CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 0CVE-2023-51777
https://notcve.org/view.php?id=CVE-2023-51777
02 Jul 2024 — Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error. Vulnerabilidad de denegación de servicio (DoS) en Jungo WinDriver anterior a 12.1.0 permite a atacantes locales provocar un error de pantalla azul de Windows. • https://jungo.com/windriver/versions •
CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 0CVE-2023-51778
https://notcve.org/view.php?id=CVE-2023-51778
02 Jul 2024 — Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.1.0 allows local attackers to cause a Windows blue screen error and Denial of Service (DoS). La vulnerabilidad de escritura fuera de los límites en Jungo WinDriver anterior a 12.1.0 permite a atacantes locales provocar un error de pantalla azul de Windows y denegación de servicio (DoS). • https://jungo.com/windriver/versions • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-1917
https://notcve.org/view.php?id=CVE-2024-1917
15 Mar 2024 — Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. Vulnerabilidad de desbordamiento de enteros o envoltura en los módulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute código malicioso en un producto objetivo enviando un paqu... • https://jvn.jp/vu/JVNVU99690199 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-1916
https://notcve.org/view.php?id=CVE-2024-1916
15 Mar 2024 — Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. Vulnerabilidad de desbordamiento de enteros o envoltura en los módulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute código malicioso en un producto objetivo enviando un paqu... • https://jvn.jp/vu/JVNVU99690199 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-1915
https://notcve.org/view.php?id=CVE-2024-1915
15 Mar 2024 — Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. Vulnerabilidad de escalado de puntero incorrecto en los módulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute código malicioso en un producto objetivo enviando un paquete especial... • https://jvn.jp/vu/JVNVU99690199 • CWE-468: Incorrect Pointer Scaling •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-0803
https://notcve.org/view.php?id=CVE-2024-0803
14 Mar 2024 — Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. Vulnerabilidad de desbordamiento de enteros o envoltura en los módulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado ejecute código malicioso en un producto objetivo enviando un paqu... • https://jvn.jp/vu/JVNVU99690199 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2024-0802
https://notcve.org/view.php?id=CVE-2024-0802
14 Mar 2024 — Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted packet. Vulnerabilidad de escalado de puntero incorrecto en los módulos de CPU de las series MELSEC-Q y MELSEC-L de Mitsubishi Electric Corporation permite a un atacante remoto no autenticado leer información arbitraria... • https://jvn.jp/vu/JVNVU99690199 • CWE-468: Incorrect Pointer Scaling •
CVSS: 10.0EPSS: 3%CPEs: 10EXPL: 0CVE-2023-6943
https://notcve.org/view.php?id=CVE-2023-6943
30 Jan 2024 — Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthe... • https://jvn.jp/vu/JVNVU95103362 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-6942
https://notcve.org/view.php?id=CVE-2023-6942
30 Jan 2024 — Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentica... • https://jvn.jp/vu/JVNVU95103362 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6374
https://notcve.org/view.php?id=CVE-2023-6374
30 Jan 2024 — Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 all serial numbers allows a remote unauthenticated attacker to bypass authentication by capture-replay attack and illegally login to the affected module. As a result, the remote attacker who has logged in illegally may be able to disclose or tamper with the programs and parameters in the modules. Vulnerabilidad de omisión de autenticación mediante Capture-replay en Mitsubishi Electric Corp... • https://jvn.jp/vu/JVNVU99497477 • CWE-294: Authentication Bypass by Capture-replay •