Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/02/03 10:45 p.m.25 views

Security Bulletin: Information disclosure vulnerability affects IBM Business Automation Workflow - CVE-2024-38321

Summary IBM Business Automation Workflow is vulnerable to an information disclosure attack. Vulnerability Details CVEID:CVE-2024-38321 DESCRIPTION: IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations th...

6.5CVSS5.7AI score0.00417EPSS
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/09/11 12:0 a.m.7 views

The vulnerability of the Vijeo Designer software lies in its insecure handling of privileges, allowing attackers to perform arbitrary actions.

The vulnerability of the Vijeo Designer software is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to perform arbitrary actions...

7.8CVSS5.6AI score0.00209EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/04 1:25 p.m.30 views

Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON input, a...

5.3CVSS5.6AI score0.01454EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 5:19 p.m.51 views

Security Bulletin: Denial of Service vulnerability in Apache commons-fileupload may affect IBM Business Automation Workflow (CVE-2023-24998)

Summary IBM Business Automation Workflow packages a vulnerable copy of Apache commons-fileupload in its /BPM/Lombardi/lib directory. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number o...

7.5CVSS7.6AI score0.46836EPSS
Exploits1Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/08/10 12:0 a.m.21 views

Rockwellautomation Rslinx Improper Input Validation

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

5.5CVSS3.6AI score0.02805EPSS
Exploits0References2
NVD
NVD
added 2020/06/15 8:15 p.m.15 views

CVE-2020-11999

FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...

8.1CVSS0.02805EPSS
Exploits0References1
Prion
Prion
added 2020/05/20 3:15 a.m.19 views

Race condition

Products that use EDS Subsystem: Version 28.0.1 and prior FactoryTalk Linx software Previously called RSLinx Enterprise: Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and...

4.8CVSS8.2AI score0.01263EPSS
Exploits0References1Affected Software5
Prion
Prion
added 2020/05/19 10:15 p.m.23 views

Memory corruption

Products that use EDS Subsystem: Version 28.0.1 and prior FactoryTalk Linx software Previously called RSLinx Enterprise: Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and...

4.3CVSS6.3AI score0.02511EPSS
Exploits1References1Affected Software5
Cvelist
Cvelist
added 2017/11/13 8:0 p.m.35 views

CVE-2017-14020

In AutomationDirect CLICK Programming Software Part Number C0-PGMSW Versions 2.10 and prior; C-More Programming Software Part Number EA9-PGMSW Versions 6.30 and prior; C-More Micro Part Number EA-PGMSW Versions 4.20.01.0 and prior; Do-more Designer Software Part Number DM-PGMSW Versions 2.0.3 and...

7.7AI score0.01135EPSS
Exploits0References2
CVE
CVE
added 2017/11/13 8:0 p.m.67 views

CVE-2017-14020

CVE-2017-14020 affects AutomationDirect products including CLICK Programming Software (C0-PGMSW) <= v2.10, C-More Programming Software (EA9-PGMSW) <= v6.30, C-More Micro (EA-PGMSW) <= v4.20.01.0, Do-more Designer (DM-PGMSW) <= v2.0.3, GS Drives (GSOFT) <= v4.0.6, SL-SOFT SOLO (SL-S...

9.3CVSS7.6AI score0.01135EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/10/18 12:0 a.m.3 views

Fatek Automation PM Designer Remote Command Execution Vulnerability

Fatek Automation PM Designer is a programmable logic controller from Fatek Automation. A remote code execution vulnerability exists in Fatek Automation PM Designer. An attacker could use this vulnerability to execute arbitrary code in the context of an affected application, which could also resul...

8.8CVSS8.4AI score0.0229EPSS
Exploits0References1
Rows per page
Query Builder