Latest CVE Feed
-
5.3
MEDIUMCVE-2021-27463
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the coo... Read more
- EPSS Score: %0.16
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27462
A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary comma... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.11
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-27461
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.... Read more
- EPSS Score: %0.33
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27460
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthen... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.29
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27459
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.... Read more
- EPSS Score: %0.70
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-27458
If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All vers... Read more
Affected Products : pc10g-cpu_tcc-6353_firmware pc10ge_tcc-6464_firmware pc10p_tcc-6372_firmware pc10p-dp_tcc-6726_firmware pc10p-dp-io_tcc-6752_firmware pc10b-p_tcc-6373_firmware pc10b_tcc-1021_firmware pc10b-e\/c_tcu-6521_firmware pc10e_tcc-4737_firmware plus_cpu_tcc-6740_firmware +26 more products- EPSS Score: %0.26
- Published: Apr. 19, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-27457
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used fo... Read more
- EPSS Score: %0.06
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
2.4
LOWCVE-2021-27456
Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control.... Read more
- EPSS Score: %0.08
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-27455
Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to disclose information.... Read more
Affected Products : dopsoft- EPSS Score: %0.15
- Published: Jul. 02, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27454
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1).... Read more
- EPSS Score: %0.05
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27453
Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.... Read more
Affected Products : amegaview- EPSS Score: %0.22
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27452
The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).... Read more
- EPSS Score: %0.04
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27451
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.... Read more
Affected Products : amegaview- EPSS Score: %0.21
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27450
SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versi... Read more
- EPSS Score: %0.03
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
9.9
CRITICALCVE-2021-27449
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.... Read more
Affected Products : amegaview- EPSS Score: %1.08
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27448
A miscommunication in the file system allows adversaries with access to the MU320E to escalate privileges on the MU320E (all firmware versions prior to v04A00.1).... Read more
- EPSS Score: %0.05
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27447
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.... Read more
Affected Products : amegaview- EPSS Score: %1.46
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27446
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.... Read more
Affected Products : cmt-svr-100_firmware cmt-svr-102_firmware cmt-svr-200_firmware cmt-svr-202_firmware cmt-g01_firmware cmt-g02_firmware cmt-g03_firmware cmt-g04_firmware cmt3071_firmware cmt3072_firmware +22 more products- EPSS Score: %0.28
- Published: May. 16, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27445
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.... Read more
Affected Products : amegaview- EPSS Score: %0.03
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27444
The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator.... Read more
Affected Products : cmt-svr-100_firmware cmt-svr-102_firmware cmt-svr-200_firmware cmt-svr-202_firmware cmt-g01_firmware cmt-g02_firmware cmt-g03_firmware cmt-g04_firmware cmt3071_firmware cmt3072_firmware +22 more products- EPSS Score: %0.30
- Published: May. 16, 2022
- Modified: Nov. 21, 2024