Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
energy vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-37293
A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in index.php.
Kevinlab 4st L-bems 1.0.0
5.3
CVSSv3
CVE-2022-29578
Meridian Cooperative Utility Software versions 22.02 and 22.03 allows remote malicious users to obtain sensitive information such as name, address, and daily energy usage.
Meridian Meridian 22.03
Meridian Meridian 22.02
9.8
CVSSv3
CVE-2022-45088
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion.This issue affects Smartpower Web: prior to 23.01.01.
Gruparge Smartpower Web
4.4
CVSSv3
CVE-2022-1778
Improper Input Validation vulnerability in Hitachi Energy MicroSCADA X SYS600 while reading a specific configuration file causes a buffer-overflow that causes a failure to start the SYS600. The configuration file can only be accessed by an administrator access. This issue affects...
Hitachienergy Microscada X Sys600
6.5
CVSSv3
CVE-2019-17060
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and previous versions) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a...
Nxp Mcuxpresso Software Development Kit
9.8
CVSSv3
CVE-2022-33321
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mi...
Mitsubishielectric Mac-557if-e Firmware
Mitsubishielectric Mac-557if-e1 Firmware
Mitsubishielectric Pac-wf010-e Firmware
Mitsubishielectric Mac-566ifb-e Firmware
Mitsubishielectric Mac-576if-e1 Firmware
Mitsubishielectric Mac-567ifb-e Firmware
Mitsubishielectric Mac-567ifb2-e Firmware
Mitsubishielectric Mac-558if-e Firmware
Mitsubishielectric Mac-558if-e1 Firmware
Mitsubishielectric Mac-559if-e Firmware
Mitsubishielectric Mac-559if-e1 Firmware
Mitsubishielectric Mac-568if-e Firmware
Mitsubishielectric Mac-568ifb-e Firmware
Mitsubishielectric Mac-568ifb2-e Firmware
Mitsubishielectric Mac-568ifb3-e Firmware
Mitsubishielectric Pac-whs01wf-e Firmware
Mitsubishielectric S-mac-702if-f Firmware
Mitsubishielectric S-mac-702if-z Firmware
Mitsubishielectric S-mac-702if-b Firmware
Mitsubishielectric S-mac-905if Firmware
Mitsubishielectric S-mac-906if Firmware
Mitsubishielectric Msz-ap60\\/71vgk-e1 Firmware
6.5
CVSSv3
CVE-2017-18642
Syska Smart Bulb devices through 2017-08-06 receive RGB parameters over cleartext Bluetooth Low Energy (BLE), leading to sniffing, reverse engineering, and replay attacks.
Syska Smartlight Rainbow Led Smart Bulb Firmware
6.5
CVSSv3
CVE-2022-45085
Server-Side Request Forgery (SSRF) vulnerability in Group Arge Energy and Control Systems Smartpower Web allows : Server Side Request Forgery.This issue affects Smartpower Web: prior to 23.01.01.
Gruparge Smartpower Web
7.5
CVSSv3
CVE-2021-35533
Improper Input Validation vulnerability in the APDU parser in the Bidirectional Communication Interface (BCI) IEC 60870-5-104 function of Hitachi Energy RTU500 series allows an malicious user to cause the receiving RTU500 CMU of which the BCI is enabled to reboot when receiving a...
Hitachienergy Rtu500 Firmware 12.0
Hitachienergy Rtu500 Firmware 12.2
Hitachienergy Rtu500 Firmware 12.4
7.5
CVSSv3
CVE-2022-2277
Improper Input Validation vulnerability exists in the Hitachi Energy MicroSCADA X SYS600's ICCP stack during the ICCP communication establishment causes a denial-of-service when ICCP of SYS600 is request to forward any data item updates with timestamps too distant in the fut...
Hitachienergy Microscada X Sys600
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »