schneider-electric

778 tracked vulnerabilities.

CVE-2018-2603 MEDIUM
Oracle JDK 6u171, 7u161, 8u152, 9.0.1; Java SE Embedded 8u151; JRockit R28.3.16 - Partial DoS via Multiple Protocols
Jan 18, 2018
CVSS 5.3
EPSS 0.07
CVE-2018-2602 MEDIUM
Oracle Java SE <9.0.1 - Info Disclosure
Jan 18, 2018
CVSS 4.5
EPSS 0.01
CVE-2018-2599 MEDIUM
Oracle Java SE <9.0.1 - Unauthorized Update
Jan 18, 2018
CVSS 4.8
EPSS 0.04
CVE-2018-2588 MEDIUM
Oracle JDK and JRE - Unauthorized Data Access via LDAP
Jan 18, 2018
CVSS 4.3
EPSS 0.03
CVE-2018-2582 MEDIUM
Oracle Java SE <9.0.1 - RCE
Jan 18, 2018
CVSS 6.5
EPSS 0.05
CVE-2018-2579 LOW
Oracle Java SE <9.0.1 - Unauthenticated Read Access
Jan 18, 2018
CVSS 3.7
EPSS 0.04
CVE-2017-9637 MEDIUM
Schneider Electric Ampla MES <6.5 - Info Disclosure
May 18, 2018
CVSS 4.1
EPSS 0.00
CVE-2017-9635 LOW
Schneider Electric Ampla MES <6.5 - Password Reversal
May 18, 2018
CVSS 3.9
EPSS 0.00
CVE-2017-6021 HIGH
Schneider Electric ClearSCADA < 2014 R1.1 - Denial of Service via Crafted Command Sequences
May 14, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-9970 HIGH
Schneider Electric StruxureOn Gateway <= 1.1.3 - Remote Code Execution via Zip Metadata Injection
Feb 12, 2018
CVSS 7.2
EPSS 0.05
CVE-2017-9969 MEDIUM
Schneider Electric IGSS Mobile < 3.01 - Insufficiently Protected Credentials
Feb 12, 2018
CVSS 6.7
EPSS 0.00
CVE-2017-9968 MEDIUM
Schneider Electric IGSS Mobile < 3.01 - Man-in-the-Middle via Certificate Validation Bypass
Feb 12, 2018
CVSS 5.9
EPSS 0.01
CVE-2017-9967 HIGH
Schneider Electric's IGSS SCADA Software <12 - Info Disclosure
Feb 12, 2018
CVSS 7.8
EPSS 0.00
CVE-2017-9963 HIGH
PowerSCADA Anywhere 1.0 - Cross-Site Request Forgery in Secure Gateway
Feb 12, 2018
CVSS 8.1
EPSS 0.00
CVE-2017-9966 HIGH
Pelco VideoXpert < 2.1 - Privilege Escalation via File Replacement
Jan 02, 2018
CVSS 7.1
EPSS 0.02
CVE-2017-9965 MEDIUM NUCLEI
Pelco VideoXpert < 2.1 - Unauthenticated Sensitive Information Exposure via Directory Traversal
Jan 02, 2018
CVSS 5.8
EPSS 0.05
CVE-2017-9964 MEDIUM
Schneider Electric Pelco VideoXpert < 2.1 - Path Traversal via Communication Sniffing
Jan 02, 2018
CVSS 6.9
EPSS 0.02
CVE-2017-14024 CRITICAL
Schneider Electric InduSoft Web Studio and InTouch Machine Edition < 8.0 - Stack-based Buffer Overflow
Nov 13, 2017
CVSS 9.8
EPSS 0.06
CVE-2017-13997 CRITICAL
Schneider Electric InduSoft Web Studio <8.0 SP2 - Auth Bypass
Oct 03, 2017
CVSS 9.8
EPSS 0.05
CVE-2017-9961 HIGH
Schneider Electric's Pro-Face GP Pro EX <4.07.000 - RCE
Sep 26, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9960 MEDIUM
Schneider Electric U.motion Builder <= 1.2.1 - Unauthenticated Sensitive Information Exposure via Error Response
Sep 26, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-9959 MEDIUM
Schneider Electric U.motion Builder <= 1.2.1 - Unauthenticated Denial of Service via Reboot Command
Sep 26, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-9958 HIGH
Schneider Electric U.motion Builder <= 1.2.1 - Unauthenticated Arbitrary Code Execution via Improper Access Control
Sep 26, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9957 CRITICAL
Schneider Electric U.motion Builder <= 1.2.1 - Use of Hard-coded Credentials
Sep 26, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-9956 HIGH
Schneider Electric U.motion Builder <= 1.2.1 - Authentication Bypass via Hard-coded Session ID
Sep 26, 2017
CVSS 7.3
EPSS 0.01