VYPR
Vendor

The Ignition Project

Products
3
CVEs
8
Across products
8
Status
Private

Products

3

Recent CVEs

8
  • CVE-2020-14520HigJul 31, 2020
    risk 0.49cvss 7.5epss 0.01

    The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13).

  • CVE-2020-12000HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.01

    The affected product is vulnerable to the handling of serialized data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway…

  • CVE-2020-10641HigApr 28, 2020
    risk 0.49cvss 7.5epss 0.01

    An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. This results in consuming the entire available hard-disk space on the Ignition 8 Gateway (versions prior to 8.0.10), causing a…

  • CVE-2022-1264MedJul 20, 2022
    risk 0.44cvss 6.8epss 0.01

    The affected product may allow an attacker with access to the Ignition web configuration to run arbitrary code.

  • CVE-2005-1641May 17, 2005
    risk 0.00cvss epss 0.00

    mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allows IRC users to cause a denial of service.

  • CVE-2005-1640May 17, 2005
    risk 0.00cvss epss 0.02

    mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not properly verify whether a host has the owner privileges required to delete IRC channel access entries, which allows remote attackers to bypass intended restrictions.

  • CVE-2004-2431Dec 31, 2004
    risk 0.00cvss epss 0.03

    Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 through 0.3.1, with the linking service enabled, allows remote attackers to bypass authentication.

  • CVE-2004-2553Dec 31, 2004
    risk 0.00cvss epss 0.02

    The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.