MG Strategy+

Cybersecurity Data Services

 
  • Join Now-Sign Up
  • Log In

SCADA as a SERVICE – Answers to the Challenges Electric Utilities Face Today – Siemens

  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • MGS+ EPCM Workgroup
  • MGS+ ICS Workgroup
  • MGS+ Operational Efficiencies Workgroup
  • MGS+ Partners
  • Uncategorized

001 MGS Alerts Advisories

  • 83.423
    Modified (8)Adware/Hiddad!AndroidAdware/IconHider!AndroidAdware/Masplot!AndroidAdware/MobiDash!AndroidAdware/Teddad!AndroidAndroid/Agent.GKQ!trAndroid/FakeApp.KE!trRiskware/SmsCmd!Android ]]> ... read more
  • 83.422
    Modified (12)Adware/Dowgin!AndroidAdware/Hiddad!AndroidAdware/HiddenAd!AndroidAdware/MobiDash!AndroidAdware/Spap!AndroidAdware/Teddad!AndroidAndroid/Agent.AXY!tr.spyAndroid/Agent.BFV!tr.spyAndroid/Agent.CDS!trAndroid/Agent.FQP!trAndroid/Agent.HBQ!trAndroid/Boogr.GSH!tr ]]> ... read more
  • [webapps] ChurchRota 2.6.4 – RCE (Authenticated)
    ChurchRota 2.6.4 - RCE (Authenticated) ... read more
  • [webapps] Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 – Stored XSS
    Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS ... read more
  • [webapps] Voting System 1.0 – File Upload RCE (Authenticated Remote Code Execution)
    Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution) ... read more
  • JVN: Dnsmasq における複数の脆弱性 (DNSpooq)
    Dnsmasq は、DNS や DHCP 等の機能を提供するオープンソースソフトウェアです。Dnsmasq には、複数の脆弱性が存在します。<br /> これらの脆弱性は発見者によって <a href="https://www.jsof-tech.com/disclosures/dnspooq">DNSpooq</a> と呼称されています。続きを読む ... read more
  • JVN: Reolink 製 P2P Cameras シリーズにおける複数の脆弱性
    Reolink が提供する P2P Cameras シリーズには、複数の脆弱性が存在します。続きを読む ... read more
  • JVN: 複数の Philips 製 Interventional Workstation に OS コマンドインジェクションの脆弱性
    Philips 社が提供する複数の Interventional Workstation には OS コマンドインジェクションの脆弱性が存在します。続きを読む ... read more
  • Rocketgenius Gravity Forms up to 2.4.20 Textarea cross site scripting
    A vulnerability classified as problematic was found in Rocketgenius Gravity Forms up to 2.4.20. This vulnerability affects an unknown functionality of the component Textarea Handler. Upgrading to version 2.4.21 eliminates ... read more
  • Rocketgenius Gravity Forms up to 2.4.20 on WordPress Forms Import cross site scripting
    A vulnerability was found in Rocketgenius Gravity Forms up to 2.4.20 on WordPress (WordPress Plugin). It has been rated as problematic. Affected by this issue is some unknown processing of ... read more
  • XWiki 12.10.2 SVG Document cross site scripting
    A vulnerability, which was classified as problematic, has been found in XWiki 12.10.2 (Content Management System). This issue affects some unknown functionality of the component SVG Document Handler. There is ... read more
  • Rocketgenius Gravity Forms up to 2.4.20 Poll/Quiz cross site scripting
    A vulnerability classified as problematic has been found in Rocketgenius Gravity Forms up to 2.4.20. This affects an unknown function of the component Poll/Quiz. Upgrading to version 2.4.21 eliminates this ... read more
  • vTiger CRM 7.2.0 /libraries Information Disclosure
    Eine problematische Schwachstelle wurde in vTiger CRM 7.2.0 (Customer Relationship Management System) gefunden. Betroffen davon ist ein unbekannter Codeteil der Datei /libraries. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der ... read more
  • Tufin SecureChange bis 19.3 HF2/R20-1 Cross Site Scripting [CVE-2020-13133]
    Es wurde eine problematische Schwachstelle in Tufin SecureChange bis 19.3 HF2/R20-1 entdeckt. Dabei betrifft es ein unbekannter Prozess. Die Schwachstelle lässt sich durch das Einspielen des Patches R19.3 HF3/R20-1 HF1 ... read more
  • XWiki 12.10.2 SVG Document Cross Site Scripting
