Latest CVE Feed
-
7.2
HIGHCVE-2021-30066
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an arbitrary firmware image can be loaded because firmware signature verification (for a USB stick) can be bypassed... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.00
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30065
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, crafted ModBus packets can bypass the ModBus enforcer. NOTE: this issue exists because of an incomplete fix of CVE-... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.03
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-30064
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, an SSH login can succeed with hardcoded default credentials (if the device is in the uncommissioned state).... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.06
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30063
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can cause an OPC enforcer denial of service.... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +12 more products- EPSS Score: %0.07
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30062
On Schneider Electric ConneXium Tofino OPCLSM TCSEFM0000 before 03.23 and Belden Tofino Xenon Security Appliance, crafted OPC packets can bypass the OPC enforcer.... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +12 more products- EPSS Score: %0.04
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-30061
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21, and Belden Tofino Xenon Security Appliance, physically proximate attackers can execute code via a crafted file on a USB stick.... Read more
Affected Products : tofino_xenon_security_appliance_firmware tofino_argon_fa-tsa-220-tx\/mm_firmware tofino_argon_fa-tsa-220-tx\/tx_firmware tofino_argon_fa-tsa-220-mm\/tx_firmware tofino_argon_fa-tsa-220-mm\/mm_firmware tofino_argon_fa-tsa-100-tx\/tx_firmware eagle_20_tofino_943_987-505-mm\/mm_firmware eagle_20_tofino_943_987-504-mm\/tx_firmware eagle_20_tofino_943_987-502_-tx\/mm_firmware eagle_20_tofino_943_987-501-tx\/tx_firmware +16 more products- EPSS Score: %0.01
- Published: Apr. 03, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30058
Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in '/knowagecockpitengine/api/1.0/pages/execute' via the 'SBI_HOST' parameter.... Read more
Affected Products : knowage- EPSS Score: %0.29
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-30057
A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.... Read more
Affected Products : knowage- EPSS Score: %0.32
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30056
Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to data leakage.... Read more
Affected Products : knowage- EPSS Score: %0.21
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-30055
A SQL injection vulnerability in Knowage Suite version 7.1 exists in the documentexecution/url analytics driver component via the 'par_year' parameter when running a report.... Read more
Affected Products : knowage- EPSS Score: %0.57
- Published: Apr. 05, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-30049
SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI.... Read more
Affected Products : sysaid- EPSS Score: %10.57
- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-30048
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (小说精品屋-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter.... Read more
Affected Products : novel_boutique_house-plus- EPSS Score: %1.08
- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-30047
VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.... Read more
Affected Products : vsftpd- EPSS Score: %0.31
- Published: Aug. 22, 2023
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-30046
VIGRA Computer Vision Library Version-1-11-1 contains a segmentation fault vulnerability in the impex.hxx read_image_band() function, in which a crafted file can cause a denial of service.... Read more
Affected Products : vigra_computer_vision_library- EPSS Score: %0.28
- Published: Apr. 06, 2021
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2021-30045
SerenityOS 2021-03-27 contains a buffer overflow vulnerability in the EndOfCentralDirectory::read() function.... Read more
- EPSS Score: %0.58
- Published: Apr. 06, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30044
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the First Name or Last Name field on staff/register.php.... Read more
Affected Products : remote_clinic- EPSS Score: %0.11
- Published: Apr. 13, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30042
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Clinic Name", "Clinic Address", "Clinic City", or "Clinic Contact" field on clinics/register.php... Read more
Affected Products : remote_clinic- EPSS Score: %0.15
- Published: Apr. 13, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30039
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Fever" or "Blood Pressure" field on the patients/register-report.php.... Read more
Affected Products : remote_clinic- EPSS Score: %0.15
- Published: Apr. 13, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30034
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Symptons field on patients/register-report.php.... Read more
Affected Products : remote_clinic- EPSS Score: %0.15
- Published: Apr. 13, 2021
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2021-30030
Cross Site Scripting (XSS) in Remote Clinic v2.0 via the Full Name field on register-patient.php.... Read more
Affected Products : remote_clinic- EPSS Score: %0.18
- Published: Apr. 13, 2021
- Modified: Nov. 21, 2024