8.7
CVE-2024-50054 - mySCADA myPRO Path Traversal
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.
9.3
CVE-2024-47138 - mySCADA myPRO Missing Authentication for Critical Function
The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.
9.2
CVE-2024-45369 - mySCADA myPRO Improper Authentication
The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.
10
CVE-2024-52034 - mySCADA myPRO OS Command Injection
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.
10
CVE-2024-47407 - mySCADA myPRO OS Command Injection
A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.
6.9
CVE-2024-11630 - E-Lins H685/H685f/H700/H720/H750/H820/H820Q/H820Q0/H900 OEM Backend hard-coded credentials
A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and H900 up to 3.2 and classified as critical. This vulnerability affects unknown code of the component OEM Backend. The manipulation leads to hard-coded credentials. The attack can be initiated remotely. Thβ¦
7.8
CVE-2024-9114 - FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target muβ¦
7.8
CVE-2024-9113 - FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target muβ¦
7.8
CVE-2024-9112 - FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FastStone Image Viewer. User interaction is required to exploit this vulnerability in that the target muβ¦
6.8
CVE-2024-8360 - Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability
Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment systems. Authentication is not required to exploit this vulnerabilitβ¦