Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
industrial-software vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-8840
A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.
Indusoft Web Studio
Industrial-software Intouch Machine Edition 2017
7.5
CVSSv3
CVE-2022-26067
An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to ...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
7.5
CVSSv3
CVE-2022-26077
A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attac...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
9.8
CVSSv3
CVE-2022-26082
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger thi...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
7.5
CVSSv3
CVE-2022-26043
An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a seque...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
7.5
CVSSv3
CVE-2022-26303
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of r...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
7.5
CVSSv3
CVE-2022-27169
An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to t...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
7.5
CVSSv3
CVE-2022-26026
A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnera...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
9.4
CVSSv3
CVE-2022-26833
An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigg...
Openautomationsoftware Oas Platform 16.00.0112
1 Article
5.5
CVSSv3
CVE-2022-21152
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.
Intel Edge Insights For Industrial
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »