Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-32987
Null pointer dereference in SuiteLink server while processing command 0x0b
Aveva Suitelink
5
CVSSv2
CVE-2021-32999
Improper handling of exceptional conditions in SuiteLink server while processing command 0x01
Aveva Suitelink
2.1
CVSSv2
CVE-2021-32942
The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location.
Aveva Intouch 2020 -
Aveva Intouch 2020 R2
Aveva Intouch 2017 -
7.5
CVSSv2
CVE-2020-13499
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable ...
Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
7.5
CVSSv2
CVE-2020-13500
SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to una...
Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
7.5
CVSSv2
CVE-2020-13501
An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable ...
Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
7.5
CVSSv2
CVE-2020-13504
Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
7.5
CVSSv2
CVE-2020-13505
Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.
Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053
5
CVSSv2
CVE-2019-13537
The IEC870IP driver for AVEVA’s Vijeo Citect and Citect SCADA and Schneider Electric’s Power SCADA Operation has a buffer overflow vulnerability that could result in a server-side crash.
Aveva Iec870ip Firmware
4
CVSSv2
CVE-2019-6525
AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. A user with low privileges could make use of an API to obtain the credentials for this account.
Aveva Wonderware System Platform
Aveva Wonderware System Platform 2017
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »