16 matches found
CVE-2026-1763
Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions...
CVE-2026-1763 Enervista UR Setup DLL Hijacking
Vulnerability in GE Vernova Enervista UR Setup on Windows.This issue affects Enervista: 8.6 and previous versions...
CVE-2026-1762 Enervista UR Setup Directory Traversal Vulnerability
A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions...
CVE-2026-1762 Enervista UR Setup Directory Traversal Vulnerability
A vulnerability in GE Vernova Enervista UR Setup on Windows allows File Manipulation.This issue affects Enervista: 8.6 and prior versions...
PT-2026-7466
Name of the Vulnerable Software and Affected Versions GE Vernova Enervista versions prior to 8.6 Description A security issue exists in GE Vernova Enervista UR Setup on Windows. The issue affects versions prior to 8.6. Recommendations Update to a version newer than 8.6...
EUVD-2021-14182
Malware in sbrugna...
EUVD-2025-7759
Malicious code in bioql PyPI...
EUVD-2025-7758
Malicious code in bioql PyPI...
CVE-2025-27254
CWE-282 "Improper Ownership Management" in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can be disabled by altering a Windows registry setting that any user can modify...
CVE-2025-27257
Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user to install a modified firmware. The firmware signature verification is enforced only on the client-side dedicated software Enervista UR Setup, allowing the integration che...
CVE-2025-27256
Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client connection is not authenticated, an attacker may perform a man-in-the-middle attack on the network...
CVE-2025-27256
Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. Since the client connection is not authenticated, an attacker may perform a man-in-the-middle attack on the network...
CVE-2025-27255
Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrievable by an attacker analyzing the application code...
CVE-2025-27255
This CVE concerns GE Vernova EnerVista UR Setup. The vulnerability arises from hard-coded credentials used to encrypt the local user database, with the credential password retrievable by analyzing the application code. A local attacker could leverage this to escalate privileges on the affected sy...
CVE-2021-27428
GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...
CVE-2021-27428 GE UR family Unrestricted Upload of File with Dangerous Type
GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...