CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

RedhatCVE•added 2026/01/09 9:59 a.m.•4 views

CVE-2020-7482

A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could cause a Reflective Cross-site Scripting XSS attack when using the products' web server...

6.1CVSS6.6AI score0.00317EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-16407

Malware in sbrugna...

6.1CVSS6.3AI score0.00301EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-28607

Malware in sbrugna...

6.1CVSS6.3AI score0.00317EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28605

Malware in sbrugna...

9.8CVSS9.2AI score0.00571EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-28606

Malware in sbrugna...

6.1CVSS6.3AI score0.00317EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 3:8 p.m.•6 views

CVE-2020-7480

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists in Andover Continuum All versions, which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data...

9.8CVSS7AI score0.00571EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:8 p.m.•3 views

CVE-2020-7481

A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could enable a successful Cross-site Scripting XSS attack when using the products' web server...

6.1CVSS6.6AI score0.00317EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:48 a.m.•3 views

CVE-2019-6853

A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702 , which could enable a successful Cross-site Scripting XSS attack when using the products web server...

6.1CVSS6.5AI score0.00301EPSS

Exploits0References1

CNVD•added 2020/03/24 12:0 a.m.•2 views

Andover Continuum Code Injection Vulnerability

Andover Continuum is a BACnet building management system from Schneider Electric. A code injection vulnerability exists in Andover Continuum. The vulnerability stems from improper control over code generation. An attacker could use this vulnerability to read files on the application server file...

9.8CVSS7.4AI score0.00571EPSS

Exploits0References1

CNVD•added 2020/03/24 12:0 a.m.•0 views

Andover Continuum Cross-Site Scripting Vulnerability (CNVD-2020-19526)

Andover Continuum is a BACnet building management system from Schneider Electric. A cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to conduct a...

6.1CVSS6.2AI score0.00317EPSS

Exploits0References1

CNVD•added 2020/03/24 12:0 a.m.•1 views

Schneider Electric Andover Continuum Cross-Site Scripting Vulnerability

Schneider Electric Andover Continuum is a suite of building automation solutions from the French company Schneider Electric. The product includes features such as heating ventilation and air conditioning and access control. A cross-site scripting vulnerability exists in Schneider Electric Andover...

6.1CVSS6.3AI score0.00317EPSS

Exploits0References1

CNVD•added 2020/03/24 12:0 a.m.•1 views

Andover Continuum Cross-Site Scripting Vulnerability

Andover Continuum is a BACnet building management system from Schneider Electric. A reflected cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to...

6.1CVSS6.2AI score0.00317EPSS

Exploits0References1

NVD•added 2020/03/23 8:15 p.m.•8 views

CVE-2020-7482

6.1CVSS6.1AI score0.00317EPSS

Exploits0References1

NVD•added 2020/03/23 8:15 p.m.•9 views

CVE-2020-7481

6.1CVSS6.1AI score0.00317EPSS

Exploits0References1

NVD•added 2020/03/23 8:15 p.m.•13 views

CVE-2020-7480

9.8CVSS9.4AI score0.00571EPSS

Exploits0References1

Prion•added 2020/03/23 8:15 p.m.•16 views

Cross site scripting

4.3CVSS6AI score0.00317EPSS

Exploits0References1

Prion•added 2020/03/23 8:15 p.m.•16 views

Code injection

7.5CVSS9.2AI score0.00571EPSS

Exploits0References1

Prion•added 2020/03/23 8:15 p.m.•8 views

Cross site scripting

4.3CVSS6.1AI score0.00317EPSS

Exploits0References1

CVE•added 2020/03/23 7:24 p.m.•43 views

CVE-2020-7480

CVE-2020-7480 concerns Andover Continuum (all versions) with a CWE-94 code injection flaw. The vulnerability arises from improper control over code generation during XML data processing, enabling an attacker to view files on the application server filesystem. Connected sources confirm the affecte...

9.8CVSS9.3AI score0.00571EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/03/23 7:24 p.m.•15 views

CVE-2020-7480

9.5AI score0.00571EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by