Vulnerabilities > Schneider Electric > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-7765 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-05-23 | CVE-2018-1124 | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. | 7.8 |
| 2018-05-14 | CVE-2017-6021 | Improper Input Validation vulnerability in multiple products In Schneider Electric ClearSCADA 2014 R1 (build 75.5210) and prior, 2014 R1.1 (build 75.5387) and prior, 2015 R1 (build 76.5648) and prior, and 2015 R2 (build 77.5882) and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to the ClearSCADA server that can cause the ClearSCADA server process and ClearSCADA communications driver processes to terminate. | 7.5 |
| 2018-05-04 | CVE-2018-8872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Triconex Tricon MP 3008 Firmware 10.0/10.4 In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. | 8.1 |
| 2018-04-19 | CVE-2018-2814 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |
| 2018-04-19 | CVE-2018-2811 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). | 7.7 |
| 2018-04-19 | CVE-2018-2794 | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). | 7.7 |
| 2018-04-18 | CVE-2018-7762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow. | 7.5 |
| 2018-04-18 | CVE-2018-7759 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. | 7.5 |
| 2018-04-18 | CVE-2018-7240 | Out-of-bounds Write vulnerability in Schneider-Electric products A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. | 8.8 |