Vulnerabilities (CVE)

Filtered by vendor Honeywell Subscribe
Filtered by product Win-pak
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7005 1 Honeywell 1 Win-pak 2024-11-21 6.8 MEDIUM 8.8 HIGH
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code.
CVE-2020-6982 1 Honeywell 1 Win-pak 2024-11-21 5.8 MEDIUM 8.8 HIGH
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution.
CVE-2020-6978 1 Honeywell 1 Win-pak 2024-11-21 6.4 MEDIUM 7.2 HIGH
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries.