EUVD-2002-2005

Malware in sbrugna...

EUVD-2021-21407

Malware in sbrugna...

EUVD-2021-21394

Malware in sbrugna...

EUVD-2019-17165

Malware in sbrugna...

EUVD-2023-12155

Malicious code in bioql PyPI...

CLSA-2025-1753086336 Update of alt-php

Bump ABI 5.4.0-220...

PT-2023-4465 · D Link · D-Link Dir-880L +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-842 version fw revA 1-02 eu multi 20151008 D-Link DIR-880 version A1 Description: The issue is related to buffer overflow errors in the fgets function of the D-Link DIR-880 and DIR-842 firmware. This can be exploited by a remote...

Amazon Linux 2023 : ncurses, ncurses-base, ncurses-c++-libs (ALAS2023-2023-220)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-220 advisory. ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corruption via malformed data in a terminfo database file that is found in...

220-host.das.uk.com Cross Site Scripting vulnerability OBB-3279083

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-0053

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could...

Design/Logic Flaw

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

CVE-2023-0052 SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol FTP are the only protocols available for device management, an unauthorized user could acce...

CVE-2023-0052

SAUTER Controls Nova 200–220 Series (firmware 3.3-006 and earlier) and BACnetstac 4.2.1 and earlier are affected by CVE-2023-0052 due to missing authentication for a critical function, allowing command execution without credentials. Telemetry shows Telnet and FTP are the only device-management pr...

CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released several Industrial Control Systems ICS advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio...

PT-2023-15973 · Sauter · Sauter Controls Nova 200–220 Series

Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior BACnetstac versions 4.2.1 and prior Description: The issue affects device management, where sensitive information such as credentials is sent in cleartext through FTP and Telnet...

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

SAUTER Controls Nova 200 - 220 Series (PLC 6)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SAUTER Controls Equipment: Nova 200–220 Series PLC 6 Vulnerabilities: Missing Authentication for Critical Function, Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful...

PT-2023-7518 · Sauter · Sauter Controls Nova 106 +2

Name of the Vulnerable Software and Affected Versions: SAUTER Controls Nova 200–220 Series versions 3.3-006 and prior SAUTER Controls Nova 230 versions affected versions not specified SAUTER Controls Nova 106 versions affected versions not specified BACnetstac version 4.2.1 and prior Description:...

Amazon Linux 2022 : polkit (ALAS2022-2022-220)

The version of polkit installed on the remote host is prior to 0.117-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-220 advisory. - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid to...

PYSEC-2022-220

Reserved The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.0-1.4.2...