📦 Ignition

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with SYSTEM privileges on Inductive Automation Ignition installations. The flaw exists in the ParameterVersionJavaS...

This is a cross-site scripting (XSS) vulnerability in Inductive Automation Ignition's OPC UA Quick Client web interface that allows remote code execution. Attackers can inject malicious scripts via th...

CVE-2022-35869 is an authentication bypass vulnerability in Inductive Automation Ignition that allows remote attackers to access protected functionality without credentials. This affects Ignition 8.1....

This vulnerability allows attackers to predict previously generated session IDs in Inductive Automation Ignition, enabling session hijacking. Attackers can take over active user sessions in Designer a...

This vulnerability allows remote attackers to execute arbitrary code on Inductive Automation Ignition installations by exploiting a directory traversal flaw in the getJavaExecutable method. Attackers ...

This vulnerability allows remote attackers to execute arbitrary code on Inductive Automation Ignition installations by exploiting insecure deserialization in the ResponseParser. Attackers can compromi...

This vulnerability in Inductive Automation Ignition allows authenticated remote attackers to execute arbitrary code with SYSTEM privileges by exploiting insecure deserialization in the ExtendedDocumen...

This vulnerability in Inductive Automation Ignition allows authenticated remote attackers to execute arbitrary code with SYSTEM privileges by exploiting insecure deserialization in the RunQuery class....

This vulnerability allows authenticated remote attackers to execute arbitrary code on Inductive Automation Ignition systems by exploiting insecure deserialization in the AbstractGatewayFunction class....

This vulnerability allows unauthenticated remote attackers to cause denial-of-service by sending excessive OPC UA ConditionRefresh requests to Inductive Automation Ignition servers, consuming all avai...

This vulnerability in Inductive Automation Ignition allows authenticated remote attackers to execute arbitrary code with SYSTEM privileges by exploiting an exposed dangerous function in the OPC UA Qui...

This vulnerability allows remote attackers to bypass authentication in Inductive Automation Ignition OPC UA Quick Client by exploiting missing authentication on password change functionality. Attacker...

This vulnerability allows remote attackers to execute arbitrary code on Inductive Automation Ignition installations by tricking users into opening malicious ZIP files. The flaw in ZIP file processing ...

This vulnerability allows unauthenticated remote attackers to execute arbitrary Python code with SYSTEM privileges on Inductive Automation Ignition installations. The flaw exists in the authenticateAd...