Latest CVE Feed
-
10.0
CRITICALCVE-2021-27470
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary comma... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.38
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27468
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.06
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-27467
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to se... Read more
- EPSS Score: %0.17
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27466
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary c... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.10
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-27465
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications do not validate webpage input, which could allow an attacker to inject arbitrary HTML code into a webpage. This would allow an attac... Read more
- EPSS Score: %0.17
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27464
The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary SQL statements.... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.03
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-27463
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected applications utilize persistent cookies where the session cookie attribute is not properly invalidated, allowing an attacker to intercept the coo... Read more
- EPSS Score: %0.16
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27462
A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary comma... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.11
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-27461
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.... Read more
- EPSS Score: %0.33
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27460
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthen... Read more
Affected Products : factorytalk_assetcentre- EPSS Score: %0.29
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27459
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The webserver of the affected products allows unvalidated files to be uploaded, which an attacker could utilize to execute arbitrary code.... Read more
- EPSS Score: %0.70
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-27458
If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All vers... Read more
Affected Products : pc10g-cpu_tcc-6353_firmware pc10ge_tcc-6464_firmware pc10p_tcc-6372_firmware pc10p-dp_tcc-6726_firmware pc10p-dp-io_tcc-6752_firmware pc10b-p_tcc-6373_firmware pc10b_tcc-1021_firmware pc10b-e\/c_tcu-6521_firmware pc10e_tcc-4737_firmware plus_cpu_tcc-6740_firmware +26 more products- EPSS Score: %0.26
- Published: Apr. 19, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-27457
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected products utilize a weak encryption algorithm for storage of sensitive data, which may allow an attacker to more easily obtain credentials used fo... Read more
- EPSS Score: %0.06
- Published: May. 20, 2021
- Modified: Nov. 21, 2024
-
2.4
LOWCVE-2021-27456
Philips Gemini PET/CT family software stores sensitive information in a removable media device that does not have built-in access control.... Read more
- EPSS Score: %0.08
- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-27455
Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to disclose information.... Read more
Affected Products : dopsoft- EPSS Score: %0.15
- Published: Jul. 02, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27454
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions prior to 02A04.1).... Read more
- EPSS Score: %0.05
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27453
Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.... Read more
Affected Products : amegaview- EPSS Score: %0.22
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27452
The software contains a hard-coded password that could allow an attacker to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).... Read more
- EPSS Score: %0.04
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-27451
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.... Read more
Affected Products : amegaview- EPSS Score: %0.21
- Published: Dec. 21, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-27450
SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versi... Read more
- EPSS Score: %0.03
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024