Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quantum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-29935
USU Oracle Optimization prior to 5.17.5 allows malicious users to discover the quantum credentials via an agent-installer download. NOTE: this is not an Oracle Corporation product.
Usu Oracle Optimization 20210817
9.8
CVSSv3
CVE-2018-7761
A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.
Schneider-electric Bmxnor0200 Firmware -
Schneider-electric Bmxnor0200h Firmware -
Schneider-electric 140cpu65150 Firmware -
Schneider-electric 140cpu31110 Firmware -
Schneider-electric 140cpu43412u Firmware -
Schneider-electric 140cpu65160 Firmware -
Schneider-electric 140cpu65260 Firmware -
Schneider-electric 140cpu65860 Firmware -
Schneider-electric 140cpu65160s Firmware -
Schneider-electric 140cpu65150c Firmware -
Schneider-electric 140cpu31110c Firmware -
Schneider-electric 140cpu43412uc Firmware -
Schneider-electric 140cpu65160c Firmware -
Schneider-electric 140cpu65260c Firmware -
Schneider-electric 140cpu65860c Firmware -
Schneider-electric Modicon M340 Bmxp341000 Firmware -
Schneider-electric Modicon M340 Bmxp342000 Firmware -
Schneider-electric Modicon M340 Bmxp3420102 Firmware -
Schneider-electric Modicon M340 Bmxp3420102cl Firmware -
Schneider-electric Modicon M340 Bmxp342020 Firmware -
Schneider-electric Modicon M340 Bmxp3420302 Firmware -
Schneider-electric Modicon M340 Bmxp3420302cl Firmware -
7.8
CVSSv3
CVE-2014-9822
Heap-based buffer overflow in ImageMagick allows remote malicious users to have unspecified impact via a crafted quantum file.
Imagemagick Imagemagick -
9.8
CVSSv3
CVE-2018-7760
An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.
Schneider-electric Bmxnor0200 Firmware -
Schneider-electric Bmxnor0200h Firmware -
Schneider-electric 140cpu65150 Firmware -
Schneider-electric 140cpu31110 Firmware -
Schneider-electric 140cpu43412u Firmware -
Schneider-electric 140cpu65160 Firmware -
Schneider-electric 140cpu65260 Firmware -
Schneider-electric 140cpu65860 Firmware -
Schneider-electric 140cpu65160s Firmware -
Schneider-electric 140cpu65150c Firmware -
Schneider-electric 140cpu31110c Firmware -
Schneider-electric 140cpu43412uc Firmware -
Schneider-electric 140cpu65160c Firmware -
Schneider-electric 140cpu65260c Firmware -
Schneider-electric 140cpu65860c Firmware -
Schneider-electric Modicon M340 Bmxp341000 Firmware -
Schneider-electric Modicon M340 Bmxp342000 Firmware -
Schneider-electric Modicon M340 Bmxp3420102 Firmware -
Schneider-electric Modicon M340 Bmxp3420102cl Firmware -
Schneider-electric Modicon M340 Bmxp342020 Firmware -
Schneider-electric Modicon M340 Bmxp3420302 Firmware -
Schneider-electric Modicon M340 Bmxp3420302cl Firmware -
5.5
CVSSv3
CVE-2012-5476
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
Openstack Horizon 2012.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.1
CVSSv3
CVE-2019-6816
In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol.
Schneider-electric Modicon Quantum Firmware
5.3
CVSSv3
CVE-2018-18586
chmextract.c in the chmextract sample program, as distributed with libmspack prior to 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract....
Kyzer Libmspack 0.7
Kyzer Libmspack 0.6
Kyzer Libmspack 0.5
Kyzer Libmspack 0.4
Kyzer Libmspack 0.3
8.8
CVSSv3
CVE-2020-7534
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modico...
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric 140cpu65 Firmware
Schneider-electric Tsxp57 Firmware
Schneider-electric Bmxnoc0401 Firmware
Schneider-electric Bmxnoe01 Firmware
Schneider-electric Bmxnor0200h Firmware
Schneider-electric 140noe77111 Firmware
Schneider-electric 140noc78000 Firmware
Schneider-electric Tsxety5103 Firmware
Schneider-electric Tsxety4103 Firmware
7.5
CVSSv3
CVE-2021-22788
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communi...
Schneider-electric Modicon M340 Bmxp342020 Firmware
Schneider-electric Bmxnoe0100 Firmware
Schneider-electric Bmxnoe0110 Firmware
Schneider-electric Bmxnoc0401 Firmware
Schneider-electric Bmxnor0200h Rtu Firmware
Schneider-electric Tsxp574634 Firmware
Schneider-electric Tsxp575634 Firmware
Schneider-electric Tsxp576634 Firmware
Schneider-electric 140cpu65150 Firmware
Schneider-electric 140noe771x1 Firmware
Schneider-electric 140noc78x00 Firmware
Schneider-electric 140noc77101 Firmware
Schneider-electric Tsxety4103 Firmware
Schneider-electric Tsxety5103 Firmware
5.5
CVSSv3
CVE-2023-1906
A heap-based buffer overflow issue exists in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a...
Imagemagick Imagemagick 7.1.1-4
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »