CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

156 matches found

Open Automation Software OAS Platform V16.00.0121 - Missing Authentication

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

9.4CVSS7.3AI score0.8736EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 9:11 a.m.•10 views

CVE-2022-26067

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this...

7.5CVSS6.5AI score0.00376EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:58 a.m.•6 views

CVE-2023-31242

An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability...

9.8CVSS7.1AI score0.00021EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:40 a.m.•3 views

CVE-2022-26043

An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests t...

7.5CVSS6.6AI score0.00268EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:40 a.m.•6 views

CVE-2022-26026

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability...

7.5CVSS6.6AI score0.00398EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:40 a.m.•10 views

CVE-2022-26833

9.4CVSS6.9AI score0.8736EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:40 a.m.•5 views

CVE-2022-26077

A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff...

7.5CVSS6.2AI score0.00156EPSS

Exploits1References1