Joaquín Ruiz Security Vulnerabilities
Will pay-for-privacy be the new normal?
Privacy is a human right, and online privacy should be no exception. Yet, as the US considers new laws to protect individuals’ online data, at least two proposals—one statewide law that can still be amended and one federal draft bill that has yet to be introduced—include an unwelcome bargain:...
-0.4AI Score
OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
7.3CVSS
5AI Score
0.001EPSS
OMRON CX-Supervisor SCS File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling.....
7.3CVSS
3.2AI Score
0.001EPSS
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
3.4AI Score
0.004EPSS
Omron CX-Supervisor (Update A)
EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: Omron Equipment: CX-Supervisor --------- Begin Update A Part 1 of 3 -------- Vulnerabilities: Code Injection, Command Injection, Use After Free, Type Confusion, Access of Uninitialized Pointer, Out-of-bounds...
7.3CVSS
7.7AI Score
0.004EPSS
Omron CX-Supervisor (Update A)
EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Omron Equipment: CX-Supervisor Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Out-Of-Bounds Read, Use-After-Free, Incorrect Type Conversion or Cast 2. UPDATE INFORMATION This updated advisory is a follow-up...
7.8CVSS
6.9AI Score
0.002EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
7.8CVSS
2.4AI Score
0.001EPSS
OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Protocol. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
7.8CVSS
1.6AI Score
0.029EPSS
LAquis SCADA LGX Report AddComboFile Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
2.1AI Score
0.01EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.2AI Score
0.01EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.4AI Score
0.01EPSS
LAquis SCADA LGX Report MemoryWriteDouble Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
2.2AI Score
0.01EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
2.5AI Score
0.01EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.3AI Score
0.01EPSS
LAquis SCADA Web Server Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requested URLs. The issue results from the lack of...
5.3CVSS
1.7AI Score
0.922EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to acompanhamentotela.lhtml. When parsing the PAGINA...
8.8CVSS
4.5AI Score
0.053EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to acompanhamentotela.lhtml. When parsing the TAGALTERE...
8.8CVSS
4.3AI Score
0.053EPSS
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
3.3CVSS
1.8AI Score
0.001EPSS
OMRON CX-Supervisor sr3 File Parsing DeleteFile Arbitrary File Deletion Vulnerability
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
5CVSS
4.2AI Score
0.001EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
7.3CVSS
5.1AI Score
0.001EPSS
OMRON CX-Supervisor sr3 File Parsing MoveFile Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
7.3CVSS
3.8AI Score
0.001EPSS
OMRON CX-Supervisor sr3 File Parsing EditFile API Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
7.3CVSS
4.6AI Score
0.001EPSS
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
3.4AI Score
0.004EPSS
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
3.4AI Score
0.004EPSS
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
3.4AI Score
0.004EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
2.6AI Score
0.01EPSS
LAquis SCADA LGX Report File Open Path Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.2AI Score
0.01EPSS
LAquis SCADA LGX Report MemoryWriteLong Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
2.6AI Score
0.01EPSS
LAquis SCADA LGX Report TextFile Append Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
1.9AI Score
0.01EPSS
LAquis SCADA LGX Report ShellExecute Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
2.3AI Score
0.01EPSS
LAquis SCADA LGX Report Edit Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
1.8AI Score
0.01EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorioindividual.lhtml. When parsing the TITULO...
8.8CVSS
4.3AI Score
0.053EPSS
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LQS files. The issue results from the lack of...
7.1CVSS
3.8AI Score
0.001EPSS
LAquis SCADA Web Server URI Parsing Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of URIs by the product's web server. A crafted URI can cause the...
5.3CVSS
2.7AI Score
0.003EPSS
OMRON CX-Supervisor sr3 File Parsing CopyFile Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
7.3CVSS
3.5AI Score
0.001EPSS
LAquis SCADA LGX Report Format File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing....
7.8CVSS
3.5AI Score
0.006EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.3AI Score
0.01EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.2AI Score
0.01EPSS
LAquis SCADA LGX Report File BlockWrite Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
1.8AI Score
0.01EPSS
LAquis SCADA LGX Report Ini WriteString Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
1.7AI Score
0.01EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.3AI Score
0.01EPSS
LAquis SCADA LGX Report TextFile Read Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.5AI Score
0.01EPSS
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
8.8CVSS
1.3AI Score
0.01EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorioindividual.lhtml. When parsing the TAG...
8.8CVSS
4.3AI Score
0.053EPSS
LAquis SCADA Web Server relatorionome TITULO Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorionome.lhtml. When parsing the TITULO Element,.....
9.8CVSS
3.9AI Score
0.051EPSS
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing....
7.8CVSS
4.4AI Score
0.002EPSS
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....
3.3CVSS
1.8AI Score
0.001EPSS
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
3.4AI Score
0.004EPSS
OMRON CX-Supervisor scs File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
8.8CVSS
3.4AI Score
0.004EPSS
OMRON CX-Supervisor SCS File Parsing CStringData Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling.....
7.3CVSS
3.3AI Score
0.001EPSS