trihedral 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は パス処理の欠陥、バッファオーバーフロー, and vendor risk cross-site scripting に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で アプリケーションクラッシュ and vendor impact memory corruption などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-3181 | An Improper Input Validation vulnerability exists in Trihedral VTScada version 12.0.38 and prior. A specifically malformed HTTP request could cause the affected VTScada to crash. Both local area network (LAN)-only and internet facing systems are affected. | [email protected] | 7.5 | 0.66% | 2022-11-02 | 2026-06-17 |
| CVE-2017-14031 | An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administrator user has privileges to read and write to the file system of the target machine. | [email protected] | 7.8 | 0.29% | 2017-11-06 | 2026-06-16 |
| CVE-2017-14029 | An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine. | [email protected] | 7.8 | 0.93% | 2017-11-06 | 2026-06-16 |
| CVE-2017-6053 | A Cross-Site Scripting issue was discovered in Trihedral VTScada Versions prior to 11.2.26. A cross-site scripting vulnerability may allow JavaScript code supplied by the attacker to execute within the user's browser. | [email protected] | 6.1 | 0.83% | 2017-06-21 | 2026-06-16 |
| CVE-2017-6045 | An Information Exposure issue was discovered in Trihedral VTScada Versions prior to 11.2.26. Some files are exposed within the web server application to unauthenticated users. These files may contain sensitive configuration information. | [email protected] | 7.5 | 1.68% | 2017-06-21 | 2026-06-16 |
| CVE-2017-6043 | A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26. The client does not properly validate the input or limit the amount of resources that are utilized by an attacker, which can be used to consume more resources than are available. | [email protected] | 7.5 | 1.69% | 2017-06-21 | 2026-06-16 |
| CVE-2016-4532 | Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to read arbitrary files via a crafted pathname. | [email protected] | 9.1 | 27.62% | 2016-06-09 | 2026-06-16 |
| CVE-2016-4523 KEV | The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via unspecified vectors. | [email protected] | 7.5 | 31.39% | 2016-06-09 | 2026-06-16 |
| CVE-2016-4510 | The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors. | [email protected] | 9.1 | 20.10% | 2016-06-09 | 2026-06-16 |
| CVE-2014-9192 | Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation. | [email protected] | 7.8 | 2.69% | 2014-12-11 | 2026-06-16 |