Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.8

HIGH

CVE-2021-34602

In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges....

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613
EPSS Score: %4.75

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-34601

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender charge controller CC612 in version 5.20.1 and below is prone to hardcoded ssh credentials. An attacker may use the password to gain administrative access to ...

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613
EPSS Score: %0.41

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
5.5

MEDIUM

CVE-2021-34600

Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation....

Affected Products : compasx
EPSS Score: %0.12

Published: Jan. 20, 2022

Modified: Nov. 21, 2024
7.4

HIGH

CVE-2021-34599

Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS cert...

Affected Products : development_system git
EPSS Score: %0.09

Published: Dec. 01, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-34598

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...

Affected Products : fl_mguard_1102_firmware fl_mguard_1105_firmware fl_mguard_1102 fl_mguard_1105
EPSS Score: %0.27

Published: Nov. 10, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-34597

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory....

Affected Products : pc_worx pc_worx_express
EPSS Score: %0.16

Published: Nov. 04, 2021

Modified: Nov. 21, 2024
8.5

HIGH

CVE-2021-34594

TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system....

Affected Products : tf6100_firmware ts6100_firmware tf6100 ts6100
EPSS Score: %0.57

Published: Nov. 04, 2021

Modified: Nov. 21, 2024
8.8

HIGH

CVE-2021-34592

In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields....

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613
EPSS Score: %2.11

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-34591

In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd....

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613
EPSS Score: %0.13

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
5.4

MEDIUM

CVE-2021-34590

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed....

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613
EPSS Score: %0.68

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-34589

In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface....

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware icc613_firmware cc612 cc613 icc15xx icc16xx
EPSS Score: %0.30

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
8.6

HIGH

CVE-2021-34588

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot ....

Affected Products : cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613
EPSS Score: %0.26

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
5.3

MEDIUM

CVE-2021-34587

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable....

Affected Products : _ibm_rational_lifecycle_integration_adapter_for_windchill cc612_firmware cc613_firmware icc15xx_firmware icc16xx_firmware cc612 cc613 icc15xx icc16xx
EPSS Score: %0.29

Published: Apr. 27, 2022

Modified: Nov. 21, 2024
4.8

MEDIUM

CVE-2021-34582

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate file....

Affected Products : fl_mguard_1102_firmware fl_mguard_1105_firmware fl_mguard_1102 fl_mguard_1105
EPSS Score: %0.09

Published: Nov. 10, 2021

Modified: Nov. 21, 2024
7.8

HIGH

CVE-2021-34581

Missing Release of Resource after Effective Lifetime vulnerability in OpenSSL implementation of WAGO 750-831/xxx-xxx, 750-880/xxx-xxx, 750-881, 750-889 in versions FW4 up to FW15 allows an unauthenticated attacker to cause DoS on the device....

Affected Products : 750-831_firmware 750-880_firmware 750-881_firmware 750-889_firmware 750-831\/000-002_firmware 750-880\/025-000_firmware 750-880\/025-001_firmware 750-880\/025-002_firmware 750-880\/040-000_firmware 750-831 +8 more products
EPSS Score: %1.58

Published: Aug. 31, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-34580

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts....

Affected Products : mbconnect24 mymbconnect24
EPSS Score: %0.27

Published: Oct. 27, 2021

Modified: Nov. 21, 2024
7.5

HIGH

CVE-2021-34579

In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network ac...

Affected Products : fl_mguard_dm
EPSS Score: %0.10

Published: Nov. 09, 2022

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-34578

This vulnerability allows an attacker who has access to the WBM to read and write settings-parameters of the device by sending specifically constructed requests without authentication on multiple WAGO PLCs in firmware versions up to FW07....

Affected Products : 750-891_firmware 750-362_firmware 750-363_firmware 750-823_firmware 750-832_firmware 750-832\/000-002_firmware 750-862_firmware 750-890\/025-000_firmware 750-890\/025-001_firmware 750-890\/025-002_firmware +14 more products
EPSS Score: %0.34

Published: Aug. 31, 2021

Modified: Nov. 21, 2024
6.5

MEDIUM

CVE-2021-34577

In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus mode 5 with a hardcoded shared key while being adjacent to the device....

Affected Products : picoflux_air_firmware picoflux_air
EPSS Score: %0.05

Published: Nov. 09, 2022

Modified: Nov. 21, 2024
4.3

MEDIUM

CVE-2021-34576

In Kaden PICOFLUX Air in all known versions an information exposure through observable discrepancy exists. This may give sensitive information (water consumption without distinct values) to third parties....

Affected Products : picoflux_air_firmware picoflux_air
EPSS Score: %0.17

Published: Sep. 16, 2021

Modified: Nov. 21, 2024

Showing 20 of 291395 Results

Latest CVE Feed

8.8

9.8

5.5

7.4

7.5

7.8

8.5

8.8

7.8

5.4

7.5

8.6

5.3

4.8

7.8

7.5

7.5

9.8

6.5

4.3

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable