Stay connected

Trending News

News, Vulnerabilities

Siemens Industrial Products (Update H) 

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Siemens Equipment: Industrial Products Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-17-339-01 Siemens Industrial Products (Update G) published September 11,…

News, Vulnerabilities

Carestream Vue RIS 

1. EXECUTIVE SUMMARY CVSS v3 3.7 ATTENTION: Exploitable remotely Vendor: Carestream Equipment: Carestream Vue RIS Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION An attacker with access to the network of the affected system can passively read traffic. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions…

News, Vulnerabilities

Change Healthcare PeerVue Web Server 

1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable on an adjacent network/low skill level to exploit Vendor: Change Healthcare Equipment: PeerVue Web Server Vulnerability: Information Exposure Through an Error Message 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain technical information about the PeerVue…

News, Vulnerabilities

WECON PI Studio 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: WECON Technology Co., Ltd. (WECON) Equipment: PI Studio Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Write, Information Exposure Through XML External Entity Reference, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code…

News, Vulnerabilities

Delta Electronics ISPSoft 

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/Low skill level to exploit Vendor: Delta Electronics Equipment: ISPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the context of the application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS…

News, Vulnerabilities

GE Communicator 

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Communicator Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Communicator, an…

News, Vulnerabilities

Entes EMG 12 

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Entes Equipment: EMG 12 Vulnerabilities: Improper Authentication, Information Exposure Through Query Strings in GET Request 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow attackers to gain unauthorized access and could allow the ability…