Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gerhard hechenberger vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2023-33920
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affected devices contain the hash of the root password in a hard-coded form, which could be exploited for UART console login to t...
Siemens Cpci85 Firmware
7.2
CVSSv3
CVE-2023-33919
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could allo...
Siemens Cpci85 Firmware
6.8
CVSSv3
CVE-2023-33921
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). The affected devices contain an exposed UART console login interface. An attacker with direct physical access could try to bruteforce...
Siemens Cpci85 Firmware
9.8
CVSSv3
CVE-2023-28489
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation”...
Siemens Cp-8031 Firmware
Siemens Cp-8050 Firmware
6.1
CVSSv3
CVE-2022-4286
A reflected cross-site scripting (XSS) vulnerability exists in System Diagnostics Manager of B&R Automation Runtime versions >=3.00 and <=C4.93 that enables a remote malicious user to execute arbitrary JavaScript in the context of the users browser session.
Br-automation Automation Runtime
5.5
CVSSv3
CVE-2022-39837
An issue exists in Connected Vehicle Systems Alliance (COVESA) dlt-daemon up to and including 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,
Genivi Diagnostic Log And Trace
5.5
CVSSv3
CVE-2022-39836
An issue exists in Connected Vehicle Systems Alliance (COVESA) dlt-daemon up to and including 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of o...
Genivi Diagnostic Log And Trace
5.4
CVSSv3
CVE-2022-30982
An issue exists in Gentics CMS prior to 5.43.1. There is stored XSS in the profile description and in the username.
Gentics Gentics Cms
7.5
CVSSv3
CVE-2022-31212
An issue exists in dbus-broker prior to 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.
Dbus-broker Project Dbus-broker
7.5
CVSSv3
CVE-2022-31213
An issue exists in dbus-broker prior to 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.
Dbus-broker Project Dbus-broker
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »