CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

75 matches found

CISA•added 2025/07/24 12:0 p.m.•3 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on July 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-205-01 Mitsubishi Electric CNC Series ICSA-25-205-02 Network Thermostat X-Series WiFi...

7AI score

Exploits0References6

CISA•added 2025/03/27 12:0 p.m.•2 views

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on March 27, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-037-01 Schneider Electric EcoStruxure Power Monitoring Expert PME Update A CISA encourages...

7AI score

Exploits0References1

CISA•added 2025/02/25 12:0 p.m.•3 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 25, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-056-01 Rockwell Automation PowerFlex 755 ICSMA-25-030-01 Contec Health CMS8000 Patien...

7AI score

Exploits0References2

CISA•added 2025/02/18 12:0 p.m.•2 views

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on February 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-191-01 Delta Electronics CNCSoft-G2 Update A ICSA-25-035-02 Rockwell Automation...

7AI score

Exploits0References2

ICS•added 2024/05/30 6:0 a.m.•20 views

Fuji Electric Monitouch V-SFT (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : Monitouch V-SFT Vulnerabilities : Out-of-Bounds Write, Stack-Based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

9.8CVSS8.6AI score0.00257EPSS

Exploits0References10

ICS•added 2023/08/31 6:0 a.m.•118 views

PTC Kepware KepServerEX (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Kepware KepServerEX Vulnerabilities : Uncontrolled Search Path Element, Improper Input Validation, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of...

7.8CVSS7.1AI score0.00071EPSS

Exploits0References10

ICS•added 2023/07/13 6:0 a.m.•73 views

BD Alaris System with Guardrails Suite MX

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION : Low attack complexity Vendor : Becton, Dickinson and Company BD Equipment : Alaris PCU, Guardrails Editor, Systems Manager, Calculation Services, CQI Reporter Vulnerabilities : Insufficient Verification of Data Authenticity, Missing...

9.8CVSS8.5AI score0.65576EPSS

Exploits0References10

ICS•added 2023/06/20 6:0 a.m.•27 views

Enphase Envoy

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Enphase Equipment: Envoy Vulnerability: OS Command Injection 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-23-171-01 Enphase Envoy that was...

9.8CVSS8.9AI score0.00181EPSS

Exploits0References10

ICS•added 2023/06/06 6:0 a.m.•51 views

Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series/iQ-F Series EtherNet/IP Modules and EtherNet/IP Configuration Tool Vulnerabilities: Weak Password Requirements, Use of Hard-coded Credentials, Missin...

7.5CVSS7.9AI score0.00554EPSS

Exploits0References10

ICS•added 2022/12/13 12:0 a.m.•30 views

Contec CONPROSYS HMI System (CHS)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Contec Equipment: CONPROSYS HMI System CHS --------- Begin Update A part 1 of 5 --------- Vulnerability: OS Command Injection, Use of Default Credentials, Use of Password Hash Instead of Password for...

9.8CVSS7.8AI score0.25192EPSS

Exploits0References4

ICS•added 2022/11/08 12:0 a.m.•30 views

Siemens Web Server Login Page of Industrial Controllers

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.5CVSS7.4AI score0.00103EPSS

Exploits0References12

ICS•added 2022/09/13 12:0 a.m.•27 views

Siemens RUGGEDCOM ROS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

7.5CVSS5.3AI score0.00859EPSS

Exploits0References12

ICS•added 2022/08/16 6:0 a.m.•38 views

LS ELECTRIC PLC and XG5000 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor : LS ELECTRIC, LS Industrial Systems LSIS Co. Ltd Equipment: LS ELEC PLC and XG5000 Vulnerability: Inadequate Encryption Strength 2. UPDATE This updated advisory is a follow-up to the original advisory...

6.5CVSS6.3AI score0.00116EPSS

Exploits0References10

ICS•added 2022/07/12 12:0 a.m.•29 views

Siemens Datalogics File Parsing Vulnerability

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerability: Heap-based buffer Overflow 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-195-07 Siemens Datalogics file Parsing...

7.8CVSS8.2AI score0.00065EPSS

Exploits0References11

ICS•added 2022/07/12 12:0 a.m.•51 views

Siemens RUGGEDCOM ROS Code Injection

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

8CVSS8.2AI score0.00824EPSS

Exploits0References10

ICS•added 2022/07/12 12:0 a.m.•57 views

Dahua ASI7213X-T1 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dahua Equipment: DHI-ASI7213X-T1 --------- Begin Update A Part 1 of 4 --------- Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Authentication Bypass by Capture-replay, Generation of...

7.4CVSS7.1AI score0.00489EPSS

Exploits0References5

ICS•added 2022/06/30 12:0 p.m.•50 views

CODESYS Gateway Server (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS GmbH Equipment: CODESYS Gateway Server Vulnerability: Heap Based Buffer Overflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-15-258-02 3S...

7.5CVSS7.6AI score0.08638EPSS

Exploits0References27

ICS•added 2022/06/14 12:0 a.m.•59 views

Siemens Teamcenter

1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Teamcenter Vulnerability: Use of Hard-coded Credentials 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-167-13 Siemens Teamcenter that was...

8.8CVSS8.7AI score0.01216EPSS

Exploits0References11

ICS•added 2022/03/08 12:0 a.m.•156 views

Siemens RUGGEDCOM ROS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

6.8AI score

Exploits0References10

ICS•added 2022/03/08 12:0 a.m.•68 views

Siemens Polarion ALM

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Polarion ALM Vulnerability: Cross-site Scripting 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-22-069-08 Siemens Polarion ALM that...

6.1CVSS6.9AI score0.0049EPSS

Exploits0References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by