CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The web server in Certec atvise webMI2ADS aka webMI before 2.0.2 allows remote attackers to cause a denial of service application exit via an unspecified command in an HTTP request...

5CVSS7.1AI score0.13722EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:24 a.m.•5 views

CVE-2011-4881

The web server in Certec atvise webMI2ADS aka webMI before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted HTTP request...

5CVSS6.9AI score0.52365EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:51 a.m.•6 views

CVE-2011-4873

Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service daemon crash via crafted requests to TCP port 4840...

5CVSS6.9AI score0.00785EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:23 a.m.•8 views

CVE-2011-4880

Directory traversal vulnerability in the web server in Certec atvise webMI2ADS aka webMI before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request...

5CVSS7AI score0.16083EPSS

Exploits0References1

OSV•added 2022/06/17 6:15 p.m.•1 views

CVE-2022-21184

An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.9CVSS6.2AI score

Exploits0References1

CVE•added 2022/06/17 5:40 p.m.•63 views

CVE-2022-21184

The CVE-2022-21184 affects Bachmann Visutec GmbH Atvise 3.5.4, 3.6, and 3.7. The root cause is an information disclosure in the License registration flow where login credentials are sent in plaintext over HTTP, enabling credential exposure via a man-in-the-middle attack. Documented impact is disc...

5.9CVSS5.3AI score0.00111EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/06/17 5:40 p.m.•14 views

CVE-2022-21184

5.9CVSS5.6AI score0.00111EPSS

Exploits0References1

Vulnrichment•added 2022/06/17 5:40 p.m.•4 views

CVE-2022-21184

5.9CVSS5.4AI score0.00111EPSS

Exploits0References1

Talos•added 2022/06/15 12:0 a.m.•55 views

Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability

Summary An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this...

5.9CVSS5.6AI score0.00111EPSS

Exploits0

CNNVD•added 2022/06/15 12:0 a.m.•1 views

Bachmann Visutec GmbH Atvise 安全漏洞

Bachmann Visutec GmbH Atvise is a full-featured networked HMI and SCADA system using pure network technology from Bachmann Visutec GmbH of Austria. A security vulnerability exists in Bachmann Visutec GmbH Atvise versions 3.5.4, 3.6, and 3.7 that stems from an information disclosure issue in the...

5.9CVSS6AI score0.00111EPSS

Exploits0References3

ICS•added 2018/08/22 12:0 p.m.•36 views

Certec Atvise Server Remote DOS

Overview Independent researcher Luigi Auriemma has identified a denial of service DoS vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability. Affected Products Atvise...

5CVSS7AI score0.00785EPSS

Exploits0References19

OSV•added 2017/05/06 12:29 a.m.•1 views

CVE-2017-6031

A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution...

8.8CVSS6AI score

Exploits0References2