Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sis vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2024-26777
In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl() interface. If the driver doesn't check the value of pixclock, it may cause divide-by-ze...
NA
CVE-2023-33924
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Felix Welberg SIS Handball allows SQL Injection.This issue affects SIS Handball: from n/a up to and including 1.0.45.
Felixwelberg Sis Handball
NA
CVE-2023-41684
Cross-Site Request Forgery (CSRF) vulnerability in Felix Welberg SIS Handball plugin <= 1.0.45 versions.
Felixwelberg Sis Handball
NA
CVE-2021-28485
In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via ...
Ericsson Mobile Switching Center Server Bc 18a Firmware
NA
CVE-2022-30260
Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware integrity (an inadequate checksum approach, and no signature). This affects versions prior to 14.3 of DeltaV M-series, DeltaV S-series, DeltaV P-series, DeltaV SIS, and DeltaV CIOC/EIOC/WIOC...
Emerson Deltav Distributed Control System Sq Controller FirmwareEmerson Deltav Distributed Control System Sx Controller FirmwareEmerson Se4002s1t2b6 High Side 40-pin Mass I\\/o Terminal Block FirmwareEmerson Se4003s2b4 16-pin Mass I\\/o Terminal Block FirmwareEmerson Se4003s2b524-pin Mass I\\/o Terminal Block FirmwareEmerson Se4017p0 H1 I\\/o Interface Card And Terminl Block FirmwareEmerson Se4017p1 H1 I\\/o Card With Integrated Power FirmwareEmerson Se4019p0 Simplex H1 4-port Plus Fieldbus I\\/o Interface With Terminalblock FirmwareEmerson Se4026 Virtual I\\/o Module 2 FirmwareEmerson Se4027 Virtual I\\/o Module 2 FirmwareEmerson Se4032s1t2b8 High Side 40-pin Do Mass I\\/o Terminal Block FirmwareEmerson Se4037p0 H1 I\\/o Interface Card And Terminl Block FirmwareEmerson Se4037p1 Redundant H1 I\\/o Card With Integrated Power And Terminal Block FirmwareEmerson Se4039p0 Redundant H1 4-port Plus Fieldbus I\\/o Interface With Terminalblock FirmwareEmerson Se4052s1t2b6 High Side 40-pin Mass I\\/o Terminal Block FirmwareEmerson Se4082s1t2b8 High Side 40-pin Do Mass I\\/o Terminal Block FirmwareEmerson Se4100 Simplex Ethernet I\\/o Card \\(eioc\\) Assembly FirmwareEmerson Se4101 Simplex Ethernet I\\/o Card \\(eioc\\) Assembly FirmwareEmerson Se4801t0x Redundant Wireless I\\/o Card FirmwareEmerson Ve4103 Modbus Tcp Interface For Ethernet Connected I\\/o \\(eioc\\) FirmwareEmerson Ve4104 Ethernet\\/ip Control Tag Integration For Ethernet Connected I\\/o \\(eioc\\) FirmwareEmerson Ve4105 Ethernet\\/ip Interface For Ethernet Connected I\\/o \\(eioc\\) Firmware
NA
CVE-2022-29957
The Emerson DeltaV Distributed Control System (DCS) through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade (18508/TCP, 18518/TCP); Plug-and-Play (18510/UDP); Hawk servic...
Emerson Deltav Distributed Control System
NA
CVE-2022-29965
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29 misuse passwords. Access to privileged operations on the maintenance port TELNET interface (23/TCP) on M-series and SIS (CSLS/LSNB/LSNG) nodes is controlled by means of utility passwor...
Emerson Deltav Distributed Control SystemEmerson Deltav Distributed Control System Sq Controller FirmwareEmerson Deltav Distributed Control System Sx Controller FirmwareEmerson Se4002s1t2b6 High Side 40-pin Mass I\\/o Terminal Block FirmwareEmerson Se4003s2b4 16-pin Mass I\\/o Terminal Block FirmwareEmerson Se4003s2b524-pin Mass I\\/o Terminal Block FirmwareEmerson Se4017p0 H1 I\\/o Interface Card And Terminl Block FirmwareEmerson Se4017p1 H1 I\\/o Card With Integrated Power FirmwareEmerson Se4019p0 Simplex H1 4-port Plus Fieldbus I\\/o Interface With Terminalblock FirmwareEmerson Se4026 Virtual I\\/o Module 2 FirmwareEmerson Se4027 Virtual I\\/o Module 2 FirmwareEmerson Se4032s1t2b8 High Side 40-pin Do Mass I\\/o Terminal Block FirmwareEmerson Se4037p0 H1 I\\/o Interface Card And Terminl Block FirmwareEmerson Se4037p1 Redundant H1 I\\/o Card With Integrated Power And Terminal Block FirmwareEmerson Se4039p0 Redundant H1 4-port Plus Fieldbus I\\/o Interface With Terminalblock FirmwareEmerson Se4052s1t2b6 High Side 40-pin Mass I\\/o Terminal Block FirmwareEmerson Se4082s1t2b8 High Side 40-pin Do Mass I\\/o Terminal Block FirmwareEmerson Se4100 Simplex Ethernet I\\/o Card \\(eioc\\) Assembly FirmwareEmerson Se4101 Simplex Ethernet I\\/o Card \\(eioc\\) Assembly FirmwareEmerson Se4801t0x Redundant Wireless I\\/o Card FirmwareEmerson Ve4103 Modbus Tcp Interface For Ethernet Connected I\\/o \\(eioc\\) FirmwareEmerson Ve4104 Ethernet\\/ip Control Tag Integration For Ethernet Connected I\\/o \\(eioc\\) Firmware
4.3
CVSSv2
CVE-2021-31537
SIS SIS-REWE Go prior to 7.7 SP17 allows XSS: rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters).
4.6
CVSSv2
CVE-2015-5466
Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call.
Sis Xgi Vga Display Manager 6.14.10.1090
10
CVSSv2
CVE-2016-2783
Avaya Fabric Connect Virtual Services Platform (VSP) Operating System Software (VOSS) prior to 4.2.3.0 and 5.x prior to 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote malicious users to obtain unauthorized access via crafted Ethernet frames.
Avaya Vsp Operating System SoftwareAvaya Vsp Operating System Software 5.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook