Schneider Electric Modicon Controllers Cross-Site Scripting Vulnerability (CNVD-2025-15353)

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Modicon Controllers that originates from improper input neutralization during web page generation...

Schneider Electric Modicon Controllers Input Validation Error Vulnerability (CNVD-2025-15352)

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. An input validation error vulnerability exists in Schneider Electric Modicon Controllers that stems from improper input validation and can be exploited by an...

Schneider Electric Modicon Controllers Cross-Site Scripting Vulnerability (CNVD-2025-15351)

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. A cross-site scripting vulnerability exists in Schneider Electric Modicon Controllers that originates from improper input neutralization during web page generation...

Schneider Electric Modicon Controllers Cross-Site Scripting Vulnerability

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. A cross-site scripting vulnerability exists in Schneider Electric Modicon Controllers that originates from improper input neutralization during web page generation...

PT-2025-27953 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue in the Linux kernel has been resolved. The issue occurred because the igen6 edac driver checked all memory controllers, including a disabled one,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from xhciplatremove not properly handling shared HCDs, which could lead to null pointer dereferencing...

Astra Linux – Vulnerability in Intel Microcode

Incorrect default permissions in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privileges through local access...

CyFence: Securing Cyber-Physical Controllers Via Trusted Execution Environment

In the last decades, Cyber-physical Systems CPSs have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks. Since many CPS are used in safety-critical systems, such attacks entail high risks and potential safety harms...

Securing Open RAN: a Survey of Cryptographic Challenges and Emerging Solutions for 5G

The advent of Open Radio Access Networks O-RAN introduces modularity and flexibility into 5G deployments but also surfaces novel security challenges across disaggregated interfaces. This literature review synthesizes recent research across thirteen academic and industry sources, examining...

VulnCheck KEV: CVE-2025-20188

A vulnerability in the Out-of-Band Access Point AP Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected...

Schneider Electric Modicon Controllers 跨站脚本漏洞

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. A cross-site scripting vulnerability exists in Schneider Electric Modicon Controllers that originates from improper input neutralization during web page generation...

Schneider Electric Modicon Controllers 跨站脚本漏洞

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Modicon Controllers that originates from improper input neutralization during web page generation...

Schneider Electric Modicon Controllers 输入验证错误漏洞

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. An input validation error vulnerability exists in Schneider Electric Modicon Controllers that stems from improper input validation and can be exploited by an...

Schneider Electric Modicon Controllers 输入验证错误漏洞

Schneider Electric Modicon Controllers are a series of Modicon series programmable logic controllers from Schneider Electric, France. An input validation error vulnerability exists in Schneider Electric Modicon Controllers that stems from improper input validation and can be exploited by an...

PT-2025-24626 · Schneider Electric · Modicon Controllers M241/M251

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An Uncontrolled Resource Consumption issue exists, potentially causing Denial of Service. This occurs when an authenticated malicious user sends a manipulated HTTPS Content-Length header to...

PT-2025-24635 · Schneider Electric · Modicon Controllers M241/M251 +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Cross-site Scripting issue exists due to improper neutralization of input during web page generation. This could allow an authenticated malicious user to inject unvalidated data, potential...

PT-2025-24627 · Schneider Electric · Modicon Controllers M241/M251 +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Denial of Service issue exists due to improper input validation. This occurs when an authenticated malicious user sends a special malformed HTTPS request containing improperly formatted bo...

PT-2025-24630 · Schneider Electric · Modicon Controllers M241/M251 +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Cross-site Scripting issue exists, impacting system variables. This could allow an authenticated malicious user to inject unvalidated data, potentially modifying or reading data in a...

PT-2025-24628 · Schneider Electric · Modicon Controllers M241/M251 +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A Denial of Service issue exists due to improper input validation. This occurs when an authenticated malicious user sends an HTTPS request containing an invalid data type to the web server...

OESA-2025-1589 microcode_ctl security update

This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Improper conditions check in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local...