Vulnerabilities > Rockwellautomation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-26 | CVE-2018-19615 | Cross-site Scripting vulnerability in Rockwellautomation Powermonitor 1000 Firmware 1408Em3Aentb Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. | 6.1 |
| 2018-05-14 | CVE-2018-8843 | Use After Free vulnerability in Rockwellautomation Arena Rockwell Automation Arena versions 15.10.00 and prior contains a use after free vulnerability caused by processing specially crafted Arena Simulation Software files that may cause the software application to crash, potentially losing any unsaved data.. | 5.5 |
| 2018-04-05 | CVE-2017-12093 | Resource Exhaustion vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before. | 5.3 |
| 2017-05-06 | CVE-2017-6024 | Resource Exhaustion vulnerability in Rockwellautomation products A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011. | 5.9 |
| 2016-04-06 | CVE-2016-2277 | Improper Access Control vulnerability in Rockwellautomation Integrated Architecture Builder 9.6.0.7/9.7.0.0/9.7.0.1 IAB.exe in Rockwell Automation Integrated Architecture Builder (IAB) before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file. | 6.3 |
| 2016-03-02 | CVE-2016-2279 | Cross-site Scripting vulnerability in Rockwellautomation products Cross-site scripting (XSS) vulnerability in the web server in Rockwell Automation Allen-Bradley CompactLogix 1769-L* before 28.011+ allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |