Edge Security Vulnerabilities
5CVSS
7.2AI Score
0.0005EPSS
5.4CVSS
7.1AI Score
0.0005EPSS
6.5CVSS
7.1AI Score
0.0004EPSS
A potential vulnerability were reported in the BIOS of some Desktop, Smart Edge, and ThinkStation products that could allow a local attacker with elevated privileges to write to NVRAM...
6.7CVSS
7.1AI Score
0.0004EPSS
4.3CVSS
7AI Score
0.0005EPSS
4.1CVSS
7AI Score
0.0004EPSS
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicious actor may be...
4.8CVSS
7.2AI Score
0.0004EPSS
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the...
7.4CVSS
8.4AI Score
0.0004EPSS
4.7CVSS
7AI Score
0.001EPSS
4.3CVSS
7AI Score
0.001EPSS
4.3CVSS
6.9AI Score
0.001EPSS
3.9CVSS
7.2AI Score
0.0005EPSS
4.7CVSS
7.2AI Score
0.001EPSS
4.3CVSS
7.1AI Score
0.0005EPSS
Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with....
8.8CVSS
8.9AI Score
0.001EPSS
The vulnerability, if exploited, could allow a malicious entity with access to the file system to achieve arbitrary code execution and privilege escalation by tricking AVEVA Edge to load an unsafe...
7.3CVSS
8.5AI Score
0.0004EPSS
8.2CVSS
6.9AI Score
0.001EPSS
4.3CVSS
7AI Score
0.0005EPSS
4.8CVSS
6.9AI Score
0.0005EPSS
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198), Solid Edge (All versions < V223.0.11). The affected applications contain an out of bounds read past the end of an al...
7.8CVSS
7.6AI Score
0.001EPSS
8.3CVSS
8AI Score
0.003EPSS
6.5CVSS
7.3AI Score
0.001EPSS
2.5CVSS
7.2AI Score
0.001EPSS
5.3CVSS
7.1AI Score
0.001EPSS
4.3CVSS
6.9AI Score
0.001EPSS
3.3CVSS
7AI Score
0.001EPSS
8.3CVSS
7.1AI Score
0.001EPSS
9.6CVSS
7.1AI Score
0.002EPSS
Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...
5.5CVSS
6.6AI Score
0.001EPSS
Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...
5.5CVSS
6.6AI Score
0.001EPSS
5.2CVSS
7.1AI Score
0.001EPSS
6.3CVSS
7AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the curren...
7.8CVSS
7.4AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the curren...
7.8CVSS
7.4AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the curren...
7.8CVSS
7.4AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the....
7.8CVSS
7.8AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
8AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
8AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
8AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
8AI Score
0.001EPSS
Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on...
7.5CVSS
6.8AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX....
6.5CVSS
7.5AI Score
0.001EPSS
A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250,...
5.9CVSS
7.3AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201,...
7.2CVSS
8AI Score
0.002EPSS
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be...
9.8CVSS
7.5AI Score
0.001EPSS
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB...
7.5CVSS
7.2AI Score
0.001EPSS
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts'...
5.3CVSS
7AI Score
0.001EPSS