Marc ARNAERT
to main page send mail
 
Based on Open Source »

To do it yourself »

Just follow the ebooks »
About Arnaert Marc Arnaert Open FTP Prefered Links Security Feeds Arnaert Marc Publications Arnaert Marc Games Arnaert genealogy

Arnaert.com

Phoenix Contact Automation Worx Software Suite

Advisory Document
, 09/07/2020 | Source: ICS-CERT Advisory Feed

This advisory contains mitigations for Stack-Based Buffer overflow and Out-of-Bounds Read vulnerabilities in Phoenix Contact Automation Worx Software Suite. 

Rockwell Automation Logix Designer Studio 5000

Advisory Document
, 09/07/2020 | Source: ICS-CERT Advisory Feed

This advisory contains mitigations for Stack-Based Buffer Overflow and Out-of-Bounds Read vulnerabilities in Rockwell Automation Studio 5000 Logix Designer.

Grundfos CIM 500

Advisory Document
, 08/07/2020 | Source: ICS-CERT Advisory Feed

This advisory contains mitigations for unprotected storage of credentials and missing authentication for critical function vulnerabilities in Grundfos CIM 500 products. 

[webapps] SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)

SuperMicro IPMI 03.40 - Cross-Site Request Forgery (Add Admin)

[webapps] BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)

BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password)

CVE-2020-15034 (nedi)

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Setup.php tet parameter.

CVE-2020-15035 (nedi)

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter.

CVE-2020-15033 (nedi)

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the snmpget.php ip parameter.

CVE-2020-15032 (nedi)

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Incidents.php id parameter.

CVE-2020-15031 (nedi)

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Assets-Management.php chg parameter.
An aggregation of cybersecurity feeds

Feeds :
ICS, CERT, Exploit-DB, Greenbone, SoldierX
Terms of Use | Privacy Statement (c) Marc Arnaert. All rights reserved