    Eine Schwachstelle wurde in XWiki 12.10.2 (Content Management System) entdeckt. Sie wurde als problematisch eingestuft. Hierbei geht es um ein unbekannter Ablauf der Komponente SVG Document Handler. Es sind keine ... read more
  • Rocketgenius Gravity Forms bis 2.4.20 Textarea Cross Site Scripting
    In Rocketgenius Gravity Forms bis 2.4.20 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um ein unbekannter Prozess der Komponente Textarea Handler. Ein Upgrade auf die ... read more
  • Rocketgenius Gravity Forms bis 2.4.20 auf WordPress Forms Import Cross Site Scripting
    Eine problematische Schwachstelle wurde in Rocketgenius Gravity Forms bis 2.4.20 auf WordPress (WordPress Plugin) ausgemacht. Es geht hierbei um ein unbekannter Codeblock der Komponente Forms Import. Ein Upgrade auf die ... read more
  • Nagios Log Server bis 2.1.7 create_snapshot snapshot_name Cross Site Scripting
    In Nagios Log Server bis 2.1.7 (Log Management Software) wurde eine problematische Schwachstelle ausgemacht. Es geht um unbekannter Code der Datei /nagioslogserver/configure/create_snapshot. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der ... read more
  • OpenEMR bis 5.0.1 /controller.php erweiterte Rechte
    Es wurde eine kritische Schwachstelle in OpenEMR bis 5.0.1 (Business Process Management Software) ausgemacht. Betroffen hiervon ist unbekannter Programmcode der Datei /controller.php. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der ... read more
  • vTiger CRM bis 7.2.0 vtigercrm/index.php view Cross Site Scripting
    In vTiger CRM bis 7.2.0 (Customer Relationship Management System) wurde eine problematische Schwachstelle gefunden. Betroffen ist ein unbekannter Teil der Datei vtigercrm/index.php. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der ... read more
  • Medintux 2.16.000 CCAM.php mot1 Cross Site Scripting
    Es wurde eine problematische Schwachstelle in Medintux 2.16.000 gefunden. Hiervon betroffen ist eine unbekannte Funktionalität der Datei CCAM.php. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines alternativen Produkts ... read more
  • FHEM 6.0 fhem/FileLog_logWrapper file Information Disclosure
    Eine problematische Schwachstelle wurde in FHEM 6.0 entdeckt. Davon betroffen ist eine unbekannte Funktion der Datei fhem/FileLog_logWrapper. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines alternativen Produkts bietet ... read more
  • Tufin SecureChange bis 19.3 HF2/R20-1 Cross Site Scripting [CVE-2020-13134]
    In Tufin SecureChange bis 19.3 HF2/R20-1 wurde eine problematische Schwachstelle entdeckt. Hierbei betrifft es ein unbekannter Ablauf. Die Schwachstelle lässt sich durch das Einspielen des Patches R19.3 HF3/R20-1 HF1 lösen. ... read more
  • Rocketgenius Gravity Forms bis 2.4.20 Poll/Quiz Cross Site Scripting
    Es wurde eine Schwachstelle in Rocketgenius Gravity Forms bis 2.4.20 entdeckt. Sie wurde als problematisch eingestuft. Es geht dabei um eine unbekannte Verarbeitung der Komponente Poll/Quiz. Ein Aktualisieren auf die ... read more
  • 83.421
    Newly Added (1)Android/Agent.HBQ!trModified (6)Adware/Boogr!AndroidAdware/FoneSpy!AndroidAdware/Loead!AndroidAdware/MobiDash!AndroidAndroid/Agent.BFV!tr.spyAndroid/Hiddad.FW!tr ]]> ... read more
  • 83.420
    Modified (11)Adware/Agent!AndroidAdware/Hiddad!AndroidAdware/HiddenAd!AndroidAdware/Loead!AndroidAdware/MobiDash!AndroidAdware/Nandrobox!AndroidAndroid/Agent.BFV!tr.spyAndroid/Cynos.T!trAndroid/Hiddad.FW!trAndroid/Jocker.CCQ!trAndroid/Obfus.RL!tr ]]> ... read more
  • My AIA SG App 1.2.6 su Android logcat information disclosure
    In My AIA SG App 1.2.6 su Android (Android App Software) è stata rilevato un punto critico di livello problematico. Da questa vulnerabilità è interessato una funzione sconosciuta del componente ... read more
