CVE-2025-67900

NXLog Agent before 6.11 can load a file specified by the OPENSSLCONF environment variable...

EUVD-2020-26959

Malware in sbrugna...

CVE-2023-30639

Archer Platform 6.8 before 6.12 P6 HF1 6.12.0.6.1 contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. 6.11.P4 6.11.0.4 is also a fixed release...

RHSA-2022:5498 Red Hat Security Advisory: Satellite 6.11 Release

Bulletin has no description...

RHEL 7 / 8 : Satellite 6.11 Release (Moderate) (RHSA-2022:5498)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5498 advisory. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and...

AMSS++ 6.11 SQL Injection

==================================================================================================================================== | Title : AMSS++ V 6.11 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 115.0.264-bit | |...

PT-2022-4525 · Ptc +1 · Thingworx Kepware Edge +4

Name of the Vulnerable Software and Affected Versions: Kepware KEPServerEX version 6.11.718.0 ThingWorx Kepware Server affected versions not specified ThingWorx Industrial Connectivity affected versions not specified ThingWorx Kepware Edge affected versions not specified PTC OPC-Aggregator affect...

CVE-2022-37316

Archer Platform 6.8 before 6.11 P3 6.11.0.3 contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 6.10.0.3.1 is also a fixed release...

CVE-2022-37317

Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. 6.10 P4 6.10.0.4 and 6.11 P2 HF4...

Improper access control

Archer Platform 6.8 before 6.11 P3 6.11.0.3 contains an improper API access control vulnerability in a multi-instance system that could potentially present unauthorized metadata to an authenticated user of the affected system. 6.10 P3 HF1 6.10.0.3.1 is also a fixed release...

Cross site scripting

Archer Platform 6.9 SP2 P2 before 6.11 P3 6.11.0.3 contain a reflected XSS vulnerability. A remote unauthenticated malicious Archer user could potentially exploit this vulnerability by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application...

CVE-2022-37318

Archer Platform vulnerable to a reflected XSS in versions prior to 6.11 P3 (6.11.0.3). The issue allows a remote, unauthenticated attacker to trick a victim user into submitting malicious JavaScript to the vulnerable web application, which is then reflected and executed in the browser context. Af...

CVE-2022-37317

Archer Platform 6.x before 6.11 P3 contain an HTML injection vulnerability. An authenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious code in the context of the web application. 6.10 P4 6.10.0.4 and 6.11 P2 HF4...

Satellite 6.11 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

Atlassian Confluence 6.11.x < 6.13.10 Man-In-The-Middle

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 6.11.x 6.13.10, 6.14.x 6.15.10, 7.0.1 7.0.5 or 7.1.x 7.1.2. It is, therefore, affected by a man-in-the-middle MITM vulnerability present in the Confluence Previews plugin. Note that t...

hivex security update

1.3.10-6.11 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950500...

Code injection

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...

Design/Logic Flaw

An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions ...

Code injection

An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affect...

CVE-2020-5801

An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed in FactoryTalk Linx 6.11. All versions of FactoryTalk Linx are affect...