Latest CVE Feed
-
9.8
CRITICALCVE-2018-11462
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < ... Read more
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
6.6
MEDIUMCVE-2018-11461
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < ... Read more
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11460
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < ... Read more
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11459
A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < ... Read more
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-11458
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected pr... Read more
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-11457
A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated web server on port 4842/tcp of the affected pr... Read more
- Published: Dec. 12, 2018
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2018-11456
A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine whether or not a network port on another remote system is... Read more
Affected Products : automation_license_manager- Published: Aug. 07, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-11455
A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote attacker to move arbitrary files, which can result ... Read more
Affected Products : automation_license_manager- Published: Aug. 07, 2018
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2018-11454
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Po... Read more
- Published: Aug. 07, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11453
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Po... Read more
- Published: Aug. 07, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11452
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions)... Read more
Affected Products : dnp3_tcp_firmware iec_61850_firmware iec104_firmware modbus_tcp_firmware profinet_io_firmware cp100_firmware cp200_firmware cp300_firmware en100 6md85 +23 more products- Published: Jul. 23, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11451
A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions)... Read more
Affected Products : dnp3_tcp_firmware iec_61850_firmware iec104_firmware modbus_tcp_firmware profinet_io_firmware cp100_firmware cp200_firmware cp300_firmware en100 6md85 +23 more products- Published: Jul. 23, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-11450
A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewri... Read more
Affected Products : teamcenter_product_lifecycle_management- Published: Jul. 09, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-11449
A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A succes... Read more
- Published: Jun. 26, 2018
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2018-11448
A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a stored Cross-Site Scripting (XSS) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requi... Read more
- Published: Jun. 26, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-11447
A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requi... Read more
- Published: Jun. 26, 2018
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2018-11446
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a ma... Read more
Affected Products : gold_reward- Published: Jun. 25, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-11445
A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. A User can be added with the Admin role.... Read more
Affected Products : easyservice_billing- Published: May. 25, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-11444
A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0.... Read more
Affected Products : easyservice_billing- Published: May. 25, 2018
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2018-11443
The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0.... Read more
Affected Products : easyservice_billing- Published: May. 25, 2018
- Modified: Nov. 21, 2024