  • Rocketgenius Gravity Forms fino 2.4.20 Poll/Quiz cross site scripting
    Una vulnerabilità di livello problematico è stata rilevata in Rocketgenius Gravity Forms fino 2.4.20. É interessato una funzione sconosciuta del componente Poll/Quiz. L'aggiornamento alla versione 2.4.21 elimina questa vulnerabilità. ... read more
  • Nagios Log Server fino 2.1.7 create_snapshot snapshot_name cross site scripting
    Un punto di criticita di livello problematico è stato rilevato in Nagios Log Server fino 2.1.7 (Log Management Software). Interessato da questa vulnerabilità è una funzione sconosciuta del file /nagioslogserver/configure/create_snapshot. ... read more
  • Laravel fino 6.20.10/7.30.1/8.22.0 Iilluminate Database Package escalazione di privilegi
    In Laravel fino 6.20.10/7.30.1/8.22.0 è stato trovato un punto critico di livello critico. É interessato una funzione sconosciuta del componente Iilluminate Database Package. L'aggiornamento alla versione 6.20.11, 7.30.2 o 8.22.1 ... read more
  • vTiger CRM 7.2.0 /libraries information disclosure
    In vTiger CRM 7.2.0 (Customer Relationship Management System) è stata rilevato un punto critico di livello problematico. É interessato una funzione sconosciuta del file /libraries. Informazioni riguardo una possibile contromisura ... read more
  • OpenEMR fino 5.0.1 /controller.php escalazione di privilegi
    In OpenEMR fino 5.0.1 (Business Process Management Software) è stato trovato un punto critico di livello critico. Riguarda una funzione sconosciuta del file /controller.php. Informazioni riguardo una possibile contromisura non ... read more
  • Medintux 2.16.000 CCAM.php mot1 cross site scripting
    Una vulnerabilità di livello problematico è stata rilevata in Medintux 2.16.000. Interessato da questa vulnerabilità è una funzione sconosciuta del file CCAM.php. Informazioni riguardo una possibile contromisura non sono al ... read more
  • vTiger CRM fino 7.2.0 vtigercrm/index.php view cross site scripting
    Un punto critico di livello problematico è stato rilevato in vTiger CRM fino 7.2.0 (Customer Relationship Management System). Da questa vulnerabilità è interessato una funzione sconosciuta del file vtigercrm/index.php. Informazioni ... read more
  • Rocketgenius Gravity Forms fino 2.4.20 Textarea cross site scripting
    È stata rilevata una vulnerabilità di livello problematico in Rocketgenius Gravity Forms fino 2.4.20. Riguarda una funzione sconosciuta del componente Textarea Handler. L'aggiornamento alla versione 2.4.21 elimina questa vulnerabilità. ... read more
  • FHEM 6.0 fhem/FileLog_logWrapper file information disclosure
    In FHEM 6.0 stata rilevata una vulnerabilità di livello problematico. Riguarda una funzione sconosciuta del file fhem/FileLog_logWrapper. Informazioni riguardo una possibile contromisura non sono al momento disponibili. Si suggerisce di ... read more
  • Apple iOS/iPadOS fino 13.x XPC Service launchd escalazione di privilegi
    Un punto di debole di livello critico è stato rilevato in Apple iOS e iPadOS fino 13.x (Smartphone Operating System). Interessato da questa vulnerabilità è una funzione sconosciuta del file ... read more
  • Tufin SecureChange fino 19.3 HF2/R20-1 cross site scripting [CVE-2020-13133]
    Una vulnerabilità di livello problematico è stata rilevata in Tufin SecureChange fino 19.3 HF2/R20-1. Da questa vulnerabilità è interessato una funzione sconosciuta. Applicando la patch R19.3 HF3/R20-1 HF1 è possibile ... read more
  • Apple macOS XPC Service launchd escalazione di privilegi
    Un punto di criticita di livello critico è stato rilevato in Apple macOS (Operating System). Riguarda una funzione sconosciuta del file launchd del componente XPC Service. L'aggiornamento elimina questa vulnerabilità. ... read more
