The vulnerability of software and hardware components in SCADA systems, such as ABB Pulsar Plus System Controller NE843_S, Infinity DC Power Plant H5692448 G104, Infinity DC Power Plant H5692448 G842, Infinity DC Power Plant H5692448 G224L, Infinity DC Power Plant H5692448 G630-4, Infinity DC Power Plant H5692448 G451C(2), Infinity DC Power Plant H5692448 G461(2), arises due to the use of insufficiently random values. This vulnerability allows unauthorized individuals to gain unauthorized access to session identifiers.

The vulnerabilities of the software and hardware components of SCADA systems, such as ABB Pulsar Plus System Controller NE843S, Infinity DC Power Plant H5692448 G104, Infinity DC Power Plant H5692448 G842, Infinity DC Power Plant H5692448 G224L, Infinity DC Power Plant H5692448 G630-4, Infinity D...

CVE-2021-39617

...

Security Bulletin: IBM SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities.

Abstract IBM SONAS includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor | Vendor ID| Vendor Title| Included CVEs ---|---|---|--- Red Hat| RHSA-2013-0981| Critical: firefox...

Security Bulletin: IBM Storwize V7000 Unified Update Includes Fixes for Multiple Vendor Security Vulnerabilities.

Abstract IBM Storwize V7000 Unified includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor| Vendor ID| Vendor Title| Included CVEs ---|---|---|--- Red Hat| RHSA-2013-0981|...

Hitachi Energy MSM Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerability could disrupt the functionality of the MSM web...

Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor Vulnerability

Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components. ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components...

Nexans FTTO GigaSwitch industrial/office switches 信任管理问题漏洞

Nexans FTTO GigaSwitch industrial/office switches are a range of industrial switches from Nexans. A security vulnerability exists in Nexans FTTO GigaSwitch industrial/office switches HW version 5, which stems from the use of outdated and vulnerable software components...

Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Infiray IRAY-A8Z3 thermal camera vulnerable version: V1.0.957 fixed version: None CVE number: CVE-2022-31208, CVE-2022-31209,...

br.net.woodstock.rockframework:rockframework-core (=1.2.4), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=3.0.1) +462 more potentially affected by CVE-2013-5823 via org.apache.santuario:xmlsec (>=1.4.2 <=1.4.6)

org.apache.santuario:xmlsec MAVEN version =1.4.2, =1.2.1, =0.1.14, =12.1.0, =12.1.1, =12.1.2, =12.1.0, =12.1.4, =1.0.83-RC1, =1.0.88-RC1, =1.0.83-RC1, =1.0.83-RC1, =1.0.83-RC1, =1.0.112-RELEASE - com.ahome-it:ahome-tooling-server-vaadin-core =1.0.112-RELEASE and more Source cves: CVE-2013-5823...

OSV-2022-378 UNKNOWN READ in fp_cmp_mag

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47009 Crash type: UNKNOWN READ Crash state: fpcmpmag crtmgrtrustlistlookup crtmgradd...

Package Dependencies Detected

Programming languages are often used along with package management tools designed to help developers manages the code dependencies when building their web applications for example : Composer for PHP, NPM for NodeJS, PIP for Python.... These tools usually work by requesting public code repositorie...

[SECURITY] Fedora 34 Update: phoronix-test-suite-10.8.1-1.fc34

The Phoronix Test Suite is the most comprehensive testing and benchmarking platform available for the Linux operating system. This software is designed to effectively carry out both qualitative and quantitative benchmarks in a clean, reproducible, and easy-to-use manner. The Phoronix Test Suite...

CVE-2021-38398

The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious attacker with physical access to the affected device could exploit these vulnerabilities...

Moxa Command Injection / Cross Site Scripting Vulnerabilities

======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number: CVE-2021-39278, CVE-2021-39279 impact: High homepage...

Design/Logic Flaw

The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform for AWS Marketplace...

The vulnerability of the SNMPv3 implementation of the micro-programming software for Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage allows a attacker to cause service interruptions.

The vulnerability of the SNMPv3 implementation of the micro-programming software for Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage exists due to...

CVE-2020-26513

An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The ReqIF XML data, used by the codebeamer ALM application to import projects, is parsed by insecurely configured software components, which can be abused for XML External Entity Attacks...

ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: ZTE WLAN router MF253V vulnerable version: V1.0.0B04 fixed version: V1.0.0B05 CVE number: impact: Medium homepage: https://www.zte.com.c...

CVE-2020-14812 vulnerabilities

Vulnerabilities for packages: mysql...

Fronius Solar Inverter Series Insecure Communication / Path Traversal

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilites product: Fronius Solar Inverter Series vulnerable version: SW Version =3.14.1 vuln 2: 3.12.5 - HM 1.10.5, see solution section below CVE number:...