EUVD-2022-48041

Malicious code in bioql PyPI...

CVE-2012-2559

WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer write via a crafted packet to TCP port 5678...

CVE-2022-43663

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities

Carl Hurd of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in WellinTechs KingHistorian industrial control systems data manager. KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS,...

CVE-2022-43663

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-45124

An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability...

Information disclosure

An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability...

Design/Logic Flaw

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-43663

Summary: CVE-2022-43663 is an integer conversion vulnerability in WellinTech KingHistorian 35.01.00.05, affecting the RecvPacket function of SORBAx64.dll and capable of causing a buffer overflow via a specially crafted network packet. Cisco Talos details the underlying issue in the RecvPacket han...

CVE-2022-43663

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-43663

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-45124

An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability...

CVE-2022-45124

CVE-2022-45124 affects WellinTech KingHistorian 35.01.00.05. Cisco Talos reports an information-disclosure vulnerability in the User authentication path: if an attacker captures an authentication packet, they can recover the username and password, exposing sensitive data. CVSSv3.1 base score 7.5 ...

WellinTech KingHistorian 授权问题漏洞

WellinTech KingHistorian is a tool for data collection and analysis from WellinTech. An authorization issue vulnerability exists in WellinTech KingHistorian version 35.01.00.05. An attacker exploiting this vulnerability could result in the disclosure of sensitive information...

WellinTech KingHistorian 代码问题漏洞

WellinTech KingHistorian is a tool for data collection and analysis from WellinTech. A security vulnerability exists in WellinTech KingHistorian version 35.01.00.05, which stems from the presence of an integer conversion vulnerability that could be exploited by an attacker to cause a buffer...

WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability

Talos Vulnerability Report TALOS-2022-1674 WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability March 20, 2023 CVE Number CVE-2022-43663 SUMMARY An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian...

WellinTech KingHistorian User authentication information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1683 WellinTech KingHistorian User authentication information disclosure vulnerability March 20, 2023 CVE Number CVE-2022-45124 SUMMARY An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian...

CVE-2012-2559

WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer write via a crafted packet to TCP port 5678...

Code injection

WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer write via a crafted packet to TCP port 5678...

CVE-2012-2559

WellinTech KingHistorian 3.0 allows remote attackers to execute arbitrary code or cause a denial of service invalid pointer write via a crafted packet to TCP port 5678...