|
197381
|
7.8 |
HIGH
Local
|
br-automation
|
automation_studio
|
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 th…
|
-
|
CVE-2021-22282
|
2024-11-21 14:49 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197382
|
4.3 |
MEDIUM
Network
|
elastic
|
apm_.net_agent
|
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22143
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197383
|
4.3 |
MEDIUM
Network
|
elastic
|
kibana
|
It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files…
|
CWE-22
Path Traversal
|
CVE-2021-22151
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197384
|
8.8 |
HIGH
Network
|
elastic
|
kibana
|
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbi…
|
NVD-CWE-Other
|
CVE-2021-22142
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197385
|
5.5 |
MEDIUM
Local
|
abb
|
smu615_firmware
rec615_firmware
rer615_firmware
evd4_firmware
ref615r_firmware
rex640_pcl3_firmware
rex640_pcl2_firmware
rex640_pcl1_firmware
rer620_firmware
relion_611_fir…
|
Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Re…
|
CWE-665
Improper Initialization
|
CVE-2021-22283
|
2024-11-21 14:49 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197386
|
6.1 |
MEDIUM
Network
|
elastic
|
kibana
|
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary websi…
|
CWE-601
Open Redirect
|
CVE-2021-22141
|
2024-11-21 14:49 |
2022-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197387
|
9.8 |
CRITICAL
Network
|
br-automation
|
studio
|
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.
|
CWE-20
Improper Input Validation
|
CVE-2021-22289
|
2024-11-21 14:49 |
2022-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197388
|
5.4 |
MEDIUM
Adjacent
|
fortinet
|
fortitoken_mobile
|
A improper validation of certificate with host mismatch in Fortinet FortiTokenAndroid version 5.0.3 and below, Fortinet FortiTokeniOS version 5.2.0 and below, Fortinet FortiTokenWinApp version 4.0.3 …
|
CWE-295
Improper Certificate Validation
|
CVE-2021-22131
|
2024-11-21 14:49 |
2022-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197389
|
8.6 |
HIGH
Network
|
br-automation
|
automation_runtime
|
Buffer Overflow vulnerability in B&R Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service.
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-22275
|
2024-11-21 14:49 |
2022-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197390
|
5.9 |
MEDIUM
Network
|
sealevel
|
seaconnect_370w_firmware
|
An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An …
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-21967
|
2024-11-21 14:49 |
2022-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
