Vulnerabilities > Schneider Electric

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2018-2599 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). 4.8
2018-01-18 CVE-2018-2588 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). 4.3
2018-01-18 CVE-2018-2582 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). 6.5
2018-01-18 CVE-2018-2579 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). 3.7
2018-01-02 CVE-2017-9966 Unspecified vulnerability in Schneider-Electric Pelco Videoxpert
A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior.
network
high complexity
schneider-electric
7.1
2018-01-02 CVE-2017-9965 Path Traversal vulnerability in Schneider-Electric Pelco Videoxpert
An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior.
network
low complexity
schneider-electric CWE-22
5.0
2018-01-02 CVE-2017-9964 Path Traversal vulnerability in Schneider-Electric Pelco Videoxpert
A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1.
5.8
2017-11-13 CVE-2017-14024 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Wonderware Indusoft web Studio and Wonderware Intouch
A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine Edition v8.0 SP2 Patch 1 and prior versions.
network
low complexity
schneider-electric CWE-119
critical
10.0
2017-10-03 CVE-2017-13997 Missing Authentication for Critical Function vulnerability in Schneider-Electric Wonderware Indusoft web Studio and Wonderware Intouch
A Missing Authentication for Critical Function issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 or prior, and InTouch Machine Edition v8.0 SP2 or prior.
network
low complexity
schneider-electric CWE-306
critical
10.0
2017-09-26 CVE-2017-9961 Unspecified vulnerability in Schneider-Electric Pro-Face GP PRO EX 4.07.000
A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an attacker to execute arbitrary code.
local
low complexity
schneider-electric
4.6