schneider-electric

778 tracked vulnerabilities.

CVE-2018-7241 CRITICAL
Schneider Electric Modicon and BMXNOR0200 Controllers - Use of Hard-coded Credentials
Apr 18, 2018
CVSS 9.8
EPSS 0.04
CVE-2018-7240 HIGH
Schneider Electric Modicon Quantum - Out-of-bounds Write via FTP Firmware Upgrade
Apr 18, 2018
CVSS 8.8
EPSS 0.03
CVE-2018-7239 HIGH
Schneider Electric SoMove and DTM Software < 2.6.2 - DLL Hijacking
Mar 09, 2018
CVSS 7.8
EPSS 0.03
CVE-2018-7238 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - Unauthenticated Remote Code Execution via Buffer Overflow
Mar 09, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-7237 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - Unauthenticated Arbitrary File Deletion via set_param
Mar 09, 2018
CVSS 9.1
EPSS 0.02
CVE-2018-7236 HIGH
Schneider Electric Pelco Sarix Professional < 3.29.67 - Unauthenticated SSH Service Enablement via /login/bin/set_param
Mar 09, 2018
CVSS 8.1
EPSS 0.01
CVE-2018-7235 HIGH
Schneider Electric Pelco Sarix Professional < 3.29.67 - Arbitrary System File Download via system.download.sd_file
Mar 09, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-7234 HIGH
Schneider Electric Pelco Sarix Professional < 3.29.67 - Arbitrary File Download via Improper Certificate Validation
Mar 09, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-7233 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - OS Command Injection via model_name or mac_address Parameter
Mar 09, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-7232 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - OS Command Injection
Mar 09, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-7231 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - OS Command Injection via system.opkg.remove Parameter
Mar 09, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-7230 HIGH
Schneider Electric Pelco Sarix Professional < 3.29.67 - XML External Entity Injection via Web Interface Import
Mar 09, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-7229 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - Unauthenticated Authentication Bypass via Hardcoded Credentials
Mar 09, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-7228 CRITICAL
Schneider Electric Pelco Sarix Professional < 3.29.67 - Unauthenticated Authentication Bypass
Mar 09, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-7227 MEDIUM
Schneider Electric Pelco Sarix Professional < 3.29.67 - Unauthenticated Sensitive Information Exposure via Crafted URL
Mar 09, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-2678 MEDIUM
Oracle JDK and JRE - Unauthenticated Partial Denial of Service via JNDI
Jan 18, 2018
CVSS 4.3
EPSS 0.05
CVE-2018-2677 MEDIUM
Oracle Java SE <9.0.1 - Info Disclosure
Jan 18, 2018
CVSS 4.3
EPSS 0.05
CVE-2018-2663 MEDIUM
Oracle Java SE <9.0.1 - Info Disclosure
Jan 18, 2018
CVSS 4.3
EPSS 0.05
CVE-2018-2657 MEDIUM
Oracle Java SE <7u161 - Use After Free
Jan 18, 2018
CVSS 5.3
EPSS 0.08
CVE-2018-2641 MEDIUM
Oracle Java SE <9.0.1 - Info Disclosure
Jan 18, 2018
CVSS 6.1
EPSS 0.05
CVE-2018-2637 HIGH
Oracle JDK and JRE - Unauthenticated Data Manipulation and Access via JMX
Jan 18, 2018
CVSS 7.4
EPSS 0.05
CVE-2018-2634 MEDIUM
Oracle JDK 7u161, 8u152, 9.0.1 and Java SE Embedded 8u151 - Unauthenticated Data Access via JGSS
Jan 18, 2018
CVSS 6.8
EPSS 0.05
CVE-2018-2633 HIGH
Oracle Java SE <9.0.1 - Info Disclosure
Jan 18, 2018
CVSS 8.3
EPSS 0.06
CVE-2018-2629 MEDIUM
Oracle Java SE <9.0.1 - Info Disclosure
Jan 18, 2018
CVSS 5.3
EPSS 0.05
CVE-2018-2618 MEDIUM
Oracle Java SE <9.0.1 - Unauthenticated RCE
Jan 18, 2018
CVSS 5.9
EPSS 0.05