Audit and SOA Cockpit (versions 13.2 through 2505; note 2506+ not affected). The root cause is that the affected application does not expire sessions on user inactivity, potentially allowing an attacker to gain unauthorized ...
CVE-2024-41984
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications...
CVE-2024-41984
CVE-2024-41984 affects SmartClient modules Opcenter QL Home, SOA Audit, and SOA Cockpit (SC) with versions 13.2–2505. The root cause is improper error handling when accessing an inaccessible resource, which can expose system applications. Affected products expose limited information due to error ...
CVE-2024-41983
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool...
CVE-2024-41983
A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool...
CVE-2024-41982
CVE-2024-41982 affects SmartClient Opcenter QL Home, SOA Audit, and SOA Cockpit with SmartClient versions 13.2 through 2505; root cause is lack of adequate encryption of sensitive information. Patched versions >= 2506 are available as remediation. (Connected PT-2025-32640 confirms the version ...