Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
energy vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-13543
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they c...
Medtronic Valleylab Exchange Client
Medtronic Valleylab Ft10 Energy Platform Firmware
Medtronic Valleylab Fx8 Energy Platform Firmware
7.5
CVSSv3
CVE-2019-14521
The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows malicious users to send any kind of file to any location on the server via path traversal in the filename parameter.
Emca Energy Logserver 6.1.2
NA
CVE-2014-6002
The DTE Energy (aka com.dteenergy.mydte) application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Dteenergy Dte Energy 3.0.3
4.3
CVSSv3
CVE-2016-1562
The REST API in the DTE Energy Insight application prior to 1.7.8 for Android allows remote authenticated users to obtain unspecified customer information via a SQL expression in the filter parameter.
Dte Energy Insight 1.7.7
5.5
CVSSv3
CVE-2020-12912
A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an malicious user to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interfa...
Amd Energy Driver For Linux
7.8
CVSSv3
CVE-2018-14812
An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access to the system with the same level of privilege as the app...
Fujielectric Energy Savings Estimator 1.0.2.0
5.4
CVSSv3
CVE-2017-1345
IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Fo...
Ibm Insights Foundation For Energy 2.0
9.8
CVSSv3
CVE-2023-28343
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.
Apsystems Energy Communication Unit Firmware C1.2.5
2 Github repositories
4.3
CVSSv3
CVE-2017-1342
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457.
Ibm Insights Foundation For Energy 2.0
8.8
CVSSv3
CVE-2017-1311
IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 125719.
Ibm Insights Foundation For Energy 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »