21 matches found
EUVD-2022-37707
Malicious code in bioql PyPI...
EUVD-2022-37709
Malicious code in bioql PyPI...
EUVD-2022-37712
Malicious code in bioql PyPI...
EUVD-2022-37713
Malicious code in bioql PyPI...
Schneider Electric Modicon Insufficient Verification of Data Authenticity (CVE-2022-34763)
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon...
Schneider Electric Modicon Out-of-bounds Write (CVE-2022-34759)
A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior - A...
Schneider Electric Modicon NULL Pointer Dereference (CVE-2022-34761)
A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior - A...
Schneider Electric Modicon Infinite Loop (CVE-2022-34760)
A CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module...
Schneider Electric Modicon Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-34764)
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prio...
CVE-2022-34763
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon...
CVE-2022-34759
A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior...
CVE-2022-34760
A CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module...
CVE-2022-34763
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon...
Null pointer dereference
A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior...
CVE-2022-34765
CVE-2022-34765 is a CWE-73 vulnerability (External Control of File Name or Path) affecting Schneider Electric X80 advanced RTU Communication Module BMENOR2200H (V2.01 and later) and OPC UA Modicon Communication Module BMENUA0100 (V1.10 and prior). The issue arises when user-controlled data can in...
CVE-2022-34765
A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication...
CVE-2022-34764
CVE-2022-34764 describes a CWE-119 vulnerability (improper restriction of operations within the bounds of a memory buffer) that could cause a denial of service when parsing URLs. Affected Schneider Electric devices include the X80 advanced RTU Communication Module BMENOR2200H (V1.0) and the OPC U...
CVE-2022-34764
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prio...
CVE-2022-34761
A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior...
CVE-2022-34760
The CVE-2022-34760 issue is a CWE-835 Infinite Loop affecting Schneider Electric devices: X80 advanced RTU Communication Module BMENOR2200H (V1.0) and OPC UA Modicon Communication Module BMENUA0100 (V1.10 and earlier). The vulnerability arises from improper handling of cookies, potentially causin...