Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-27450
SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.8
CVSSv3
CVE-2021-27452
The software contains a hard-coded password that could allow an malicious user to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
9.8
CVSSv3
CVE-2018-10611
Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services.
Ge Mds Pulsenet
7.5
CVSSv3
CVE-2018-10613
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
Ge Mds Pulsenet
8.1
CVSSv3
CVE-2018-10615
Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.
Ge Mds Pulsenet
8.1
CVSSv3
CVE-2022-46331
An unauthorized user could possibly delete any file on the system.
Ge Proficy Historian
7.3
CVSSv3
CVE-2023-0898
General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.
Ge Micom S1 Agile -
7.5
CVSSv3
CVE-2022-43975
An issue exists in FC46-WebBridge on GE Grid Solutions MS3000 devices prior to 3.7.6.25p0_3.2.2.17p0_4.7p0. A vulnerability in the web server allows arbitrary files and configurations to be read via directory traversal over TCP port 8888.
Ge Ms 3000 Firmware
9.8
CVSSv3
CVE-2022-43976
An issue exists in FC46-WebBridge on GE Grid Solutions MS3000 devices prior to 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication.
Ge Ms 3000 Firmware
9.8
CVSSv3
CVE-2022-43977
An issue exists on GE Grid Solutions MS3000 devices prior to 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control.
Ge Ms 3000 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »