Severity High Analysis Summary Apache WSS4J 1.6.5 contained a countermeasure for Bleichenbacher’s attack on XML Encryption, where the PKCS#1 v1.5 Key Transport Algorithm is used to […]

Severity High Analysis Summary CVE-2019-2725 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware. Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily […]

Severity High Analysis Summary The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker […]

Severity Medium Analysis Summary An out-of-bounds vulnerability exists and could be exploited by the application processing a specially crafted project file. Exploitation could cause a software […]

Severity Medium Analysis Summary CVE-2011-3389 The SSL protocol encrypts data by using CBC mode with chained initialization vectors, which may allow a man-in-the-middle attack to obtain […]

Severity High Analysis Summary The integrated configuration web application (TIA Administrator) may allow an attacker to execute certain application commands without proper authentication. Impact Improper Access […]

Severity Medium Analysis Summary The SIMATIC WinCC DataMonitor web application of the affected products allows an authenticated user with network access to the WinCC DataMonitor application […]

Severity Medium Analysis Summary CVE-2019-10982 Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, allowing an attacker to remotely execute arbitrary […]

Severity Medium Analysis Summary An error related to the “net_hash_mix()” function (include/net/netns/hash.h) can be exploited to disclose certain kernel memory addresses and subsequently bypass KASLR. Impact […]