Theis issue is observed when the token provided while configuring oAuth does not match with the service account...
7.1AI Score
CVE-2024-25552 Wiesemann & Theis: Multiple products prone to unquoted search path
A local attacker can gain administrative privileges by inserting an executable file in the path of the affected...
7.8CVSS
8.5AI Score
0.0004EPSS
Wiesemann & Theis GmbH W&T OPC Server Detection (Windows SMB Login)
Detects the installed version of Wiesemann & Theis GmbH W&T OPC Server for...
7.4AI Score
Nessus was able to identify the remote operating system by examining the HTML returned from certain HTTP...
7.2AI Score
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by...
8CVSS
8.1AI Score
0.001EPSS
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by...
8CVSS
8AI Score
0.001EPSS
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by...
8CVSS
0.001EPSS
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration...
5.4CVSS
5.4AI Score
0.001EPSS
CVE-2022-4098 Wiesemann & Theis: Multiple products prone to missing authentication through spoofing
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by...
8CVSS
8.3AI Score
0.001EPSS
CVE-2022-42787 Wiesemann & Theis: Small number space for allocating session id in Com-Server family
Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be...
8.8CVSS
8.8AI Score
0.003EPSS
Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to his account on the the device. As the user needs to log in for the attack to be...
8.8CVSS
8.5AI Score
0.003EPSS
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET...
9.8CVSS
9.5AI Score
0.004EPSS
CVE-2022-42785 Wiesemann & Theis: Authentication bypass in Com-Server family
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET...
9.8CVSS
9.8AI Score
0.004EPSS
CVE-2022-42786 Wiesemann & Theis: XSS vulnerability in web interface of the Com-Server family
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration...
5.4CVSS
5.6AI Score
0.001EPSS
Steam Patched Broken Crypto in Wake of Replay, Padding Oracle Attacks
The digital gaming platform Steam was quick to patch a cryptographic issue in its client recently that could have allowed an attacker to read sensitive information sent over its network, take over an account, or view plain-text passwords. Valve, the Bellevue, Wash.-based video game developer that.....
-0.3AI Score
0.1AI Score
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:062 http://www.mandriva.com/security/ Package : curl Date : March 19, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0, Multi...
0.4AI Score
0.044EPSS
0.1AI Score
0.044EPSS
7.6AI Score
0.044EPSS
Mandriva Linux Security Advisory : curl (MDVSA-2010:062)
A vulnerability has been found and corrected in curl : content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a...
0.6AI Score
0.044EPSS
OS Identification : SNMP sysObjectID
The remote operating system can be identified by querying its sysObjectID object using...
AI Score