Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2020-8492

    Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHa... Read more

    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8489

    Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the... Read more

    Affected Products : 800xa_information_management
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8488

    Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution... Read more

    Affected Products : 800xa 800xa_batch_management
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8487

    Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.... Read more

    Affected Products : 800xa_base_system
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8486

    Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.... Read more

    Affected Products : 800xa_rnrp
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8485

    Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windo... Read more

    Affected Products : 800xa
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8484

    Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows p... Read more

    Affected Products : 800xa
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8482

    Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data... Read more

    Affected Products : device_library_wizard
    • Published: May. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2020-8481

    For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, ... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2020-8479

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2020-8478

    Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local syst... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2020-8477

    The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of... Read more

    Affected Products : 800xa_information_manager
    • Published: Apr. 22, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-8476

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2020-8475

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8474

    Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction.... Read more

    Affected Products : 800xa_base_system
    • Published: Apr. 22, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8473

    Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vul... Read more

    Affected Products : 800xa_base_system
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8472

    Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow l... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8471

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to... Read more

    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.4

    HIGH
    CVE-2020-8470

    Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not re... Read more

    • Published: Mar. 18, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2020-8469

    Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation.... Read more

    Affected Products : password_manager
    • Published: Mar. 12, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294848 Results