Vulnerabilidades em ICS-CERT

93 resultados

CVE-2018-10619—An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may EPSS 2.8%CVE-2019-6524—Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to disEPSS 2.7%CVE-2018-17937—gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow rEPSS 2.7%CVE-2017-9664—In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker EPSS 2.7%CVE-2017-7931—In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to acceEPSS 2.6%CVE-2019-6528—PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy versions Telecontrol Gateway 3G Versions 4EPSS 2.6%CVE-2018-7509—WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could EPSS 2.6%CVE-2018-18988—LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may alEPSS 2.6%CVE-2019-6522—Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may alloEPSS 2.5%CVE-2018-18996—LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attEPSS 2.5%CVE-2019-6559—Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch toEPSS 2.4%CVE-2018-19011—CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execuEPSS 2.4%CVE-2018-19017—Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the aEPSS 2.4%CVE-2018-18998—LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system witEPSS 2.4%CVE-2018-8833—Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pmEPSS 2.3%CVE-2018-14785—NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly EPSS 2.2%CVE-2018-14795—DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5 is vulnerable due to improper path validation which may allow an attacker to replace EPSS 2.2%CVE-2018-8866—In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could perform command injection.EPSS 2.2%CVE-2018-8835—Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allEPSS 2.1%CVE-2018-8837—Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intEPSS 2.1%

← anteriorpágina 2 / 5próxima →