Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Progea Security Vulnerabilities

cve
cve

CVE-2011-2963

TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.

8AI Score

0.1EPSS

2011-07-29 07:55 PM
25
cve
cve

CVE-2011-3491

Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.

8.3AI Score

0.025EPSS

2011-09-16 02:28 PM
23
cve
cve

CVE-2011-3498

Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.

8.4AI Score

0.021EPSS

2011-09-16 05:26 PM
20
cve
cve

CVE-2011-3499

Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.

8.2AI Score

0.027EPSS

2011-09-16 05:26 PM
27
cve
cve

CVE-2012-1804

The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request.

6.7AI Score

0.023EPSS

2012-05-14 08:55 PM
29
cve
cve

CVE-2014-0778

The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.

6.5AI Score

0.006EPSS

2014-04-19 07:55 PM
22
cve
cve

CVE-2017-14017

An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file.

7.8CVSS

7.8AI Score

0.004EPSS

2017-10-19 11:29 PM
33
cve
cve

CVE-2017-14019

An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privi...

6.7CVSS

7.3AI Score

0.0004EPSS

2017-10-19 11:29 PM
36