24 matches found
EUVD-2020-28145
Malware in sbrugna...
EUVD-2020-28122
Malware in sbrugna...
EUVD-2020-28118
Malware in sbrugna...
CVE-2020-7005
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code...
CVE-2020-6978
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries...
CVE-2020-6982
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution...
CVE-2020-6982
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution...
CVE-2020-6978
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries...
CVE-2020-6978
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries...
CVE-2020-6982
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution...
Design/Logic Flaw
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries...
Design/Logic Flaw
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution...
CVE-2020-7005
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code...
CVE-2020-7005
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code...
Cross site request forgery (csrf)
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code...
CVE-2020-6978
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries...
CVE-2020-6978
CVE-2020-6978 affects Honeywell WIN-PAK Web (and prior) versions, caused by using obsolete jQuery libraries. The Red Hat/NVD/CRON-derived records align on a Web front-end flaw enabling remote code execution under certain conditions, with CVSSv3 base score 7.2 (HIGH) and vector AV:N/AC:L/PR:N/UI:N...
CVE-2020-6982
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution...
CVE-2020-6982
CVE-2020-6982 is a header-injection vulnerability in Honeywell WIN-PAK 4.7.2 (Web and prior). The root cause is improper handling of HTTP headers enabling remote code execution with no authentication and no user interaction required (CVSS v3.1: 8.8, AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Affected ...
CVE-2020-7005
Honeywell WIN-PAK 4.7.2 (Web and prior versions) is affected by CVE-2020-7005: a cross-site request forgery vulnerability that may allow remote code execution. Affected product: WIN-PAK, a monitoring system; vulnerable component: web interface handling CSRF. Impact: remote code execution with hig...