29 matches found
EUVD-2017-8861
Malware in sbrugna...
EUVD-2020-29877
Malware in sbrugna...
CISA Releases Five Industrial Control Systems Advisories
CISA released five Industrial Control Systems ICS advisories on July 29, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-210-01 National Instruments LabVIEW ICSA-25-210-02 Samsung HVAC DMS ICSA-25-210-03 Delta...
CVE-2020-9045
During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation...
CVE-2024-32861
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...
CVE-2024-32861 Software House C•CURE - CouchDB executable protection
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...
CVE-2024-32861
CVE-2024-32861 affects Software House C•CURE 9000 Site Server (3.00.3 and earlier). Root cause: installer directories containing executables (C:\CouchDB\bin) are given unnecessarily wide permissions. Impact: potential exposure of credentials and other sensitive data; CVSS v3.1 base 7.8 (LOCAL, LO...
CVE-2024-32861 Software House C•CURE - CouchDB executable protection
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...
PT-2024-24920 · Software House · Software House Ccure 9000
Name of the Vulnerable Software and Affected Versions: Software House C•CURE 9000 affected versions not specified Description: The issue arises when the Software House C•CURE 9000 installer utilizes unnecessarily wide permissions under certain circumstances. Recommendations: At the moment, there ...
CVE-2024-32759
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials...
CVE-2024-32759 Johnson Controls Software House C●CURE 9000 installer password strength
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials...
Johnson Controls Software House C CURE 9000 Security Breach
Johnson Controls Software House C CURE 9000 is an access control system from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Software House C CURE 9000 that stems from the installation program using weak credentials...
CVE-2020-9049
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid...
Authorization
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid...
CVE-2020-9049 victor Web Client and C•CURE Web Client JSON Web Token (JWT) Vulnerability
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid...
CVE-2020-9049
CVE-2020-9049 affects Johnson Controls Victor Web Client and Software House C•CURE Web Client. Affected products: victor Web Client up to v5.6 and C•CURE Web Client up to v2.90; mitigations include upgrading to victor v5.6 SP1 and C•CURE Web Client v2.70+ with updates (Web Client_c2.70_5.2_Update...
Design/Logic Flaw
A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack...
CVE-2020-9048
CVE-2020-9048 affects American Dynamics victor Web Client and Software House CCURE Web Client. The root cause is Improper Authorization (CWE-285) allowing a remote, unauthenticated attacker on an adjacent network to delete arbitrary files or cause a DoS, potentially rendering the system unusable....
CVE-2020-9048 victor Web Client - Arbitrary File Deletion Vulnerability
A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack...
PT-2020-20461 · American Dynamics +1 · American Dynamics Victor Web Client +1
Name of the Vulnerable Software and Affected Versions: American Dynamics victor Web Client versions up to and including v5.4.1 Software House CCURE Web Client affected versions not specified Description: A remote unauthenticated attacker on the network could delete arbitrary files on the system o...