2877 matches found
May 19, 2022—KB5015019 (OS Build 14393.5127) Out-of-band
May 19, 2022—KB5015019 OS Build 14393.5127 Out-of-band Note: To improve the information presented in the history pages and related KBs and make them more useful to our customers, we have created an anonymous survey for you to share your comments and feedback. 11/19/20 For information about Window...
OESA-2022-1660 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.CVE-2021-33061 A use after free in the Linux...
CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog
CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations migh...
ftcms arbitrary file writing vulnerability
ftcms is a content management system from ftcms. ftcms version 2.1 and previous versions have an arbitrary file write vulnerability, which originates from the lack of valid file checksum in admin/controllers/tp.php and can be exploited by attackers to cause arbitrary file writes...
May 10, 2022—KB5013952 (OS Build 14393.5125) - EXPIRED
May 10, 2022—KB5013952 OS Build 14393.5125 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- Note: To improve th...
CVE-2022-30060
ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...
CVE-2022-30059
Shopwind =v3.4.2 was discovered to contain a Arbitrary File Delete vulnerability via the neirong parameter at \backend\controllers\DbController.php...
Code injection
ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...
CVE-2022-30060
CVE-2022-30060 affects ftcms (
Siemens Desigo DXR和PXC Controllers拒绝服务漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
ftcms 安全漏洞
ftcms is a content management system from ftcms. ftcms version 2.1 and previous versions have an arbitrary file write vulnerability, which originates from the lack of valid file checksum in admin/controllers/tp.php and can be exploited by attackers to cause arbitrary file writes...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
The vulnerability of the HCI component, which operates on the Modbus TCP protocol, and is found in Hitachi Energy RTU500 CMU series programmable logic controllers, allows a attacker to trigger a system reboot.
The vulnerability of the HCI component, which operates on the Modbus TCP protocol and is part of the Hitachi Energy RTU500 CMU series programmable logic controllers, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to trigger a device reboot...
CVE-2021-41545
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. When the controller receives a specific BACnet protocol packet, an exception cause...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed several vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of authentication Remote code execution Administrator/SYSTEM...
多款Siemens产品代码问题漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
Rockwell Automation Logix Controllers Inclusion of Functionality From Untrusted Control Sphere (CVE-2022-1161)
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...
CVE-2021-34592
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields...
CVE-2021-34591
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd...