Edge Security Vulnerabilities
5.2CVSS
5.1AI Score
0.001EPSS
6.3CVSS
6AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the curren...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the curren...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the curren...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the....
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...
7.8CVSS
7.5AI Score
0.001EPSS
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current...
7.8CVSS
7.7AI Score
0.001EPSS
Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on...
7.5CVSS
7.2AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX....
6.5CVSS
6.6AI Score
0.001EPSS
A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250,...
5.9CVSS
5.8AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201,...
7.2CVSS
7.4AI Score
0.002EPSS
An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be...
9.8CVSS
9.4AI Score
0.001EPSS
Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB...
7.5CVSS
7.5AI Score
0.001EPSS
An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts'...
5.3CVSS
5.1AI Score
0.001EPSS
4.3CVSS
4.5AI Score
0.001EPSS
Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:...
8.8CVSS
8.4AI Score
0.001EPSS
4.8CVSS
5.5AI Score
0.001EPSS
9.6CVSS
9AI Score
0.001EPSS
4.3CVSS
5AI Score
0.001EPSS
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to...
7.5CVSS
7.5AI Score
0.001EPSS
KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak...
9.1CVSS
9.2AI Score
0.001EPSS
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity:...
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root...
5.3CVSS
5.2AI Score
0.0004EPSS
6.6CVSS
6.5AI Score
0.001EPSS
4.3CVSS
4.5AI Score
0.001EPSS
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user with standard privileges to escalate to System privilege on the machine where these products are installed, resulting in complete compromise of the target...
7.8CVSS
7.8AI Score
0.0004EPSS
This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of...
7.1CVSS
6.8AI Score
0.0004EPSS
7.1CVSS
6.7AI Score
0.001EPSS
7.3CVSS
7.3AI Score
0.001EPSS
7.1CVSS
7.2AI Score
0.001EPSS
6.5CVSS
6AI Score
0.001EPSS
7.3CVSS
7.7AI Score
0.002EPSS
6.6CVSS
7AI Score
0.002EPSS
4.3CVSS
5.2AI Score
0.001EPSS
An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary code and obtain sensitive information via the cloud connection...
9.8CVSS
9.5AI Score
0.002EPSS
Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user...
5.5CVSS
6AI Score
0.001EPSS
An authenticated XCC user can change permissions for any user through a crafted API...
8.8CVSS
8.4AI Score
0.001EPSS
On affected Wago products an remote attacker with administrative privileges can access files to which he has already access to through an undocumented local file inclusion. This access is logged in a different log file than...
2.7CVSS
4.1AI Score
0.001EPSS
4.2CVSS
4.3AI Score
0.001EPSS
An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not...
7.8CVSS
7.5AI Score
0.001EPSS
Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS)...
4.4CVSS
4.9AI Score
0.0004EPSS
When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not...
7.5CVSS
7.5AI Score
0.0005EPSS
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Software versions which have reached End of Technical Support (EoTS) are not...
6.5CVSS
6.5AI Score
0.0005EPSS
When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource. Note:...
7.2CVSS
7AI Score
0.001EPSS