Lucene search
K

428 matches found

NVD
NVD
added 2026/06/26 11:16 a.m.10 views

CVE-2026-57913

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 11:16 a.m.9 views

CVE-2026-57912

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 10:6 a.m.35 views

CVE-2026-57913

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:6 a.m.8 views

EUVD-2026-39644

Johnson & Johnson Audit Tracking Management System ATMS before 2026-04-21 allows viewing of meeting minutes and transcripts...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 10:4 a.m.34 views

CVE-2026-57912

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 10:4 a.m.8 views

CVE-2026-57912

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 10:4 a.m.14 views

CVE-2026-57912

This CVE concerns the Johnson & Johnson Campus Recruiting web application (pre-2025-10-31), where data provided by recruited students and notes entered by interviewers may be viewed by unauthorized parties. The vulnerability implies an exposure of personal/student data with no available details o...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:4 a.m.8 views

EUVD-2026-39643

Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.8 views

CVE-2026-21661

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3...

8.4CVSS5.4AI score0.00108EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 5:16 p.m.16 views

CVE-2026-21661

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3...

8.4CVSS0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 4:21 p.m.9 views

CVE-2026-21661 AC2000 Uncontrolled Search Path Element

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 4:21 p.m.7 views

CVE-2026-21661

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 4:21 p.m.20 views

CVE-2026-21661

The CVE-2026-21661 entry concerns Johnson Controls AC2000 on Windows with an Uncontrolled Search Path Element/vulnerability that, per connected sources, is exploited via DLL hijacking. Affected behavior allows a standard user to escalate privileges on the host by manipulating configuration/file s...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Johnson Controls AC2000 代码问题漏洞

Johnson Controls AC2000 is an enterprise-level access control and security management system developed by Johnson Controls. There is a code vulnerability in Johnson Controls AC2000, which stems from uncontrolled search path elements, potentially allowing the search path in configuration files to ...

8.4CVSS5.9AI score0.00108EPSS
Exploits0References1
ICS
ICS
added 2026/05/05 6:0 a.m.10 views

Johnson Controls CEM AC2000

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow a standard user to escalate privileges on the host machine. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

8.4CVSS5.8AI score0.00108EPSS
Exploits0References13
EUVD
EUVD
added 2026/02/27 9:30 a.m.7 views

EUVD-2026-9013

Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection.This issue affects Frick Controls Quantum HD version 10.22 and prior...

8.8CVSS6AI score0.00626EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/27 9:30 a.m.4 views

EUVD-2026-9010

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection.This issue affects Frick Controls Quantum HD version 10.22 and prior...

8.8CVSS5.9AI score0.01506EPSS
Exploits0References3
OSV
OSV
added 2026/02/27 9:16 a.m.4 views

CVE-2026-21654

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...

9.8CVSS5.8AI score0.01506EPSS
Exploits0References2
NVD
NVD
added 2026/02/27 9:16 a.m.10 views

CVE-2026-21654

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security o...

9.8CVSS0.01506EPSS
Exploits0References2
CVE
CVE
added 2026/02/27 9:8 a.m.29 views

CVE-2026-21659

The CVE-2026-21659 entry describes an unauthenticated Remote Code Execution and Information Disclosure due to a Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD (versions prior to 10.22). Affected component is the Frick Quantum HD system; root cause is LFI le...

9.8CVSS6.3AI score0.00909EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder