Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-05 | CVE-2024-48845 | Unspecified vulnerability in ABB products Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | 9.8 |
| 2024-12-05 | CVE-2024-48847 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ABB products MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes. Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01 | 9.1 |
| 2024-12-05 | CVE-2024-51545 | Unspecified vulnerability in ABB products Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-51549 | Path Traversal vulnerability in ABB products Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.4 |
| 2024-12-05 | CVE-2024-51550 | Unspecified vulnerability in ABB products Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-51551 | Use of Hard-coded Credentials vulnerability in ABB products Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | 10.0 |
| 2024-12-05 | CVE-2024-51554 | Off-by-one Error vulnerability in ABB products Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-6784 | Server-Side Request Forgery (SSRF) vulnerability in ABB products Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.9 |
| 2024-12-05 | CVE-2024-12187 | SQL Injection vulnerability in 1000Projects Library Management System 1.0 A vulnerability was found in 1000 Projects Library Management System 1.0. | 9.8 |
| 2024-12-05 | CVE-2024-12188 | SQL Injection vulnerability in 1000Projects Library Management System 1.0 A vulnerability was found in 1000 Projects Library Management System 1.0. | 9.8 |