Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aveva vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6142
DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA 2010 R2 through 2010 R3.1 and SCADA Expert ClearSCADA 2013 R1 through 2013 R1.2 allows remote malicious users to cause a denial of service (resource consumption) via IP packets containing errors that trigger event...
Aveva Clearscada 2010
Aveva Clearscada 2013
NA
CVE-2014-0779
The PLC driver in ServerMain.exe in the Kepware KepServerEX 4 component in Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R2 build 71.4165, 2010 R2.1 build 71.4325, 2010 R3 build 72.4560, 2010 R3.1 build 72.4644, 2013 R1 build 73.4729, 2013 R1.1 build 73.4832, 2013 ...
Aveva Clearscada 2013
Aveva Clearscada 2010
7.2
CVSSv3
CVE-2021-32981
AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the...
Aveva System Platform
Aveva System Platform 2020
7.2
CVSSv3
CVE-2021-32985
AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid.
Aveva System Platform
Aveva System Platform 2020
9.8
CVSSv3
CVE-2021-33008
AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity.
Aveva System Platform
Aveva System Platform 2020
7.5
CVSSv3
CVE-2021-33010
An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition.
Aveva System Platform
Aveva System Platform 2020
7.2
CVSSv3
CVE-2021-32977
AVEVA System Platform versions 2017 through 2020 R2 P01 does not verify, or incorrectly verifies, the cryptographic signature for data.
Aveva System Platform
Aveva System Platform 2020
9.8
CVSSv3
CVE-2018-10628
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remot...
Aveva Intouch 2017 -
Aveva Intouch 2014 R2
NA
CVE-2015-0997
Schneider Electric InduSoft Web Studio prior to 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 prior to 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote malicious users to obtain access via a brute-force pass...
Aveva Aveva Edge
Schneider-electric Wonderware Intouch 2014
NA
CVE-2015-0998
Schneider Electric InduSoft Web Studio prior to 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 prior to 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote malicious users to obtain sensitive information by sniffing the network.
Aveva Aveva Edge
Schneider-electric Wonderware Intouch 2014
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »