CVE-2024-21838

Improper neutralization of special elements in output CWE-74 used by the email generation feature of the Command Centre Server could lead to HTML code injection in emails generated by Command Centre. This issue affects: Gallagher Command Centre 9.00 prior to vEL9.00.1774 MR2, 8.90 prior to...

CVE-2022-2789

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic...

Design/Logic Flaw

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic PDT files and data blocks data BLD/BLK files...

Design/Logic Flaw

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol...

CVE-2022-2793

CVE-2022-2793 affects Emerson Proficy Machine Edition 9.00 and earlier. The flaw is Missing Support for Integrity Check (CWE-353): after a connection is established for SRTP, data packets are not authenticated or authorized. The vulnerability can enable data forgery/integrity issues on the SRTP c...

CVE-2022-2793

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol...

CVE-2022-2789

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic...

CVE-2022-2790

CVE-2022-2790 affects Emerson Electric’s Proficy Machine Edition, version 9.00 and prior. The issue is an improper verification of cryptographic signatures (CWE-347) that leads to failure to properly verify compiled logic (PDT files) and data blocks data (BLD/BLK files). Reported by multiple sour...

HP Content Manager Workgroup Service Denial of Service Vulnerability

HP Content Manager is a governance-based enterprise content management system for helping government agencies, regulated industries, and global organizations manage their business content from creation to disposal. A remote denial of service vulnerability exists in HPE Content Manager Workgroup...