Vulnerabilities > Schneider Electric
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-23 | CVE-2018-1126 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. network low complexity procps-ng-project canonical debian redhat schneider-electric CWE-190 critical | 9.8 |
| 2018-05-23 | CVE-2018-1124 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. | 7.8 |
| 2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 5.5 |
| 2018-05-18 | CVE-2017-9637 | Insufficiently Protected Credentials vulnerability in Schneider-Electric Ampla Manufacturing Execution System 6.4 Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. | 4.1 |
| 2018-05-18 | CVE-2017-9635 | Inadequate Encryption Strength vulnerability in Schneider-Electric Ampla Manufacturing Execution System 6.4 Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. | 3.9 |
| 2018-05-14 | CVE-2017-6021 | Improper Input Validation vulnerability in multiple products In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior, and 2015 R2 (build 77.5882) and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to the ClearSCADA server that can cause the ClearSCADA server process and ClearSCADA communications driver processes to terminate. | 7.5 |
| 2018-05-04 | CVE-2018-8872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Triconex Tricon MP 3008 Firmware 10.0/10.4 In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. | 8.1 |
| 2018-05-04 | CVE-2018-7522 | Unspecified vulnerability in Schneider-Electric Triconex Tricon MP 3008 Firmware 10.0 In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. | 6.7 |
| 2018-04-19 | CVE-2018-2815 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). | 5.3 |
| 2018-04-19 | CVE-2018-2814 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |