Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
raise vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-28621
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wishfulthemes Raise Mag, Wishfulthemes Wishful Blog themes allows Reflected XSS.This issue affects Raise Mag: from n/a up to and including 1.0.7; Wishful Blog: from n/a...
Wishfulthemes Raise Mag
Wishfulthemes Wishful Blog
9.1
CVSSv3
CVE-2022-29952
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) sof...
Bakerhughes Bently Nevada 3701/40 Firmware
Bakerhughes Bently Nevada 3701/44 Firmware
Bakerhughes Bently Nevada 3701/46 Firmware
Bakerhughes Bently Nevada 60m100 Firmware -
1 Article
7.8
CVSSv3
CVE-2022-29957
The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk servic...
Emerson Deltav Distributed Control System
1 Article
9.8
CVSSv3
CVE-2022-29953
The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. An attacker capable of connecting to this interface can thus trivially take over its functionality.
Bakerhughes Bently Nevada 3701/40 Firmware
Bakerhughes Bently Nevada 3701/44 Firmware
Bakerhughes Bently Nevada 3701/46 Firmware
Bakerhughes Bently Nevada 60m100 Firmware -
1 Article
9.8
CVSSv3
CVE-2022-30264
The Emerson ROC and FloBoss RTU product lines through 2022-05-02 perform insecure filesystem operations. They utilize the ROC protocol (4000/TCP, 5000/TCP) for communications between a master terminal and RTUs. Opcode 203 of this protocol allows a master terminal to transfer file...
Emerson Dl8000 Firmware
Emerson Roc809 Firmware
Emerson Roc800l Firmware
Emerson Fb3000 Rtu Firmware
Emerson Roc827 Firmware
1 Article
7.5
CVSSv3
CVE-2022-30276
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) an...
Motorola Moscad Ip Gateway Firmware
Motorola Ace Ip Gateway (4600) Firmware
1 Article
9.1
CVSSv3
CVE-2022-30317
Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access (CDA) EpicMo protocol with unauthenticated functionality issue. The affected components are characterized...
Honeywell Experion Lx Firmware
1 Article
7.5
CVSSv3
CVE-2022-30313
Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0051, there is a Honeywell Experion PKS Safety Manager multiple proprietary protocols with unauthenticated functionality issue. The affected compone...
Honeywell Safety Manager Firmware -
1 Article
9.8
CVSSv3
CVE-2022-31206
The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machin...
Omron Nx701-1600 Firmware
Omron Nx701-1620 Firmware
Omron Nx701-1700 Firmware
Omron Nx701-1720 Firmware
Omron Nx701-z600 Firmware
Omron Nx701-z700 Firmware
Omron Nj101-1000 Firmware
Omron Nj101-1020 Firmware
Omron Nj101-9000 Firmware
Omron Nj101-9020 Firmware
Omron Nj301-1100 Firmware
Omron Nj301-1200 Firmware
Omron Nj501-1300 Firmware
Omron Nj501-1320 Firmware
Omron Nj501-1340 Firmware
Omron Nj501-1400 Firmware
Omron Nj501-1420 Firmware
Omron Nj501-1500 Firmware
Omron Nj501-1520 Firmware
Omron Nj501-4300 Firmware
Omron Nj501-4320 Firmware
Omron Nj501-4400 Firmware
1 Article
9.8
CVSSv3
CVE-2017-20166
Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise.
Ecto Project Ecto 2.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »