Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
energy vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-12009
A specially crafted communication packet sent to the affected device could cause a denial-of-service condition due to a deserialization vulnerability. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and previous versions, all versions; Mitsubishi Electri...
Mitsubishielectric Mc Works
Mitsubishielectric Mc Works32 9.50.255.02
Iconics Energy Analytix -
Iconics Facility Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Mobilehmi -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Bizviz -
Iconics Genesis32 -
570
VMScore
CVE-2020-12013
A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C (10.95.208.31) and previous versions, all versions; Mitsubishi Electric MC Works32 Version 3.00A (9...
Mitsubishielectric Mc Works32 9.50.255.02
Mitsubishielectric Mc Works64
Iconics Energy Analytix -
Iconics Facility Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Mobilehmi -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Bizviz -
Iconics Genesis32 -
668
VMScore
CVE-2020-12007
A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and previous versions,...
Mitsubishielectric Mc Works32 9.50.255.02
Mitsubishielectric Mc Works
Iconics Mobilehmi -
Iconics Facility Analytix -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Energy Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Genesis32 -
Iconics Bizviz -
668
VMScore
CVE-2020-12011
A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. This issue affects: Mitsubishi Electric MC Works64 version 4.02C (10.95.208.31) and previous versions, all versions; MC Works32 version ...
Mitsubishielectric Mc Works
Mitsubishielectric Mc Works32 9.50.255.02
Iconics Energy Analytix -
Iconics Facility Analytix -
Iconics Genesis64 -
Iconics Hyper Historian -
Iconics Mobilehmi -
Iconics Quality Analytix -
Iconics Smart Energy Analytix -
Iconics Bizviz -
Iconics Genesis32 -
409
VMScore
CVE-2018-0468
A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite (CEMS) could allow an authenticated, local malicious user to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database...
Cisco Energy Management Suite 5.2
516
VMScore
CVE-2018-7797
A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure Energy Expert 1.3 (formerly Power Manager), EcoStruxure Power SCADA Operation (PSO) 8.2 Advanced ...
Schneider-electric Ecostruxure Power Scada Operation 9.0
Schneider-electric Ecostruxure Power Scada Operation 8.2
Schneider-electric Ecostruxure Energy Expert 1.3
Schneider-electric Ecostruxure Power Monitoring Expert 8.2
Schneider-electric Ecostruxure Energy Expert 2.0
Schneider-electric Ecostruxure Power Monitoring Expert 9.0
436
VMScore
CVE-2018-15444
A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote malicious user to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML Ex...
Cisco Energy Management Suite Software -
534
VMScore
CVE-2018-15445
A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due ...
Cisco Energy Management Suite Software -
383
VMScore
CVE-2016-5902
IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Maximo For Oil And Gas 7.6
Ibm Maximo For Transportation 7.6
Ibm Maximo For Utilities 7.6
Ibm Maximo For Aviation 7.6
Ibm Maximo For Aviation 7.1
Ibm Maximo For Energy Optimization 7.1
Ibm Maximo For Government 7.1
Ibm Maximo Asset Management 7.1
Ibm Maximo For Nuclear Power 7.6
Ibm Maximo For Energy Optimization 7.6
Ibm Maximo For Nuclear Power 7.5
Ibm Maximo For Transportation 7.5
Ibm Maximo For Nuclear Power 7.1
Ibm Maximo For Transportation 7.1
Ibm Maximo For Life Sciences 7.5
Ibm Maximo Asset Management 7.5
Ibm Maximo For Utilities 7.5
Ibm Maximo For Aviation 7.5
Ibm Maximo For Energy Optimization 7.5
Ibm Maximo For Government 7.5
Ibm Maximo Asset Management 7.6
Ibm Maximo For Government 7.6
578
VMScore
CVE-2020-7545
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access a...
Schneider-electric Ecostruxure Energy Expert 2.0
Schneider-electric Ecostruxure Power Monitoring Expert 9.0
Schneider-electric Power Manager 1.1
Schneider-electric Power Manager 1.2
Schneider-electric Power Manager 1.3
Schneider-electric Ecostruxure Power Monitoring Expert 8.0
Schneider-electric Ecostruxure Power Monitoring Expert 7.0
Schneider-electric Powerscada Operation With Advanced Reporting And Dashboards 9.0
Schneider-electric Powerscada Expert With Advanced Reporting And Dashboards 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »