Skip to main content
CVE-2015-7937 CRITICAL Act Now

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow RCE Bmxnoc0401 Bmxnoe0100 +11
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2015-7919 CRITICAL Act Now

SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Searchblox
NVD
CVSS 3.0
10.0
EPSS
1.4%
CVE-2015-7906 CRITICAL Act Now

LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass L Switch And L Ip Firmware
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2015-7908 CRITICAL Act Now

Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Honeywell Midas Firmware Midas Black Firmware
NVD
CVSS 2.0
9.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy