Filtered by vendor Honeywell
Subscribe
Search
Total
55 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-2847 | 1 Honeywell | 1 Tuxedo Touch | 2015-07-27 | 5.0 MEDIUM | N/A |
| Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream. | |||||
| CVE-2014-8269 | 1 Honeywell | 1 Opos Suite | 2014-12-16 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method. | |||||
| CVE-2014-2717 | 1 Honeywell | 2 Falcon Xlweb Linux Controller, Falcon Xlweb Xlwebexe | 2014-07-25 | 7.6 HIGH | N/A |
| Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page. | |||||
| CVE-2013-0108 | 1 Honeywell | 3 Comfortpoint Open Manager Station, Enterprise Buildings Integrator, Symmetre | 2013-02-25 | 6.8 MEDIUM | N/A |
| An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2011-0331 | 1 Honeywell | 1 Scanserver Activex Control | 2011-04-09 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||