11 matches found
Security Bulletin: Information disclosure vulnerability affects IBM Business Automation Workflow - CVE-2024-38321
Summary IBM Business Automation Workflow is vulnerable to an information disclosure attack. Vulnerability Details CVEID:CVE-2024-38321 DESCRIPTION: IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations th...
The vulnerability of the Vijeo Designer software lies in its insecure handling of privileges, allowing attackers to perform arbitrary actions.
The vulnerability of the Vijeo Designer software is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to perform arbitrary actions...
Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008
Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON input, a...
Security Bulletin: Denial of Service vulnerability in Apache commons-fileupload may affect IBM Business Automation Workflow (CVE-2023-24998)
Summary IBM Business Automation Workflow packages a vulnerable copy of Apache commons-fileupload in its /BPM/Lombardi/lib directory. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number o...
Rockwellautomation Rslinx Improper Input Validation
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...
CVE-2020-11999
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...
Race condition
Products that use EDS Subsystem: Version 28.0.1 and prior FactoryTalk Linx software Previously called RSLinx Enterprise: Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and...
Memory corruption
Products that use EDS Subsystem: Version 28.0.1 and prior FactoryTalk Linx software Previously called RSLinx Enterprise: Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and...
CVE-2017-14020
In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...
CVE-2017-14020
CVE-2017-14020 affects AutomationDirect products including CLICK Programming Software (C0-PGMSW) <= v2.10, C-More Programming Software (EA9-PGMSW) <= v6.30, C-More Micro (EA-PGMSW) <= v4.20.01.0, Do-more Designer (DM-PGMSW) <= v2.0.3, GS Drives (GSOFT) <= v4.0.6, SL-SOFT SOLO (SL-S...
Fatek Automation PM Designer Remote Command Execution Vulnerability
Fatek Automation PM Designer is a programmable logic controller from Fatek Automation. A remote code execution vulnerability exists in Fatek Automation PM Designer. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application, which could also resul...