Every CVE whose affected-product data names Lcds Laquis Scada, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2018-18996 — CVSS 9.8 (critical): LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an…
CVE-2018-17893 — CVSS 9.8 (critical): LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution.
CVE-2018-17895 — CVSS 9.8 (critical): LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution.
CVE-2018-17897 — CVSS 9.8 (critical): LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, which may allow remote code…
CVE-2018-18998 — CVSS 9.8 (critical): LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system…
CVE-2021-32989 — CVSS 9.3 (critical): When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which…
CVE-2018-17899 — CVSS 8.8 (high): LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.
CVE-2018-18992 — CVSS 8.8 (high): LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute…
CVE-2018-18988 — CVSS 8.8 (high): LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may…
CVE-2018-17911 — CVSS 7.8 (high): LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.
CVE-2018-18986 — CVSS 7.8 (high): LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds…
CVE-2018-17901 — CVSS 7.8 (high): LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing…
CVE-2018-19002 — CVSS 7.8 (high): LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file…
CVE-2018-19029 — CVSS 7.8 (high): LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a…
CVE-2018-5463 — CVSS 7.8 (high): A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA…
CVE-2019-6536 — CVSS 7.8 (high): Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may…
CVE-2020-10622 — CVSS 7.8 (high): LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
CVE-2020-10618 — CVSS 5.5 (medium): LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users.
CVE-2018-18990 — CVSS 5.3 (medium): LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can…
CVE-2018-19000 — CVSS 5.3 (medium): LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.
CVE-2017-6020 — CVSS 5.3 (medium): Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize…
CVE-2018-19004 — CVSS 3.3 (low): LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data…