Page 16 of 83 results (0.013 seconds)

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. El servidor TFTP en el Emerson Process Management ROC800 RTU con software 3.50 y anteriores, DL8000 RTU con software 2.30 y anteriores, y ROC800L RTU con software 1.20 y anteriores permite a atacantes remotos subir archivos y por consiguiente ejecutar código arbitrario a través de vectores sin especificar. • http://ics-cert.us-cert.gov/advisories/ICSA-13-259-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513. El Emerson DeltaV SE3006 hasta la v11.3.1, DeltaV VE3005 hasta la v10.3.1 y v11.x hasta la v11.3.1, y DeltaV VE3006 hasta la v10.3.1 y 11.x hasta la v11.3.1, permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) a través de un paquete manipulado en los puertos (1)TCP 23, (2)UDP 161 o (3)TCP 513. • http://ics-cert.us-cert.gov/pdf/ICSA-13-053-01.pdf • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Buffer overflow in Emerson DeltaV 9.3.1 and 10.3 through 11.3.1 allows remote attackers to cause a denial of service (daemon crash) via a long string to an unspecified port. Desbordamiento de búfer en Emerson DeltaV v9.3.1 y v10.3 a v11.3.1 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una larga cadena a un puerto no especificado. • http://www.securityfocus.com/bid/55719 http://www.us-cert.gov/control_systems/pdf/ICSA-12-265-01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/78972 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 0%CPEs: 9EXPL: 0

An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors. Un control ActiveX no especificado en Emerson DeltaV y DeltaV Workstations v9.3.1, v10.3.1, v11.3, y v11.3.1 y DeltaV ProEssentials Scientific Graph v5.0.0.6 permite a atacantes remotos sobrescribir ficheros a través de vectores desconocidos. • http://osvdb.org/82014 http://secunia.com/advisories/49210 http://www.securityfocus.com/bid/53591 http://www.us-cert.gov/control_systems/pdf/ICSA-12-138-01.pdf • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0

Cross-site scripting (XSS) vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Emerson DeltaV y DeltaV Workstations v9.3.1, v10.3.1, v11.3, y v11.3.1 y DeltaV ProEssentials Scientific Graph v5.0.0.6, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://osvdb.org/81996 http://secunia.com/advisories/49210 http://www.securityfocus.com/bid/53591 http://www.us-cert.gov/control_systems/pdf/ICSA-12-138-01.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •