Lcds Laquis_scada

22 CVEs affecting Lcds Laquis_scada. Latest disclosed: 2022-05-25. Critical: 6, High: 11.

Top CVEs affecting Lcds Laquis_scada
CVESeverityScorePublishedSummary
CVE-2018-18998Critical9.82019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.
CVE-2018-18996Critical9.82019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute re…
CVE-2018-17897Critical9.82018-10-17LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, which may allow remote code execution.
CVE-2018-17895Critical9.82018-10-17LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution.
CVE-2018-17893Critical9.82018-10-17LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution.
CVE-2021-32989Critical9.32022-05-25When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cr…
CVE-2018-18992High8.82019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the…
CVE-2018-18988High8.82019-02-01LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code exe…
CVE-2018-17899High8.82018-10-17LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.
CVE-2020-10622High7.82020-05-04LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
CVE-2019-6536High7.82019-03-27Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker t…
CVE-2018-19029High7.82019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, wh…
CVE-2018-19002High7.82019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remo…
CVE-2018-18986High7.82019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may caus…
CVE-2018-17911High7.82018-10-17LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.
CVE-2018-17901High7.82018-10-17LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on…
CVE-2018-5463High7.82018-04-09A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.3391 and earlier may…
CVE-2020-10618Medium5.52020-05-04LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users.
CVE-2018-19000Medium5.32019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.
CVE-2018-18990Medium5.32019-02-05LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerab…