Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-37952
A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an malicious user to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack co...
Ge Workstationst
6.1
CVSSv3
CVE-2022-37953
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an malicious user to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments render...
Ge Workstationst
4.8
CVSSv3
CVE-2018-17925
Multiple instances of this vulnerability (Unsafe ActiveX Control Marked Safe For Scripting) have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX produc...
Ge Ifix
8.8
CVSSv3
CVE-2021-27438
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
9.8
CVSSv3
CVE-2021-27440
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
7.8
CVSSv3
CVE-2021-27448
A miscommunication in the file system allows adversaries with access to the MU320E to escalate privileges on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.8
CVSSv3
CVE-2021-27450
SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.8
CVSSv3
CVE-2021-27454
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
7.8
CVSSv3
CVE-2023-1552
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an...
Ge Toolboxst
NA
CVE-2012-0232
Directory traversal vulnerability in rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6, 3.0, 3.0 SP1, and 3.5 allows remote malicious users to modify the configuration via crafted strings.
Ge Intelligent Platforms Proficy Real-time Information Portal 2.6
Ge Intelligent Platforms Proficy Real-time Information Portal 3.0
Ge Intelligent Platforms Proficy Real-time Information Portal 3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »