Latest CVE Feed
-
10.0
CRITICALCVE-2017-5145
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. Successful exploitation of this CROSS-SITE REQUEST FORGERY (CSRF) vulnerability can allow execution of unauthorized actions on... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5144
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. The access control flaw allows access to most application functions without authentication.... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.6
HIGHCVE-2017-5143
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. A user without authenticating can make a directory traversal attack by accessing a specific URL.... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.1
CRITICALCVE-2017-5142
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. A user with low privileges is able to open and change the parameters by accessing a specific URL because of Improper... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-5141
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. An attacker can establish a new user session, without invalidating any existing session identifier, which gives the ... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5140
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Password is stored in clear text.... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2017-5139
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Any user is able to disclose a password by accessing a specific URL, because of Plaintext Storage of a Password.... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-9371
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
10.0
HIGHCVE-2016-9369
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-9367
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-9366
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-9365
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-9364
An issue was discovered in Fidelix FX-20 series controllers, versions prior to 11.50.19. Arbitrary file reading via path traversal allows an attacker to access arbitrary files and directories on the server.... Read more
Affected Products : fx-2030a_firmware fx-2030a-basic_firmware fx-2030a_controller fx-2030a-basic_controller- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-9363
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.1
CRITICALCVE-2016-9362
An issue was discovered in WAGO 750-8202/PFC200 prior to FW04 (released August 2015), WAGO 750-881 prior to FW09 (released August 2016), and WAGO 0758-0874-0000-0111. By accessing a specific uniform resource locator (URL) on the web server, a malicious us... Read more
Affected Products : pfc200_firmware 750-xxxx_series_firmware 758-xxxx_series_firmware 750-8202 750-881 pfc200 758-874-0000-0111- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2016-9361
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series ... Read more
Affected Products : nport_5110_firmware nport_5100_series_firmware nport_5200_series_firmware nport_5400_series_firmware nport_5600_series_firmware nport_5100a_series_firmware nport_p5150a_series_firmware nport_5200a_series_firmware nport_5x50a1-m12_series_firmware nport_5600-8-dtl_series_firmware +42 more products- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
6.7
MEDIUMCVE-2016-9360
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to re... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
5.3
MEDIUMCVE-2016-9357
An issue was discovered in certain legacy Eaton ePDUs -- the affected products are past end-of-life (EoL) and no longer supported: EAMxxx prior to June 30, 2015, EMAxxx prior to January 31, 2014, EAMAxx prior to January 31, 2014, EMAAxx prior to January 3... Read more
- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2016-9356
An issue was discovered in Moxa DACenter Versions 1.4 and older. The application may suffer from an unquoted search path issue.... Read more
Affected Products : dacenter- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025
-
7.1
HIGHCVE-2016-9354
An issue was discovered in Moxa DACenter Versions 1.4 and older. A specially crafted project file may cause the program to crash because of Uncontrolled Resource Consumption.... Read more
Affected Products : dacenter- Published: Feb. 13, 2017
- Modified: Apr. 20, 2025