CVE-2025-31935
- EPSS 0.19%
- Veröffentlicht 11.04.2025 15:33:08
- Zuletzt bearbeitet 15.04.2025 18:39:43
Subnet Solutions PowerSYSTEM Center is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the API may trigger an exception, resulting in a denial-of-service condition.
CVE-2025-31354
- EPSS 0.1%
- Veröffentlicht 11.04.2025 15:30:24
- Zuletzt bearbeitet 15.04.2025 18:39:43
Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters.
CVE-2024-28042
- EPSS 0.14%
- Veröffentlicht 15.05.2024 17:15:10
- Zuletzt bearbeitet 21.11.2024 09:05:41
SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Center.
CVE-2024-3313
- EPSS 0.1%
- Veröffentlicht 09.04.2024 23:15:25
- Zuletzt bearbeitet 21.11.2024 09:29:22
SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in PowerSYSTEM Server 2021 and Substation Server 2021.
CVE-2023-6631
- EPSS 0.1%
- Veröffentlicht 08.01.2024 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:44:15
PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
CVE-2023-29158
- EPSS 0.04%
- Veröffentlicht 19.06.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 07:56:38
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.
CVE-2023-32659
- EPSS 0.04%
- Veröffentlicht 19.06.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 08:03:47
SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are su...