Latest CVE Feed
-
9.8
CRITICALCVE-2017-7905
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protect... Read more
Affected Products : multilin_sr_750_feeder_protection_relay_firmware multilin_sr_760_feeder_protection_relay_firmware multilin_sr_469_motor_protection_relay_firmware multilin_sr_489_generator_protection_relay_firmware multilin_sr_745_transformer_protection_relay_firmware multilin_sr_369_motor_protection_relay_firmware multilin_universal_relay_firmware multilin_urplus_d90_firmware multilin_urplus_c90_firmware multilin_urplus_b95_firmware +10 more products- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7903
A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versi... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7902
A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.0
HIGHCVE-2017-7901
A Predictable Value Range from Previous Values issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7899
An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-7898
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-6046
An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Sensitive information is insufficiently protected during transmission and v... Read more
Affected Products : airlink_raven_xe_firmware airlink_raven_xt_firmware airlink_raven_xe airlink_raven_xt- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2017-6044
An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a r... Read more
Affected Products : airlink_raven_xe_firmware airlink_raven_xt_firmware airlink_raven_xe airlink_raven_xt- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-6042
A Cross-Site Request Forgery issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Affected devices do not verify if a request was intentionally sent by the logged-in us... Read more
Affected Products : airlink_raven_xe_firmware airlink_raven_xt_firmware airlink_raven_xe airlink_raven_xt- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-6041
An Unrestricted Upload issue was discovered in Marel Food Processing Systems M3000 terminal associated with the following systems: A320, A325, A371, A520 Master, A520 Slave, A530, A542, A571, Check Bin Grader, FlowlineQC T376, IPM3 Dual Cam v132, IPM3 Dua... Read more
Affected Products : a320_firmware a325_firmware a371_firmware a520_master_firmware a520_slave_firmware a530_firmware a542_firmware a571_firmware check_bin_grader_firmware flowlineqc_t376_firmware +34 more products- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2017-6040
An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously.... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
7.1
HIGHCVE-2017-6038
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request.... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-6036
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destin... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-6034
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: ... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2017-6032
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-force attacks.... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-6030
A Predictable Value Range from Previous Values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions... Read more
Affected Products : modicon_m221_firmware modicon_m241_firmware modicon_m251_firmware modicon_m241 modicon_m251 modicon_m221- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-6028
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them su... Read more
Affected Products : modicon_m221_firmware modicon_m241_firmware modicon_m251_firmware modicon_m241 modicon_m251- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.1
CRITICALCVE-2017-6026
A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the we... Read more
Affected Products : modicon_m221_firmware modicon_m241_firmware modicon_m251_firmware modicon_m241 modicon_m251- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-6022
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, wh... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-6018
An open redirect issue was discovered in B. Braun Medical SpaceCom module, which is integrated into the SpaceStation docking station: SpaceStation with SpaceCom module (integrated as part number 8713142U), software versions prior to Version 012U000040, an... Read more
- Published: Jun. 30, 2017
- Modified: Apr. 20, 2025