Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Vertiv Liebert SiteScan Improper Validation of Array Index (CVE-2025-0657)

CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...

8.8CVSS5.7AI score0.00291EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Vertiv Liebert SiteScan Cross-site Scripting (CVE-2024-5540)

CWE-79 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products in versions older than 8.0. Untrusted data is included in web pages without proper validation, allowing...

6.9CVSS5.9AI score0.00272EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Vertiv Liebert SiteScan Incorrect Authorization (CVE-2024-5539)

CWE-863 Incorrect Authorization vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. The system fails to perform adequate authorization checks, allowing an actor to perform actions or access resources without proper entitlement, leading to...

9.2CVSS5.9AI score0.00287EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

Automated Logic WebCTRL Premium Server Improper Neutralization of Input During Web Page Generation (CVE-2024-8528)

CWE-79 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. User input is not properly sanitized, allowing injection of malicious scripts into web pages viewed by...

5.4CVSS5.8AI score0.00104EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/21 7:20 p.m.24 views

CVE-2025-46412 Vertiv Liebert RDU101 and UNITY Authentication Bypass Using an Alternate Path or Channel

Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication...

9.8CVSS0.00552EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.3 views

Vertiv Liebert RDU101和Vertiv Liebert UNITY 安全漏洞

The Vertiv Liebert RDU101 and Vertiv Liebert UNITY are both products of Vertiv Corporation, U.S.A. The Vertiv Liebert RDU101 is a communication card.The Vertiv Liebert UNITY is a network card that provides Vertiv devices with network access, environmental sensor data, and third-party interface...

9.8CVSS6.6AI score0.00552EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.3 views

Vertiv Liebert RDU101和Vertiv Liebert UNITY 安全漏洞

The Vertiv Liebert RDU101 and Vertiv Liebert UNITY are both products of Vertiv Corporation, U.S.A. The Vertiv Liebert RDU101 is a communication card.The Vertiv Liebert UNITY is a network card that provides Vertiv devices with network access, environmental sensor data, and third-party interface...

9.8CVSS7.6AI score0.00703EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.29 views

Vertiv Liebert SiteScan Web Improper Restriction of XML External Entity Reference (CVE-2016-8348)

An XML External Entity XXE issue was discovered in Emerson Liebert SiteScan Web Version 6.5, and prior. An attacker may enter malicious input to Liebert SiteScan through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or...

9.8CVSS8.8AI score0.03521EPSS
Exploits0References3
Rows per page
Query Builder