Show filters
252 Total Results
Displaying 91-100 of 252
Sort by:
Attacker Value
Unknown
CVE-2022-44702
Disclosure Date: December 13, 2022 (last updated November 18, 2023)
Windows Terminal Remote Code Execution Vulnerability
0
Attacker Value
Unknown
CVE-2022-41671
Disclosure Date: November 04, 2022 (last updated December 22, 2024)
A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’) vulnerability exists that allows adversaries with local user privileges to craft a malicious SQL query and execute as part of project migration which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
0
Attacker Value
Unknown
CVE-2022-41670
Disclosure Date: November 04, 2022 (last updated December 22, 2024)
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
0
Attacker Value
Unknown
CVE-2022-41669
Disclosure Date: November 04, 2022 (last updated December 22, 2024)
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in the SGIUtility component that allows adversaries with local user privileges to load a malicious DLL which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
0
Attacker Value
Unknown
CVE-2022-41667
Disclosure Date: November 04, 2022 (last updated December 22, 2024)
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
0
Attacker Value
Unknown
CVE-2022-41668
Disclosure Date: November 04, 2022 (last updated December 22, 2024)
A CWE-704: Incorrect Project Conversion vulnerability exists that allows adversaries with local user privileges to load a project file from an adversary-controlled network share which could result in execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
0
Attacker Value
Unknown
CVE-2022-41666
Disclosure Date: November 04, 2022 (last updated December 22, 2024)
A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal Expert(V3.3 Hotfix 1 or prior), Pro-face BLUE(V3.3 Hotfix1 or prior).
0
Attacker Value
Unknown
CVE-2022-42066
Disclosure Date: October 14, 2022 (last updated October 08, 2023)
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
0
Attacker Value
Unknown
CVE-2022-3268
Disclosure Date: September 22, 2022 (last updated October 08, 2023)
Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2.
0
Attacker Value
Unknown
CVE-2022-3251
Disclosure Date: September 21, 2022 (last updated October 08, 2023)
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2.
0
