28 matches found
EUVD-2019-16376
Malware in sbrugna...
EUVD-2024-49236
Malicious code in bioql PyPI...
EUVD-2024-49165
Malicious code in bioql PyPI...
CVE-2024-8518
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user...
CVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file...
The vulnerability of the Zelio Soft 2 software for intelligent relays, related to incorrect validation of entered data, allows a perpetrator to cause service interruptions.
The vulnerability of the Zelio Soft 2 software for intelligent relays from Zelio Logic relates to incorrect validation of entered data. Exploiting this vulnerability can allow an attacker to cause a service failure by loading a specially created project file...
Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric Zelio Soft 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Schneider Electric Zelio Soft 2
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : Zelio Soft 2 Vulnerabilities : Use After Free, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
CVE-2024-8518
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user...
CVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file...
CVE-2024-8518
CVE-2024-8518 affects Schneider Electric Zelio Soft/Ze io Soft 2. An Improper Input Validation vulnerability could cause the Zelio Soft 2 application to crash when loading a specially crafted project file. According to ICS data, affected versions are prior to 5.4.2.2. Remediation: update to versi...
CVE-2024-8518
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user...
CVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file...
CVE-2024-8422
Schneider Electric Zelio Soft 2 contains a Use After Free vulnerability (CVE-2024-8422) in the parsing of ZM2 project files. Affected versions are prior to 5.4.2.2. Exploitation can lead to arbitrary code execution, with potential for denial of service and loss of confidentiality and integrity. I...
CVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file...
PT-2024-8102 · Schneider Electric · Zelio Soft 2
Name of the Vulnerable Software and Affected Versions: Zelio Soft 2 affected versions not specified Description: The issue is related to improper input validation, which could cause the Zelio Soft 2 application to crash when a specially crafted project file is loaded. This can be exploited by an...
Schneider Electric SESU
1. EXECUTIVE SUMMARY CVSS v3 3.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: Schneider Electric Software Update SESU Vulnerability: Insufficient Entropy 2. RISK EVALUATION Successful exploitation of this vulnerability could cause unintended connection from an internal...
Schneider Electric Limited Zelio Soft 2 installer suffers from a dll hijacking vulnerability
Zelio Soft 2 is a programming software for small intelligent controllers. A dll hijacking vulnerability exists in Zelio Soft 2 by Schneider Electric Ltd. that can be exploited by an attacker to load a malicious dll and execute malicious code...
CVE-2019-6822
A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file...
CVE-2019-6822
A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file...