Vulnerabilities > Inductiveautomation
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-05-03 | CVE-2023-39473 | Unspecified vulnerability in Inductiveautomation Ignition Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 8.8 |
2024-05-03 | CVE-2023-39474 | Unspecified vulnerability in Inductiveautomation Ignition Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. | 8.8 |
2024-05-03 | CVE-2023-39475 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 9.8 |
2024-05-03 | CVE-2023-39476 | Deserialization of Untrusted Data vulnerability in Inductiveautomation Ignition Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. | 9.8 |
2024-05-03 | CVE-2023-39477 | Unspecified vulnerability in Inductiveautomation Ignition Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. | 7.5 |
2024-05-03 | CVE-2023-38121 | Cross-site Scripting vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability. | 9.0 |
2024-05-03 | CVE-2023-38122 | Unspecified vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. | 7.2 |
2024-05-03 | CVE-2023-38123 | Missing Authentication for Critical Function vulnerability in Inductiveautomation Ignition Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability. | 8.8 |
2022-08-05 | CVE-2022-1704 | Unspecified vulnerability in Inductiveautomation Ignition Due to an XML external entity reference, the software parses XML in the backup/restore functionality without XML security flags, which may lead to a XXE attack while restoring the backup. | 9.8 |
2022-07-25 | CVE-2022-35869 | Unspecified vulnerability in Inductiveautomation Ignition 8.1.15 This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). | 9.8 |