860 matches found
EUVD-2024-54567
Malicious code in bioql PyPI...
CISA Releases Fourteen Industrial Control Systems Advisories
CISA released fourteen Industrial Control Systems ICS advisories on September 9, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-252-01 Rockwell Automation ThinManager ICSA-25-252-02 ABB Cylon Aspect BMS/BAS...
ABB Cylon Aspect BMS/BAS
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to assume control of the target device or perform a denial-of-service DoS attack. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying...
Aspect-Oriented Programming in Secure Software Development: a Case Study of Security Aspects in Web Applications
Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming OOP often intertwines security logic with business functionality,...
CVE-2025-57773 Dataease DB2 Aspectweaver Deserialization Arbitrary File Write Vulnerability
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, because DB2 parameters are not filtered, a JNDI injection attack can be directly launched. JNDI triggers an AspectJWeaver deserialization attack, writing to various files. This vulnerability...
CVE-2025-7677
A denial-of-service DoS attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT...
CVE-2025-7679
The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT...
CVE-2025-53188
Insufficiently Protected Credentials vulnerability in ABB Aspect.This issue affects Aspect: before 3.08.04-s01...
CVE-2025-53189
Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects Aspect: from o before 3.08.04-s01...
CVE-2025-53187
Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access files, and make function calls without prio...
CVE-2025-53190
A vulnerability in ABB Aspect.This issue affects Aspect: before 3.08.04-s01...
CVE-2025-53191
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: before 3.08.04-s01...
CVE-2025-7679
The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT...
CVE-2025-7677
A denial-of-service DoS attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT...
CVE-2025-53191
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-53190
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-53188
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-53189
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-7679
ABB Aspect (ASPECT) BMS/BAS suffers an authentication bypass across all versions; root cause involves debugging code left in market release. ATT&CK/impact details: attacker could bypass login to access files, change system time, and invoke functions without authentication; DoS is possible if on l...
CVE-2025-7679 Session ID Basic Auth Bypass
The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT...