Vulnerabilities - Yack CVE

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-7008 1Visam 2Vbase Editor Vbase Web Remote Jun 17, 2026 Apr 3, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources.
CVE-2020-7007 1Moxa 2Eds 510e Firmware Eds G516e Firmware Jun 17, 2026 Mar 24, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service.
CVE-2020-7006 1Systech 2Nds 5000 Firmware Nds/5008rm Firmware Jun 17, 2026 Mar 19, 2020 N/A· v4 8.4 HIGH· v3 6.0 MEDIUM· v2 Systech Corporation NDS-5000 Terminal Server, NDS/5008 (8 Port, RJ45), firmware Version 02D.30. Successful exploitation of this vulnerability could allow information disclosure, limit system availability, and may allow r...Show more Systech Corporation NDS-5000 Terminal Server, NDS/5008 (8 Port, RJ45), firmware Version 02D.30. Successful exploitation of this vulnerability could allow information disclosure, limit system availability, and may allow remote code execution.Show less
CVE-2020-7005 1Honeywell 1Win Pak Jun 17, 2026 Mar 24, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code.
CVE-2020-7004 1Visam 2Vbase Editor Vbase Web Remote Jun 17, 2026 Apr 3, 2020 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privil...Show more VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application.Show less
CVE-2020-7003 1Moxa 20Iologik 2512 Hspa T Firmware Iologik 2512 Hspa FirmwareIologik 2512 T Firmware+17 more Jun 17, 2026 Mar 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.
CVE-2020-7002 1Deltaww 1Cncsoft Screeneditor Jun 17, 2026 Mar 18, 2020 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file.
CVE-2020-7001 1Moxa 2Eds 510e Firmware Eds G516e Firmware Jun 17, 2026 Mar 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
CVE-2020-7000 1Visam 2Vbase Editor Vbase Web Remote Jun 17, 2026 Apr 3, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decrypti...Show more VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface.Show less
CVE-2020-6999 1Moxa 1Mds G516e Firmware Jun 17, 2026 Mar 26, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.
CVE-2020-6997 1Moxa 2Eds 510e Firmware Eds G516e Firmware Jun 17, 2026 Mar 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext.
CVE-2020-6996 1Trianglemicroworks 1Dnp3 Source Code Library Jun 17, 2026 Apr 15, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. A specially crafted message may cause a stack-b...Show more Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. A specially crafted message may cause a stack-based buffer overflow. Authentication is not required to exploit this vulnerability.Show less
CVE-2020-6995 1Moxa 55Pt 7528 12msc 12tx 4gsfp Hv Hv Firmware Pt 7528 12msc 12tx 4gsfp Hv FirmwarePt 7528 12msc 12tx 4gsfp Wv Wv Firmware+52 more Jun 17, 2026 Mar 24, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.
CVE-2020-6994 1Belden 2Hirschmann Hios Hirschmann Hisecos Jun 17, 2026 Apr 3, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability...Show more A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30.Show less
CVE-2020-6993 1Moxa 55Pt 7528 12msc 12tx 4gsfp Hv Hv Firmware Pt 7528 12msc 12tx 4gsfp Hv FirmwarePt 7528 12msc 12tx 4gsfp Wv Wv Firmware+52 more Jun 17, 2026 Mar 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization.
CVE-2020-6992 1Ge 1Cimplicity Jun 17, 2026 Apr 15, 2020 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to th...Show more A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only exploitable if an attacker has access to an authenticated session. GE Digital CIMPLICITY v11.0, released January 2020, contains mitigation for this local privilege escalation vulnerability. GE Digital recommends all users upgrade to GE CIMPLICITY v11.0 or newer.Show less
CVE-2020-6991 1Moxa 2Eds 510e Firmware Eds G516e Firmware Jun 17, 2026 Mar 24, 2020 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force.
CVE-2020-6990 1Rockwellautomation 4Micrologix 1100 Firmware Micrologix 1400 A FirmwareMicrologix 1400 B Firmware+1 more Jun 17, 2026 Mar 16, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help...Show more Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic key utilized to help protect the account password is hard coded into the RSLogix 500 binary file. An attacker could identify cryptographic keys and use it for further cryptographic attacks that could ultimately lead to a remote attacker gaining unauthorized access to the controller.Show less
CVE-2020-6989 1Moxa 55Pt 7528 12msc 12tx 4gsfp Hv Hv Firmware Pt 7528 12msc 12tx 4gsfp Hv FirmwarePt 7528 12msc 12tx 4gsfp Wv Wv Firmware+52 more Jun 17, 2026 Mar 24, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbi...Show more In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.Show less
CVE-2020-6988 1Rockwellautomation 4Micrologix 1100 Firmware Micrologix 1400 A FirmwareMicrologix 1400 B Firmware+1 more Jun 17, 2026 Mar 16, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can...Show more Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, A remote, unauthenticated attacker can send a request from the RSLogix 500 software to the victim’s MicroLogix controller. The controller will then respond to the client with used password values to authenticate the user on the client-side. This method of authentication may allow an attacker to bypass authentication altogether, disclose sensitive information, or leak credentials.Show less
CVE-2020-6987 1Moxa 55Pt 7528 12msc 12tx 4gsfp Hv Hv Firmware Pt 7528 12msc 12tx 4gsfp Hv FirmwarePt 7528 12msc 12tx 4gsfp Wv Wv Firmware+52 more Jun 17, 2026 Mar 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...Show more In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.Show less
CVE-2020-6986 1Omron 2Plc Cj1 Firmware Plc Cj2 Firmware Jun 17, 2026 Mar 5, 2020 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result.
CVE-2020-6985 1Moxa 55Pt 7528 12msc 12tx 4gsfp Hv Hv Firmware Pt 7528 12msc 12tx 4gsfp Hv FirmwarePt 7528 12msc 12tx 4gsfp Wv Wv Firmware+52 more Jun 17, 2026 Mar 24, 2020 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.
CVE-2020-6984 1Rockwellautomation 4Micrologix 1100 Firmware Micrologix 1400 A FirmwareMicrologix 1400 B Firmware+1 more Jun 17, 2026 Mar 16, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to...Show more Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable.Show less
CVE-2020-6983 1Moxa 55Pt 7528 12msc 12tx 4gsfp Hv Hv Firmware Pt 7528 12msc 12tx 4gsfp Hv FirmwarePt 7528 12msc 12tx 4gsfp Wv Wv Firmware+52 more Jun 17, 2026 Mar 24, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data c...Show more In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered.Show less

Previous 1...888990...14337 Next

Vulnerabilities (CVE)