Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-17901
LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an malicious user to execute code under the current process.
Lcds Laquis Scada
6.8
CVSSv2
CVE-2018-17911
LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.
Lcds Laquis Scada
4.3
CVSSv2
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess\\/scada
8.3
CVSSv2
CVE-2018-18988
LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash.
Lcds Laquis Scada
5
CVSSv2
CVE-2018-18990
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.
Lcds Laquis Scada
4.3
CVSSv2
CVE-2018-18991
Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions before 2.03.0001) could allow an malicious user to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser.
Spidercontrol Scada Webserver
6.8
CVSSv2
CVE-2018-18992
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an malicious user to execute remote code on the server.
Lcds Laquis Scada
7.8
CVSSv2
CVE-2018-18994
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration.
Laquisscada Laquis Scada
7.5
CVSSv2
CVE-2018-18996
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an malicious user to execute remote code on the server.
Lcds Laquis Scada
7.5
CVSSv2
CVE-2018-18998
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.
Lcds Laquis Scada
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »