Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Johnson Controls

75 Products 58 CVEs

CVE Severity Distribution (All Time)

Critical
9
High
25
Medium
18
Low
1

Timeline Overview

Last 30 Days 0 CVEs
Last 6 Months 0 CVEs
Last Year 0 CVEs

Products

View all

exacqVision

2 Versions 6 CVEs

Metasys ADS/ADX/OAS server

2 Versions 6 CVEs

prior

7 Versions 5 CVEs

American Dynamics Illustra Essentials Gen 4

2 Versions 4 CVEs

exacqVision Web Service

3 Versions 3 CVEs

Recent CVEs

View all
CVE-2024-32862 MEDIUM 1 year, 1 month ago

Under certain circumstances the ExacqVision Web Services does not provide sufficient protection from untrusted domains.

CVE-2024-32758 UNKNOWN 1 year, 1 month ago

Under certain circumstances the communication between exacqVision Client and exacqVision Server will use insufficient key length and exchange

CVE-2024-32931 MEDIUM 1 year, 1 month ago

Under certain circumstances the exacqVision Web Service can expose authentication token details within communications.

CVE-2024-32865 MEDIUM 1 year, 1 month ago

Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.

CVE-2024-32864 MEDIUM 1 year, 1 month ago

Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)

CVE-2024-32863 MEDIUM 1 year, 1 month ago

Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)

CVE-2024-32861 HIGH 1 year, 1 month ago

Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions.

CVE-2024-32753 UNKNOWN 1 year, 2 months ago

Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party com…

CVE-2024-32759 UNKNOWN 1 year, 2 months ago

Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials.

CVE-2024-32754 LOW 1 year, 2 months ago

Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number…