Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada web server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-18990
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.
Lcds Laquis Scada
4.3
CVSSv2
CVE-2022-24319
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA web server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions...
Schneider-electric Clearscada -
Schneider-electric Ecostruxure Geo Scada Expert 2019
Schneider-electric Ecostruxure Geo Scada Expert 2020
5
CVSSv2
CVE-2020-7000
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated malicious user to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authent...
Visam Vbase Editor 11.5.0.2
Visam Vbase Web-remote -
5
CVSSv2
CVE-2020-25710
A flaw was found in OpenLDAP in versions prior to 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Openldap Openldap
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Core Services -
Debian Debian Linux 9.0
Fedoraproject Fedora 33
9
CVSSv2
CVE-2015-0979
Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server prior to 2.1.371.24 allows remote malicious users to execute arbitrary code via a crafted packet.
Scadaengine Bacnet Opc Server
4
CVSSv2
CVE-2020-3516
A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote malicious user to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vul...
Cisco Ios Xe
Cisco Ios Xe 17.2.1
7.5
CVSSv2
CVE-2015-0981
The SOAP web interface in SCADA Engine BACnet OPC Server prior to 2.1.371.24 allows remote malicious users to bypass authentication and read or write to arbitrary database fields via unspecified vectors.
Scadaengine Bacnet Opc Server
9
CVSSv2
CVE-2020-3211
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An atta...
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1b
Cisco Ios Xe 16.10.1e
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1t
9
CVSSv2
CVE-2015-0980
Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server prior to 2.1.371.24 allows remote malicious users to execute arbitrary code via format string specifiers in a request.
Scadaengine Bacnet Opc Server
4.3
CVSSv2
CVE-2016-2279
Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* prior to 28.011+ allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Rockwellautomation Compactlogix 1769-l16er-bb1b Firmware
Rockwellautomation Compactlogix 1769-l18er-bb1b Firmware
Rockwellautomation Compactlogix 1769-l18erm-bb1b Firmware
Rockwellautomation Compactlogix 1769-l24er-qb1b Firmware
Rockwellautomation Compactlogix 1769-l24er-qbfc1b Firmware
Rockwellautomation Compactlogix 1769-l27erm-qbfc1b Firmware
Rockwellautomation Compactlogix 1769-l30er Firmware
Rockwellautomation Compactlogix 1769-l30erm Firmware
Rockwellautomation Compactlogix 1769-l30er-nse Firmware
Rockwellautomation Compactlogix 1769-l33er Firmware
Rockwellautomation Compactlogix 1769-l33erm Firmware
Rockwellautomation Compactlogix 1769-l36erm Firmware
Rockwellautomation Compactlogix 1769-l23e-qb1b Firmware
Rockwellautomation Compactlogix 1769-l23e-qbfc1b Firmware
Rockwellautomation Compactlogix 1756-en2f Series A Firmware
Rockwellautomation Compactlogix 1756-en2f Series B Firmware
Rockwellautomation Compactlogix 1756-en2t Series A Firmware
Rockwellautomation Compactlogix 1756-en2t Series B Firmware
Rockwellautomation Compactlogix 1756-en2t Series C Firmware
Rockwellautomation Compactlogix 1756-en2t Series D Firmware
Rockwellautomation Compactlogix 1756-en2tr Series A Firmware
Rockwellautomation Compactlogix 1756-en2tr Series B Firmware
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »