Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
energy vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2024-3982
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already established session. By default, the session logging level is not enabled and only users w...
Hitachienergy Microscada X Sys600
8.8
CVSSv3
CVE-2024-4872
A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated malicious user to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credenti...
Hitachienergy Microscada Pro Sys600 9.4
Hitachienergy Microscada X Sys600
9.8
CVSSv3
CVE-2024-7940
The product exposes a service that is intended for local only to all network interfaces without any authentication.
Hitachienergy Microscada X Sys600
4.3
CVSSv3
CVE-2024-7941
An HTTP parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Hitachienergy Microscada X Sys600 10.5
2.5
CVSSv3
CVE-2016-5849
Siemens SICAM PAS up to and including 8.07 allows local users to obtain sensitive configuration information by leveraging database stoppage.
Siemens Sicam Pas/pqs
1 Article
6.8
CVSSv3
CVE-2024-1532
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file.
8.2
CVSSv3
CVE-2024-1531
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could print random memory content in the RTU500 system log, if an authorized user uploads a specially crafted stb-language file.
8.8
CVSSv3
CVE-2022-44037
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows malicious users to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows ...
Apsystems Ecu-c Firmware C1.2.2
Apsystems Ecu-c Firmware V3.11.4
Apsystems Ecu-c Firmware V4.1na
Apsystems Ecu-c Firmware V4.1saa
Apsystems Ecu-c Firmware W2.1na
7.5
CVSSv3
CVE-2019-5097
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthen...
Embedthis Goahead 3.6.5
Embedthis Goahead 4.1.1
Embedthis Goahead 5.0.1
5.7
CVSSv3
CVE-2024-7391
ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent malicious users to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. User interaction is required to explo...
Chargepoint Home Flex Firmware 5.5.3.13
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
XML external entity
remote code execution
CVE-2024-44136
CVE-2025-21321
CVE-2024-41454
CVE-2024-55503
insecure direct object reference
CVE-2025-20088
CVE-2024-44243
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »