Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by. Rated high severity (CVSS 7.8). No vendor patch available.
HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.