  • Rocketgenius Gravity Forms fino 2.4.20 su WordPress Forms Import cross site scripting
    Un punto di debole di livello problematico è stato rilevato in Rocketgenius Gravity Forms fino 2.4.20 su WordPress (WordPress Plugin). Da questa vulnerabilità è interessato una funzione sconosciuta del componente ... read more
  • XWiki 12.10.2 SVG Document cross site scripting
    In XWiki 12.10.2 (Content Management System) stata rilevata una vulnerabilità di livello problematico. Interessato da questa vulnerabilità è una funzione sconosciuta del componente SVG Document Handler. Informazioni riguardo una possibile ... read more
  • Tufin SecureChange fino 19.3 HF2/R20-1 cross site scripting [CVE-2020-13134]
    È stata rilevata una vulnerabilità di livello problematico in Tufin SecureChange fino 19.3 HF2/R20-1. É interessato una funzione sconosciuta. Applicando la patch R19.3 HF3/R20-1 HF1 è possibile eliminare il problema. ... read more
  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
    Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution MS-ISAC ADVISORY NUMBER:2021-011 DATE(S) ISSUED:01/19/2021 OVERVIEW:Multiple vulnerabilities have been discovered in ... read more
  • Oracle Quarterly Critical Patches Issued January 19, 2021
    Oracle Quarterly Critical Patches Issued January 19, 2021 MS-ISAC ADVISORY NUMBER:2021-012 DATE(S) ISSUED:01/19/2021 OVERVIEW:Multiple vulnerabilities have been discovered in Oracle products, which ... read more
  • OpenEMR up to 5.0.1 /controller.php unrestricted upload
    A vulnerability was found in OpenEMR up to 5.0.1 (Business Process Management Software). It has been classified as critical. Affected is an unknown code of the file /controller.php. There is ... read more
  • vTiger CRM up to 7.2.0 vtigercrm/index.php view cross site scripting
    A vulnerability has been found in vTiger CRM up to 7.2.0 (Customer Relationship Management System) and classified as problematic. This vulnerability affects some unknown functionality of the file vtigercrm/index.php. There ... read more
  • Medintux 2.16.000 CCAM.php mot1 cross site scripting
    A vulnerability, which was classified as problematic, was found in Medintux 2.16.000. This affects an unknown functionality of the file CCAM.php. There is no information about possible countermeasures known. It ... read more
  • FHEM 6.0 fhem/FileLog_logWrapper file information disclosure
    A vulnerability, which was classified as problematic, has been found in FHEM 6.0. Affected by this issue is an unknown function of the file fhem/FileLog_logWrapper. There is no information about ... read more
  • SOOIL Diabecare RS/AnyDana-i/AnyDana-A up to 2.x Bluetooth LE improper authentication
    A vulnerability classified as critical was found in SOOIL Diabecare RS, AnyDana-i and AnyDana-A up to 2.x (Medical Device Software). This vulnerability affects an unknown code of the component Bluetooth ... read more
  • Tufin SecureChange up to 19.3 HF2/R20-1 cross site scripting
    A vulnerability classified as problematic has been found in Tufin SecureChange up to 19.3 HF2/R20-1. Affected is an unknown code block. Applying the patch R19.3 HF3/R20-1 HF1 is able to ... read more
Older posts

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Wednesday, January 20, 2021

  • Disclaimer |
  • Terms |
  • Privacy
  • About-Services |
  • Blog-Reports
  • YouTube
  • Pinterest
  • LinkedIn
  • Twitter
  • LinkedIn
  • Twitter
  • Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

PDF Library Search

Security Briefing Search

Siemens Search

Reset Password

Reset Password

You have no permission to access this content