CVE-2026-1495

CVE-2026-1495 concerns an information-insertion vulnerability in AVEVA PI to CONNECT Agent. The CVE describes that an attacker with Event Log Reader privileges (S-1-5-32-573) can access proxy details, including the proxy URL and credentials, from the PI to CONNECT event log files. This could enab...

AVEVA PI Data Archive

RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...

AVEVA PI Data Archive PI Server 安全漏洞

AVEVA PI Data Archive PI Server is a database engine developed by the British company AVEVA. There is a security vulnerability present in AVEVA PI Data Archive PI Server. This vulnerability stems from unhandled exceptions, which could allow unauthorized attackers to remotely crash core services a...

EUVD-2025-18217

Malicious code in bioql PyPI...

EUVD-2024-32054

Malicious code in bioql PyPI...

EUVD-2025-18216

Malicious code in bioql PyPI...

EUVD-2025-18212

Malicious code in bioql PyPI...

EUVD-2023-35588

Malicious code in bioql PyPI...

EUVD-2025-18215

Malicious code in bioql PyPI...

EUVD-2024-32053

Malicious code in bioql PyPI...

EUVD-2025-18213

Malicious code in bioql PyPI...

EUVD-2023-38428

Malicious code in bioql PyPI...

CVE-2025-54460 AVEVA PI Integrator Unrestricted Upload of File with Dangerous Type

The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...

AVEVA PI Integrator 安全漏洞

AVEVA PI Integrator is a business analysis tool from AVEVA UK. A security vulnerability exists in AVEVA PI Integrator that stems from the potential for authenticated users to retrieve sensitive information that could lead to additional access to downstream resources...

AVEVA PI Integrator 代码问题漏洞

AVEVA PI Integrator is a business analysis tool from AVEVA UK. AVEVA PI Integrator suffers from a code issue vulnerability that originates from an authenticated attacker who could upload and execute files...

CVE-2025-4418

An improper validation of integrity check value vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow a miscreant with elevated privileges to modify PI Connector for CygNet local data files cache and buffers in a way that causes the...

CVE-2025-2745

A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker with privileges to create/update annotations or upload media files to persist arbitrary JavaScript code that will be executed by users who were...

CVE-2025-44019

AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Depending on the timing of the crash, data present in snapshots/write cache may...

CVE-2025-36539

AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service...

CVE-2025-4417

A cross-site scripting vulnerability exists in AVEVA PI Connector for CygNet Versions 1.6.14 and prior that, if exploited, could allow an administrator miscreant with local access to the connector admin portal to persist arbitrary JavaScript code that will be executed by other users who visit...