Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
karn ganeshen vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7910
A Stack-Based Buffer Overflow issue exists in Digital Canal Structural Wind Analysis versions 9.1 and prior. An attacker may be able to run arbitrary code by remotely exploiting an executable to perform a denial-of-service attack.
Digital Canal Structural Wind Analysis 9.1
7.8
CVSSv3
CVE-2017-7968
An Incorrect Default Permissions issue exists in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a new directory and two files, which are placed in the system's path and can be manip...
Schneider-electric Wonderware Indusoft Web Studio
NA
CVE-2010-0607
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote malicious users to inject arbitrary web script or HTML via the Stat_Radio parameter.
Sterlitetechnologies Sam300 Ax Router
1 EDB exploit
6.5
CVSSv3
CVE-2015-8703
ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-...
Zte Zxhn H108n R1a Firmware
Zte Zxv10 W300 Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2015-6472
WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential management.
Wago 750-849 Firmware 01.01.27
Wago 750-849 Firmware 01.02.05
Wago 750-881 Firmware 01.01.27
Wago 750-881 Firmware 01.02.05
Wago 758-870 Firmware 01.01.27
Wago 758-870 Firmware 01.02.05
9.8
CVSSv3
CVE-2015-6473
WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation.
Wago 750-849 Firmware 01.01.27
Wago 758-870 Firmware 01.01.27
Wago 758-870 Firmware 01.02.05
NA
CVE-2015-6477
Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Control 2 (NC2) SCADA 16 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Nordex Nordex Control 2 Scada
7.8
CVSSv3
CVE-2017-14017
An Uncontrolled Search Path Element issue exists in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL fil...
Progea Movicon
6.7
CVSSv3
CVE-2017-14019
An Unquoted Search Path or Element issue exists in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his o...
Progea Movicon 11.5.1181
7.2
CVSSv3
CVE-2016-2278
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and previous versions and AS-P 1.7 and previous versions allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh (aka Minimal Shell) protection mechanism.
Schneider-electric Struxureware Building Operations Automation Server As Firmware
Schneider-electric Struxureware Building Operations Automation Server As-p Firmware 1.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »