Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
energy vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-12007
A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and previous versions,...
Mitsubishielectric Mc Works32 9.50.255.02
Mitsubishielectric Mc Works
Iconics Mobilehmi -
Iconics Facility Analytix -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Energy Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Genesis32 -
Iconics Bizviz -
9.8
CVSSv3
CVE-2020-12011
A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and previous versions, all versions; MC Works32 version ...
Mitsubishielectric Mc Works
Mitsubishielectric Mc Works32 9.50.255.02
Iconics Energy Analytix -
Iconics Facility Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Mobilehmi -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Bizviz -
Iconics Genesis32 -
9.1
CVSSv3
CVE-2020-12013
A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and previous versions, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9...
Mitsubishielectric Mc Works32 9.50.255.02
Mitsubishielectric Mc Works64
Iconics Energy Analytix -
Iconics Facility Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Mobilehmi -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Bizviz -
Iconics Genesis32 -
7.5
CVSSv3
CVE-2020-12015
A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition due to improper deserialization. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and previous versions, all versions; Mitsubishi Electri...
Mitsubishielectric Mc Works
Mitsubishielectric Mc Works32 9.50.255.02
Iconics Energy Analytix -
Iconics Facility Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Mobilehmi -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Bizviz -
Iconics Genesis32 -
7.8
CVSSv3
CVE-2018-0468
A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite (CEMS) could allow an authenticated, local malicious user to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database...
Cisco Energy Management Suite 5.2
8
CVSSv3
CVE-2018-15445
A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due ...
Cisco Energy Management Suite Software -
6.1
CVSSv3
CVE-2018-7797
A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure Energy Expert 1.3 (formerly Power Manager), EcoStruxure Power SCADA Operation (PSO) 8.2 Advanced ...
Schneider-electric Ecostruxure Power Scada Operation 9.0
Schneider-electric Ecostruxure Power Scada Operation 8.2
Schneider-electric Ecostruxure Energy Expert 1.3
Schneider-electric Ecostruxure Power Monitoring Expert 8.2
Schneider-electric Ecostruxure Energy Expert 2.0
Schneider-electric Ecostruxure Power Monitoring Expert 9.0
7.3
CVSSv3
CVE-2018-15444
A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote malicious user to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML Ex...
Cisco Energy Management Suite Software -
6.1
CVSSv3
CVE-2016-5902
IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Maximo For Oil And Gas 7.6
Ibm Maximo For Transportation 7.6
Ibm Maximo For Utilities 7.6
Ibm Maximo For Aviation 7.6
Ibm Maximo For Aviation 7.1
Ibm Maximo For Energy Optimization 7.1
Ibm Maximo For Government 7.1
Ibm Maximo Asset Management 7.1
Ibm Maximo For Nuclear Power 7.6
Ibm Maximo For Energy Optimization 7.6
Ibm Maximo For Nuclear Power 7.5
Ibm Maximo For Transportation 7.5
Ibm Maximo For Nuclear Power 7.1
Ibm Maximo For Transportation 7.1
Ibm Maximo For Life Sciences 7.5
Ibm Maximo Asset Management 7.5
Ibm Maximo For Utilities 7.5
Ibm Maximo For Aviation 7.5
Ibm Maximo For Energy Optimization 7.5
Ibm Maximo For Government 7.5
Ibm Maximo Asset Management 7.6
Ibm Maximo For Government 7.6
NA
CVE-2024-2097
Authenticated List control client can execute the LINQ query in SCM Server to present event as list for operator. An authenticated malicious client can send special LINQ query to execute arbitrary code remotely (RCE) on the SCM Server that an attacker otherwise does not have auth...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »