Latest CVE Feed
-
7.5
HIGHCVE-2016-9344
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. An attacker may be able to brute force an active session cookie to be able to download configuration files.... Read more
Affected Products : miineport_e1_firmware miineport_e3_firmware miineport_e2_firmware miineport_e3 miineport_e1 miineport_e2- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
10.0
CRITICALCVE-2016-9343
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet,... Read more
Affected Products : softlogix_5800_controller_firmware rslogix_emulate_5000_firmware guardlogix_5570_controller_firmware flexlogix_l34_controller_firmware controllogix_l55_controller_firmware controllogix_5570_redundant_controller_firmware controllogix_5570_controller_firmware controllogix_5560_redundant_controller_firmware controllogix_5560_controller_firmware 1769_compactlogix_l3x_controller_firmware +22 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2016-9339
An issue was discovered in INTERSCHALT Maritime Systems VDR G4e Versions 5.220 and prior. External input is used to construct paths to files and directories without properly neutralizing special elements within the pathname that could allow an attacker to... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
4.0
MEDIUMCVE-2016-9338
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.8
MEDIUMCVE-2016-9337
An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1 (2.36.31) with web browser functionality enabled. The vehicle's Gateway ECU is susceptible to commands that may allow an attacker to install malicious sof... Read more
Affected Products : gateway_ecu- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.3
HIGHCVE-2016-9334
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-9333
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input (SQL INJECTIO... Read more
Affected Products : softcms- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-9332
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result i... Read more
Affected Products : softcms- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8567
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded passwords is present in the SICAM PAS installations. Attackers might gain privileged access to the database over Port 2638/TCP.... Read more
Affected Products : sicam_pas\/pqs- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-8566
An issue was discovered in Siemens SICAM PAS before 8.00. Because of Storing Passwords in a Recoverable Format, an authenticated local attacker with certain privileges could possibly reconstruct the passwords of users for accessing the database.... Read more
Affected Products : sicam_pas\/pqs- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.1
HIGHCVE-2016-8379
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version... Read more
Affected Products : iologik_e1200_series_firmware iologik_e2200_series_firmware iologik_e1210 iologik_e1211 iologik_e1212 iologik_e1213 iologik_e1214 iologik_e1240 iologik_e1241 iologik_e1242 +9 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-8378
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials.... Read more
Affected Products : jenesys_bas_bridge- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.0
HIGHCVE-2016-8377
An issue was discovered in Fatek Automation PLC WinProladder Version 3.11 Build 14701. A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an ex... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-8376
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0. This non-validated redirect/non-validated forward (OPEN REDIRECT) allows chaining with authenticated vulnerabilities.... Read more
Affected Products : webdatorcentral- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-8374
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versio... Read more
Affected Products : magelis_gtu_universal_panel_firmware magelis_gto_advanced_optimum_panel_firmware magelis_sto5_small_panel_firmware magelis_stu_small_panel_firmware magelis_xbt_gh_advanced_hand-held_panel_firmware magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware magelis_xbt_gt_advanced_touchscreen_panel_firmware magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware magelis_gtu_universal_panel magelis_gto_advanced_optimum_panel +6 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.1
HIGHCVE-2016-8372
An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version... Read more
Affected Products : iologik_e1200_series_firmware iologik_e2200_series_firmware iologik_e1210 iologik_e1211 iologik_e1212 iologik_e1213 iologik_e1214 iologik_e1240 iologik_e1241 iologik_e1242 +9 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-8370
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. Weakly encrypted passwords are transmitted to a MELSEC-Q PLC.... Read more
Affected Products : qj71e71-100_firmware qj71e71-b5_firmware qj71e71-b2_firmware qj71e71-100 qj71e71-b5 qj71e71-b2- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-8369
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request (CROSS-SITE REQUEST FORGERY).... Read more
Affected Products : jenesys_bas_bridge- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.6
HIGHCVE-2016-8368
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface modules QJ71E71-100, all versions, QJ71E71-B5, all versions, and QJ71E71-B2, all versions. The affected Ethernet interface module is connected to a MELSEC-Q PLC, ... Read more
Affected Products : qj71e71-100_firmware qj71e71-b5_firmware qj71e71-b2_firmware qj71e71-100 qj71e71-b5 qj71e71-b2- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2016-8367
An issue was discovered in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versio... Read more
Affected Products : magelis_gtu_universal_panel_firmware magelis_gto_advanced_optimum_panel_firmware magelis_sto5_small_panel_firmware magelis_stu_small_panel_firmware magelis_xbt_gh_advanced_hand-held_panel_firmware magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware magelis_xbt_gt_advanced_touchscreen_panel_firmware magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware magelis_gtu_universal_panel magelis_gto_advanced_optimum_panel +6 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025