Filtered by vendor Honeywell
Subscriptions
Total
87 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-7907 | 1 Honeywell | 2 Midas Black Firmware, Midas Firmware | 2015-12-22 | N/A |
Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors. | ||||
CVE-2015-7908 | 1 Honeywell | 4 Midas, Midas Black, Midas Black Firmware and 1 more | 2015-12-21 | N/A |
Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow remote attackers to discover cleartext passwords by sniffing the network. | ||||
CVE-2015-2848 | 1 Honeywell | 1 Tuxedo Touch | 2015-07-27 | N/A |
Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-automation commands, as demonstrated by a door-unlock command. | ||||
CVE-2015-2847 | 1 Honeywell | 1 Tuxedo Touch | 2015-07-27 | N/A |
Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream. | ||||
CVE-2014-8269 | 1 Honeywell | 1 Opos Suite | 2014-12-16 | N/A |
Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method. | ||||
CVE-2014-2717 | 1 Honeywell | 2 Falcon Xlweb Linux Controller, Falcon Xlweb Xlwebexe | 2014-07-25 | N/A |
Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page. | ||||
CVE-2011-0331 | 1 Honeywell | 1 Scanserver Activex Control | 2011-04-09 | N/A |
Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document. |