484 matches found
Siemens Mendix OIDC SSO
SUMMARY The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released a new version for Mendix OIDC SSO and recommends to update...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-105-01 Siemens Mendix Runtime ICSA-25-105-02 Siemens Industrial Edge Device Kit...
The vulnerability of the Mendix Runtime environment, related to inconsistencies in responses to incoming requests, allows attackers to disclose sensitive information.
The vulnerability of Mendix Runtime is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
CVE-2025-30280
A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as Industrial Edge Devices, Mendix, SENTRON, SIDIS, SIMATIC, SIPLUS,Insights Hub Private Cloud, Siemens License Server and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the...
CVE-2025-30280
A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...
CVE-2025-30280
A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...
CVE-2025-30280
A vulnerability has been identified in Mendix Runtime V10 All versions V10.21.0, Mendix Runtime V10.12 All versions V10.12.16, Mendix Runtime V10.18 All versions V10.18.5, Mendix Runtime V10.6 All versions V10.6.22, Mendix Runtime V8 All versions V8.18.35, Mendix Runtime V9 All versions V9.24.34...
CVE-2025-30280
CVE-2025-30280 affects Mendix Runtime: V8 (all versions), V9 (all versions < 9.24.34), V10 (all versions < 10.21.0 for the 10.x line, with sub-versions listed: <10.12.16, <10.18.5,
Siemens Mendix Runtime 安全漏洞
Siemens Mendix Runtime is a key component of Siemens AG Siemens, Germany. A security vulnerability exists in Siemens Mendix Runtime that stems from a distinguishable response that could lead to unauthorized enumeration of entity and property names...
PT-2025-15408 · Mendix · Mendix Runtime V8 +2
Name of the Vulnerable Software and Affected Versions: Mendix Runtime V8 versions prior to V9.24.34 is not accurate since V8 is a major version and should be listed separately, the correct interpretation is: Mendix Runtime V8 version prior to any specified fix, since all versions are affected...
Siemens Mendix Runtime
SUMMARY Mendix Runtime allows for entity enumeration due to distinguishable responses in certain client actions. This could allow an unauthenticated remote attacker to list all valid entities and attribute names of a Mendix Runtime-based application. Siemens has released new versions for several...
The vulnerability of Mendix LDAP module in the deployment and application testing software platform of Mendix allows a hacker to bypass security restrictions.
The vulnerability of Mendix LDAP in the software deployment and application testing platform relates to the failure to eliminate special elements in LDAP requests. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...
CVE-2022-46823
A vulnerability has been identified in Mendix SAML Mendix 8 compatible All versions = V2.3.0 = V3.3.0 = V3.3.0 V3.3.8. The affected module is vulnerable to reflected cross-site scripting XSS attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a...
CVE-2022-46664
A vulnerability has been identified in Mendix Workflow Commons All versions V2.4.0, Mendix Workflow Commons V2.1 All versions V2.1.4, Mendix Workflow Commons V2.3 All versions V2.3.2. Affected versions of the module improperly handle access control for some module entities. This could allow...
CVE-2024-56841
A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...
CVE-2024-56841
A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...
CVE-2024-56841
A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...
CVE-2024-56841
A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...
CVE-2024-56841
CVE-2024-56841 affects Mendix LDAP module (all versions