Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.3 views

PT-2024-20854 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus version 4.3.0-RC1 Description: The issue is related to an arbitrary file upload vulnerability in the component /sysFile/upload. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file...

9.8CVSS7.8AI score0.00783EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/12/05 12:0 a.m.6 views

3s-smart Software Solutions CODESYS Control Operating System Command Injection Vulnerability

3s-smart Software Solutions CODESYS Control is a suite of industrial control program programming software from 3s-smart Software Solutions, Germany. An operating system command injection vulnerability exists in 3s-smart Software Solutions CODESYS Control versions prior to 4.11.0.0. The...

8.8CVSS8.9AI score0.00958EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.3 views

novel-plus SQL注入漏洞

novel-plus novel-plus is a multi-end PC, WAP reading, functional original literature CMS system. A security vulnerability exists in novel-plus version 3.6.2, which stems from a problem in the file /common/sysFile/list, where the operation of the parameter sort can lead to sql injection...

8.8CVSS5.7AI score0.00731EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/10/03 12:0 a.m.7 views

The vulnerability of the Enlightenment sysfile implementation of the Enlightenment window manager allows a perpetrator to escalate their privileges.

The vulnerability of the Enlightenment sysytem file for the Enlightenment window manager is related to incorrect code generation. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.8CVSS7.3AI score0.05486EPSS
Exploits15References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.2 views

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

10CVSS8.2AI score0.01281EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.4 views

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation systems allows a intruder to trigger a service failure.

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation exists due to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.4AI score0.0718EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.4 views

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation systems allows a perpetrator to trigger a service failure.

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...

7.8CVSS7.6AI score0.07356EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.4 views

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CODESYS Control V2 Linux SysFile software suite for industrial automation exists because measures to neutralize special elements used in operating system commands have not been implemented. Exploiting this vulnerability can allow attackers to compromise the confidentialit...

5.3CVSS6.3AI score0.00268EPSS
Exploits0References3Affected Software1
ICS
ICS
added 2021/06/22 12:0 a.m.37 views

CODESYS Control V2 Linux SysFile library

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS V2 Runtime Toolkit Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability may allow the control programmer to call...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.4 views

3S-Smart Software Solutions CODESYS Control runtime system 操作系统命令注入漏洞

3S-Smart Software Solutions CODESYS Control runtime system is an application system from 3S-Smart Software Solutions, Germany. It is used for the conversion of any type of smart device into an IEC 61131-3 controller. An operating system command injection vulnerability exists in the 3S-Smart...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References5
Rows per page
Query Builder