Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
honeywell vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-6179
Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). A(n) attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recom...
Honeywell Prowatch 4.5
NA
CVE-2014-8269
Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite prior to 1.13.4.15 allow remote malicious users to execute arbitrary code via a crafted file that is improperly handled by the Open method.
Honeywell Opos Suite
9.1
CVSSv3
CVE-2020-6972
In Notifier Web Server (NWS) Version 3.50 and previous versions, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.
Honeywell Notifier Webserver
9.8
CVSSv3
CVE-2020-6974
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an malicious user to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.
Honeywell Notifier Webserver
7.2
CVSSv3
CVE-2020-6978
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.
Honeywell Win-pak
8.8
CVSSv3
CVE-2020-6982
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution.
Honeywell Win-pak
8.8
CVSSv3
CVE-2020-7005
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an malicious user to remotely execute arbitrary code.
Honeywell Win-pak
5.3
CVSSv3
CVE-2019-13525
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote malicious users to obtain web configuration data, which can be accessed without authentication over the network.
Honeywell Ip-ak2 Firmware
9.8
CVSSv3
CVE-2023-3243
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash and utilize it to create new sessions. The hash is also a poorly salted MD5 hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommende...
Honeywell Alerton Bcm-web Firmware -
6.1
CVSSv3
CVE-2018-8714
Honeywell MatrikonOPC OPC Controller prior to 5.1.0.0 allows local users to transfer arbitrary files from a host computer and consequently obtain sensitive information via vectors related to MSXML libraries.
Honeywell Matrikonopc Explorer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »