Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.
Published at: July 27, 2020 at 03:15PM
View on website
Etiqueta: government
New vulnerability on the NVD: CVE-2020-1425
A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka ‘Microsoft Windows Codecs Library Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-1457.
Published at: July 27, 2020 at 03:15PM
View on website
New vulnerability on the NVD: CVE-2020-11110
Grafana through 6.7.1 allows stored XSS.
Published at: July 27, 2020 at 09:15AM
View on website
New vulnerability on the NVD: CVE-2020-10604
In OSIsoft PI System multiple products and versions, a remote, unauthenticated attacker could crash PI Network Manager service through specially crafted requests. This can result in blocking connections and queries to PI Data Archive.
Published at: July 24, 2020 at 08:15PM
View on website
New vulnerability on the NVD: CVE-2020-10614
In OSIsoft PI System multiple products and versions, an authenticated remote attacker with write access to PI Vision databases could inject code into a display. Unauthorized information disclosure, deletion, or modification is possible if a victim views the infected display.
Published at: July 24, 2020 at 08:15PM
View on website
Educ Arte Económico 