Progea

progea

8 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Movicon Powerhmi

movicon_powerhmi

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-14019 1Progea 1Movicon May 13, 2026 Oct 19, 2017 N/A· v4 6.7 MEDIUM· v3 4.6 MEDIUM· v2 An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to ins...Show more An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her privileges.Show less
CVE-2017-14017 1Progea 1Movicon May 13, 2026 Oct 19, 2017 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without pri...Show more An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a malicious DLL file.Show less
CVE-2014-0778 1Progea 1Movicon May 6, 2026 Apr 19, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 TCPUploader module listens on Port 10651/TCP for incoming connections. Exploitation of this vulnerability could allow a remote unauthenticated user access to release OS version information. While this is a minor vulne...Show more TCPUploader module listens on Port 10651/TCP for incoming connections. Exploitation of this vulnerability could allow a remote unauthenticated user access to release OS version information. While this is a minor vulnerability, it represents a method for further network reconnaissance.Show less
CVE-2012-1804 1Progea 1Movicon Apr 29, 2026 May 14, 2012 N/A· v4 N/A· v3 7.8 HIGH· v2 The OPC server in Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request.
CVE-2011-3499 1Progea 1Movicon Powerhmi Apr 29, 2026 Sep 16, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which wri...Show more Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.Show less
CVE-2011-3498 1Progea 1Movicon Powerhmi Apr 29, 2026 Sep 16, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
CVE-2011-3491 1Progea 1Movicon Powerhmi Apr 29, 2026 Sep 16, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.
CVE-2011-2963 1Progea 1Movicon Apr 29, 2026 Jul 29, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs...Show more TCPUploadServer.exe in Progea Movicon 11.2 before Build 1084 does not require authentication for critical functions, which allows remote attackers to obtain sensitive information, delete files, execute arbitrary programs, or cause a denial of service (crash) via a crafted packet to TCP port 10651.Show less