Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36463 | 2024-11-26 | N/A | 6.5 MEDIUM | ||
| The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. | |||||
| CVE-2024-34162 | 2024-11-26 | N/A | 5.3 MEDIUM | ||
| The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]. | |||||
| CVE-2020-26868 | 1 Pcvuesolutions | 1 Pcvue | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit. | |||||
| CVE-2016-8380 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. | |||||