Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Measuresoft Subscribe
Filtered by product Scadapro Server
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3263 1 Measuresoft 1 Scadapro Server 2022-09-27 N/A 7.8 HIGH
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges.
CVE-2022-2896 1 Measuresoft 1 Scadapro Server 2022-09-02 N/A 7.8 HIGH
Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file.
CVE-2022-2895 1 Measuresoft 1 Scadapro Server 2022-09-02 N/A 7.8 HIGH
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file.
CVE-2022-2894 1 Measuresoft 1 Scadapro Server 2022-09-02 N/A 7.8 HIGH
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file.
CVE-2022-2892 1 Measuresoft 1 Scadapro Server 2022-09-02 N/A 7.8 HIGH
Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file.
CVE-2022-2898 1 Measuresoft 2 Scadapro Client, Scadapro Server 2022-09-02 N/A 5.5 MEDIUM
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.
CVE-2022-2897 1 Measuresoft 2 Scadapro Client, Scadapro Server 2022-09-02 N/A 7.8 HIGH
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..
CVE-2012-1824 1 Measuresoft 2 Scadapro Client, Scadapro Server 2012-05-27 7.2 HIGH N/A
Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory.