Recent Vulnerabilities


NA
CVE-2018-10623

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buf...

NA
CVE-2018-10621

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or ca...

NA
CVE-2018-10617

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cau...

NA
CVE-2018-9029

An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.

NA
CVE-2018-9028

Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.

NA
CVE-2018-9027

A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.

NA
CVE-2018-9026

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.

NA
CVE-2018-9025

An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.

NA
CVE-2018-9024

An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.

NA
CVE-2018-9023

An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.