Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
karn ganeshen vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2016-2278
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and previous versions and AS-P 1.7 and previous versions allows remote authenticated administrators to execute arbitrary OS commands by defeating an msh (aka Minimal Shell) protection mechanism.
Schneider-electric Struxureware Building Operations Automation Server As Firmware
Schneider-electric Struxureware Building Operations Automation Server As-p Firmware 1.7
1 EDB exploit
7.5
CVSSv2
CVE-2015-7924
eWON devices with firmware prior to 10.1s0 do not trigger the discarding of browser session data in response to a log-off action, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Ewon Ewon Firmware
5
CVSSv2
CVE-2015-7926
eWON devices with firmware prior to 10.1s0 omit RBAC for I/O server information and status requests, which allows remote malicious users to obtain sensitive information via an unspecified URL.
Ewon Ewon Firmware
4.3
CVSSv2
CVE-2015-7927
Cross-site scripting (XSS) vulnerability on eWON devices with firmware up to and including 10.1s0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ewon Ewon Firmware
5
CVSSv2
CVE-2015-7928
eWON devices with firmware prior to 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Ewon Ewon Firmware
5
CVSSv2
CVE-2015-7929
eWON devices with firmware up to and including 10.1s0 support unspecified GET requests, which might allow remote malicious users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history.
Ewon Ewon Firmware
9.3
CVSSv2
CVE-2017-5161
An issue exists in Sielco Sistemi Winlog Lite SCADA Software, versions prior to Version 3.02.01, and Winlog Pro SCADA Software, versions prior to Version 3.02.01. An uncontrolled search path element (DLL Hijacking) vulnerability has been identified. Exploitation of this vulnerabi...
Sielcosistemi Winlog Lite
Sielcosistemi Winlog Pro
4.6
CVSSv2
CVE-2017-14019
An Unquoted Search Path or Element issue exists in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his o...
Progea Movicon 11.5.1181
7.2
CVSSv2
CVE-2017-12728
An Improper Privilege Management issue exists in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an malicious user to execute arbitrary cod...
Spidercontrol Scada Webserver
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4