|
199151
|
7.5 |
HIGH
Network
|
br-automation
|
automation_studio
|
: Relative Path Traversal vulnerability in B&R Industrial Automation Automation Studio allows Relative Path Traversal.This issue affects Automation Studio: from 4.0 through 4.12.
|
CWE-22
Path Traversal
|
CVE-2021-22281
|
2024-11-21 14:49 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199152
|
7.2 |
HIGH
Network
|
elastic
|
kibana
|
It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, …
|
CWE-94
Code Injection
|
CVE-2021-22150
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199153
|
- |
|
-
|
-
|
Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.
|
-
|
CVE-2021-22280
|
2024-11-21 14:49 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199154
|
7.8 |
HIGH
Local
|
br-automation
|
automation_studio
|
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 th…
|
-
|
CVE-2021-22282
|
2024-11-21 14:49 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199155
|
4.3 |
MEDIUM
Network
|
elastic
|
apm_.net_agent
|
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22143
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199156
|
4.3 |
MEDIUM
Network
|
elastic
|
kibana
|
It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files…
|
CWE-22
Path Traversal
|
CVE-2021-22151
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199157
|
8.8 |
HIGH
Network
|
elastic
|
kibana
|
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbi…
|
NVD-CWE-Other
|
CVE-2021-22142
|
2024-11-21 14:49 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199158
|
5.5 |
MEDIUM
Local
|
abb
|
smu615_firmware
rec615_firmware
rer615_firmware
evd4_firmware
ref615r_firmware
rex640_pcl3_firmware
rex640_pcl2_firmware
rex640_pcl1_firmware
rer620_firmware
relion_611_fir…
|
Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Re…
|
CWE-665
Improper Initialization
|
CVE-2021-22283
|
2024-11-21 14:49 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199159
|
6.1 |
MEDIUM
Network
|
elastic
|
kibana
|
An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary websi…
|
CWE-601
Open Redirect
|
CVE-2021-22141
|
2024-11-21 14:49 |
2022-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199160
|
9.8 |
CRITICAL
Network
|
br-automation
|
studio
|
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.
|
CWE-20
Improper Input Validation
|
CVE-2021-22289
|
2024-11-21 14:49 |
2022-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
