Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scada vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2021-32954
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an malicious user to remotely read arbitrary files on the file system.
Advantech Webaccess\\/scada
516
VMScore
CVE-2021-32956
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an malicious user to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.
Advantech Webaccess\\/scada
405
VMScore
CVE-2017-6020
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.
Lcds Laquis Scada
1 EDB exploit
641
VMScore
CVE-2017-12728
An Improper Privilege Management issue exists in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an malicious user to execute arbitrary cod...
Spidercontrol Scada Webserver
NA
CVE-2023-1437
All versions before 9.1.4 of Advantech WebAccess/SCADA are vulnerable to use of untrusted pointers. The RPC arguments the client sent could contain raw memory pointers for the server to use as-is. This could allow an malicious user to gain access to the remote file system and the...
Advantech Webaccess\\/scada
356
VMScore
CVE-2018-16672
An issue exists in CIRCONTROL CirCarLife prior to 4.3. Due to the storage of multiple sensitive information elements in a JSON format at /services/system/setup.json, an authenticated but unprivileged user can exfiltrate critical setup information.
Circontrol Circarlife Scada
NA
CVE-2023-42491
EisBaer Scada - CWE-285: Improper Authorization
Busbaer Eisbaer Scada
NA
CVE-2023-4485
ARDEREG ?Sistema SCADA Central versions 2.203 and prior login page are vulnerable to an unauthenticated blind SQL injection attack. An attacker could manipulate the application's SQL query logic to extract sensitive information or perform unauthorized actions within the data...
Ardereg Sistemas Scada
383
VMScore
CVE-2021-32989
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.
Lcds Laquis Scada
NA
CVE-2024-21764
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an malicious user to connect to a specific port.
Rapidscada Rapid Scada
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »