Latest CVE Feed
-
7.8
HIGHCVE-2016-9332
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result i... Read more
Affected Products : softcms- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8567
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP.... Read more
Affected Products : sicam_pas\/pqs- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-8566
An issue was discovered in Siemens SICAM PAS before 8.00. Because of Storing Passwords in a Recoverable Format, an authenticated local attacker with certain privileges could possibly reconstruct the passwords of users for accessing the database.... Read more
Affected Products : sicam_pas\/pqs- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.1
HIGHCVE-2016-8379
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version... Read more
Affected Products : iologik_e1200_series_firmware iologik_e2200_series_firmware iologik_e1210 iologik_e1211 iologik_e1212 iologik_e1213 iologik_e1214 iologik_e1240 iologik_e1241 iologik_e1242 +9 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8378
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials.... Read more
Affected Products : jenesys_bas_bridge- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.0
HIGHCVE-2016-8377
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an ex... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-8376
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. This non-validated redirect/non-validated forward (OPEN REDIRECT) allows chaining with authenticated vulnerabilities.... Read more
Affected Products : webdatorcentral- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-8374
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versio... Read more
Affected Products : magelis_gtu_universal_panel_firmware magelis_gto_advanced_optimum_panel_firmware magelis_sto5_small_panel_firmware magelis_stu_small_panel_firmware magelis_xbt_gh_advanced_hand-held_panel_firmware magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware magelis_xbt_gt_advanced_touchscreen_panel_firmware magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware magelis_gtu_universal_panel magelis_gto_advanced_optimum_panel +6 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.1
HIGHCVE-2016-8372
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version... Read more
Affected Products : iologik_e1200_series_firmware iologik_e2200_series_firmware iologik_e1210 iologik_e1211 iologik_e1212 iologik_e1213 iologik_e1214 iologik_e1240 iologik_e1241 iologik_e1242 +9 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-8370
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC.... Read more
Affected Products : qj71e71-100_firmware qj71e71-b5_firmware qj71e71-b2_firmware qj71e71-100 qj71e71-b5 qj71e71-b2- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-8369
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request (CROSS-SITE REQUEST FORGERY).... Read more
Affected Products : jenesys_bas_bridge- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.6
HIGHCVE-2016-8368
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, ... Read more
Affected Products : qj71e71-100_firmware qj71e71-b5_firmware qj71e71-b2_firmware qj71e71-100 qj71e71-b5 qj71e71-b2- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2016-8367
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versio... Read more
Affected Products : magelis_gtu_universal_panel_firmware magelis_gto_advanced_optimum_panel_firmware magelis_sto5_small_panel_firmware magelis_stu_small_panel_firmware magelis_xbt_gh_advanced_hand-held_panel_firmware magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware magelis_xbt_gt_advanced_touchscreen_panel_firmware magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware magelis_gtu_universal_panel magelis_gto_advanced_optimum_panel +6 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2016-8364
An issue was discovered in IBHsoftec S7-SoftPLC prior to 4.12b. Object memory can read a network packet that is larger than the space that is available, a Heap-based Buffer Overflow.... Read more
Affected Products : s7-softplc- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2016-8363
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Ser... Read more
Affected Products : awk-3131a_firmware oncellg3470a-lte_firmware awk-4131a_firmware awk-3191_firmware awk-5232_firmware awk-6232_firmware awk-1121_firmware awk-1127_firmware wac-1001_v2_firmware wac-2004_firmware +18 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2016-8362
An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Ser... Read more
Affected Products : awk-3131a_firmware oncellg3470a-lte_firmware awk-4131a_firmware awk-3191_firmware awk-5232_firmware awk-6232_firmware awk-1121_firmware awk-1127_firmware wac-1001_v2_firmware wac-2004_firmware +18 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.6
HIGHCVE-2016-8361
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication.... Read more
Affected Products : jenesys_bas_bridge- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.1
HIGHCVE-2016-8360
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a d... Read more
Affected Products : softcms- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-8359
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version... Read more
Affected Products : iologik_e1200_series_firmware iologik_e2200_series_firmware iologik_e1210 iologik_e1211 iologik_e1212 iologik_e1213 iologik_e1214 iologik_e1240 iologik_e1241 iologik_e1242 +9 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.1
HIGHCVE-2016-8357
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make ch... Read more
Affected Products : jenesys_bas_bridge- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025