CVEs (11)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microchip 1Timeprovider 4100 Firmware Mar 31, 2026 Feb 24, 2026 5.7 MEDIUM· v4 4.1 MEDIUM· v3 N/A· v2 Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5. |
1Microchip 1Timeprovider 4100 Firmware Mar 31, 2026 Oct 20, 2025 7.1 HIGH· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip Time Provider 4100 allows SQL Injection.This issue affects Time Provider 4100: before 2.5. |
1Microchip 1Timeprovider 4100 Firmware Mar 31, 2026 Oct 20, 2025 8.9 HIGH· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5. |
1Microchip 1Timeprovider 4100 Firmware Mar 31, 2026 Oct 20, 2025 8.9 HIGH· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Microchip Time Provider 4100 allows OS Command Injection.This issue affects Time Provider 4100: before 2.5. |
1Microchip 1Timeprovider 4100 Firmware Sep 29, 2025 Oct 4, 2024 8.5 HIGH· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 (Configuration modules)...Show more |
1Microchip 1Timeprovider 4100 Firmware Oct 17, 2024 Oct 4, 2024 6.3 MEDIUM· v4 6.5 MEDIUM· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Microchip TimeProvider 4100 (Data plot modules) allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 be...Show more |
1Microchip 1Timeprovider 4100 Firmware Oct 16, 2024 Oct 4, 2024 7.7 HIGH· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This issue affects TimePr...Show more |
1Microchip 1Timeprovider 4100 Firmware Oct 16, 2024 Oct 4, 2024 5.4 MEDIUM· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects TimeProvider 4100: from...Show more |
1Microchip 1Timeprovider 4100 Firmware Sep 29, 2025 Oct 4, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7. |
1Microchip 1Timeprovider 4100 Firmware Aug 29, 2025 Oct 4, 2024 8.7 HIGH· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0. |
1Microchip 1Timeprovider 4100 Firmware Nov 1, 2024 Oct 4, 2024 8.7 HIGH· v4 6.1 MEDIUM· v3 N/A· v2 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0. |