CVE-2026-34026

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

CVE-2026-34027 Upload restriction bypass in Wertheim SafeController Software allows authenticated users to upload arbitrary files

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains insufficient server-side file type validation in the /safe/contract/uploadcustomdocuments endpoint. The application validates uploaded files based on the user-controlled HTTP Content-Type value and accepts the upload ...

EUVD-2025-201818

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks...

EUVD-2025-201834

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user...

CVE-2025-36017

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user...

EUVD-2020-29425

Malware in sbrugna...

EUVD-2021-13768

Malware in sbrugna...

EUVD-2024-19440

Malicious code in bioql PyPI...

PT-2025-39647

Name of the Vulnerable Software and Affected Versions IBM Cognos Controller versions 11.0.0 through 11.0.1 IBM Controller versions 11.1.0 through 11.1.1 Description The software uses hardcoded cryptographic keys for signing session cookies, potentially allowing an attacker to obtain sensitive...

Delta Electronics DTM 安全漏洞

Delta Electronics DTN Soft is a temperature controller software from Delta Electronics China. A code execution vulnerability exists in Delta Electronics DTN due to deserialization of untrustworthy data. An attacker can exploit this vulnerability to execute arbitrary code on the system...

The vulnerability of the Microprogrammed Servo Device Software of Kinetix 5700 A, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the Kinetix 5700 A servo-controller’s microprogramming software is related to uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of deserialization mechanisms. This allows attackers to escalate their privileges, execute arbitrary code, or cause service failures.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the deserialization mechanism. Exploiting these vulnerabilities can allow attackers to enhance their privileges...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability of the Routed PON Controller Software component in the Cisco IOS XR operating system of Cisco NCS 540 Series Routers, NCS 5500 Series Routers, and NCS 5700 Series Routers allows attackers to execute arbitrary commands.

The vulnerability of the Routed PON Controller Software in Cisco IOS XR routers from the Cisco NCS 540 Series, NCS 5500 Series, and NCS 5700 Series routers exists due to the lack of measures taken to neutralize specific elements used in the operating system commands. Exploiting this vulnerability...

CVE-2024-31079 vulnerabilities

Vulnerabilities for packages: nginx-mainline, nginx-stable...

Design/Logic Flaw

Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-32638

Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access...

The vulnerability of the DHCP service provided by microprogramming software for controllers such as APOGEE MBC, APOGEE MEC, APOGEE PXC, Desigo PXC, TALON TC, and the operating system Nucleus allows a perpetrator to trigger a service failure.

The vulnerability of the DHCP service provided by microprogramming software for controllers such as APOGEE MBC, APOGEE MEC, APOGEE PXC, Desigo PXC, TALON TC, and the operating system Nucleus lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicio...