Latest CVE Feed
-
7.8
HIGHCVE-2021-22677
An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.0... Read more
Affected Products : cc3100_software_development_kit cc3200_software_development_kit simplelink_cc13x0_software_development_kit simplelink_cc13x2_software_development_kit simplelink_cc26xx_software_development_kit simplelink_cc32xx_software_development_kit simplelink_msp432e4_software_development_kit- EPSS Score: %0.06
- Published: May. 07, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-22676
UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintend... Read more
Affected Products : webaccess\/scada- EPSS Score: %0.19
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2021-22675
The affected product is vulnerable to integer overflow while parsing malformed over-the-air firmware update files, which may allow an attacker to remotely execute code on SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and pr... Read more
Affected Products : cc3100_software_development_kit cc3200_software_development_kit simplelink_cc13x0_software_development_kit simplelink_cc13x2_software_development_kit simplelink_cc26xx_software_development_kit simplelink_cc32xx_software_development_kit simplelink_msp432e4_software_development_kit- EPSS Score: %0.77
- Published: May. 07, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-22674
The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).... Read more
Affected Products : webaccess\/scada- EPSS Score: %0.31
- Published: Aug. 10, 2021
- Modified: Nov. 21, 2024
-
8.0
HIGHCVE-2021-22673
The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX... Read more
Affected Products : cc3100_software_development_kit cc3200_software_development_kit simplelink_cc13x0_software_development_kit simplelink_cc13x2_software_development_kit simplelink_cc26xx_software_development_kit simplelink_cc32xx_software_development_kit simplelink_msp432e4_software_development_kit- EPSS Score: %0.74
- Published: May. 07, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22672
Delta Electronics' CNCSoft ScreenEditor in versions prior to v1.01.30 could allow the corruption of data, a denial-of-service condition, or code execution. The vulnerability may allow an attacker to remotely execute arbitrary code.... Read more
Affected Products : cncsoft_screeneditor- EPSS Score: %0.30
- Published: May. 10, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-22671
Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4... Read more
Affected Products : cc3100_software_development_kit cc3200_software_development_kit simplelink_cc13x0_software_development_kit simplelink_cc13x2_software_development_kit simplelink_cc26xx_software_development_kit simplelink_cc32xx_software_development_kit simplelink_msp432e4_software_development_kit- EPSS Score: %0.70
- Published: May. 07, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22670
An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.... Read more
Affected Products : fvdesigner- EPSS Score: %0.17
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-22669
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to e... Read more
Affected Products : webaccess\/scada- EPSS Score: %0.17
- Published: Apr. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-22668
Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (with ScreenEditor Version 1.01.2) and prior are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.... Read more
Affected Products : cncsoft_screeneditor- EPSS Score: %0.70
- Published: May. 16, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-22667
BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded credentials, which may allow an attacker to gain unauthorized access and permit the execution of arbitrary code on the BB-ESWGP506-2SFP-T (versions 1.01.01 and prior)... Read more
- EPSS Score: %0.60
- Published: Feb. 24, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22666
Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-based buffer overflow while project files are being processed, allowing an attacker to craft a special project file that may permit arbitrary code execution.... Read more
Affected Products : fvdesigner- EPSS Score: %0.27
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22665
Rockwell Automation DriveTools SP v5.13 and below and Drives AOP v4.12 and below both contain a vulnerability that a local attacker with limited privileges may be able to exploit resulting in privilege escalation and complete control of the system.... Read more
- EPSS Score: %0.00
- Published: Mar. 18, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22664
CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.... Read more
Affected Products : cncsoft-b- EPSS Score: %0.20
- Published: Apr. 27, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22663
Cscape (All versions prior to 9.90 SP3.5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current proce... Read more
- EPSS Score: %0.41
- Published: Feb. 09, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22662
A use after free issue has been identified in Fatek FvDesigner Version 1.5.76 and prior in the way the application processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.... Read more
Affected Products : fvdesigner- EPSS Score: %0.24
- Published: Mar. 03, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-22661
Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Ve... Read more
- EPSS Score: %0.16
- Published: Feb. 26, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-22660
CNCSoft-B Versions 1.0.0.3 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.... Read more
Affected Products : cncsoft-b- EPSS Score: %0.35
- Published: Apr. 27, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-22659
Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may... Read more
- EPSS Score: %0.69
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-22658
Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'.... Read more
Affected Products : iview- EPSS Score: %0.40
- Published: Feb. 11, 2021
- Modified: Nov. 21, 2024