CVE-2026-12897

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...

CVE-2026-12897 Out-of-bounds read in Horner Automation Cscape

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...

CVE-2026-12897

Horner Automation Cscape shows an Out-of-Bounds Read vulnerability in versions prior to 10.2 SP3, caused by parsing CSP files. The issue can lead to information disclosure and arbitrary code execution. Affected product: Horner Automation Cscape. Root cause: improper handling during CSP file parsi...

CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...

Horner Automation多款产品 安全漏洞

Horner Automation Cscape is a product of the American company Horner Automation. Horner Automation Cscape is a programming software used for developing industrial control systems. Horner Automation XL7 PLC is an industrial programmable logic controller with integrated touchscreen and control...

Horner Automation Cscape and XL4, XL7 PLC

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...

CVE-2021-33015

Cscape All Versions prior to 9.90 SP5 lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write via an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process...

CVE-2021-22682

Cscape All versions prior to 9.90 SP4 is configured by default to be installed for all users, which allows full permissions, including read/write access. This may allow unprivileged users to modify the binaries and configuration files and lead to local privilege escalation...

CVE-2021-22678

Cscape All versions prior to 9.90 SP4 lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process...

EUVD-2019-16114

Malware in sbrugna...

EUVD-2021-19736

Malware in sbrugna...

EUVD-2021-19716

Malware in sbrugna...

EUVD-2021-19696

Malware in sbrugna...

EUVD-2019-4996

Malware in sbrugna...

EUVD-2019-5000

Malware in sbrugna...

EUVD-2018-10723

Malware in sbrugna...

EUVD-2023-12657

Malicious code in bioql PyPI...

EUVD-2023-12655

Malicious code in bioql PyPI...

EUVD-2023-35592

Malicious code in bioql PyPI...