Vulnerabilities > Aveva
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-04 | CVE-2021-32981 | Path Traversal vulnerability in Aveva System Platform 2017/2020 AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. | 7.2 |
| 2022-04-04 | CVE-2021-32985 | Origin Validation Error vulnerability in Aveva System Platform 2017/2020 AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid. | 7.2 |
| 2022-04-04 | CVE-2021-33008 | Missing Authentication for Critical Function vulnerability in Aveva System Platform 2017/2020 AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity. | 9.8 |
| 2022-04-04 | CVE-2021-33010 | Unspecified vulnerability in Aveva System Platform 2017/2020 An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition. | 7.5 |
| 2021-09-23 | CVE-2021-32959 | Heap-based Buffer Overflow vulnerability in Aveva Suitelink Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06 | 9.8 |
| 2021-09-23 | CVE-2021-32963 | NULL Pointer Dereference vulnerability in Aveva Suitelink Null pointer dereference in SuiteLink server while processing commands 0x03/0x10 | 7.5 |
| 2021-09-23 | CVE-2021-32971 | NULL Pointer Dereference vulnerability in Aveva Suitelink Null pointer dereference in SuiteLink server while processing command 0x07 | 7.5 |
| 2021-09-23 | CVE-2021-32979 | NULL Pointer Dereference vulnerability in Aveva Suitelink Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a | 7.5 |
| 2021-09-23 | CVE-2021-32987 | NULL Pointer Dereference vulnerability in Aveva Suitelink Null pointer dereference in SuiteLink server while processing command 0x0b | 7.5 |
| 2021-09-23 | CVE-2021-32999 | Improper Handling of Exceptional Conditions vulnerability in Aveva Suitelink Improper handling of exceptional conditions in SuiteLink server while processing command 0x01 | 7.5 |