CVE-2025-66597

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS Packages:...

CVE-2025-66605

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on this webpage with the autocomplete attribute enabled, the input content could be saved in the browser the user is using. The affected products and versions are as follows:...

CVE-2025-66606

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

CVE-2025-66601

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not specify MIME types. When an attacker performs a content sniffing attack, malicious scripts could be executed. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

CVE-2025-66594

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed on the error page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

CVE-2025-66594

CVE-2025-66594 affects Yokogawa FAST/TOOLS packages (RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) from R9.01 to R10.04. The public description notes that detailed messages on the error page could be exploited by an attacker for other attacks, indicating information leakage or error handling weaknesses;...

CVE-2025-66596

CVE-2025-66596 affects Yokogawa FAST/TOOLS. The issue is improper validation of request headers, where an attacker providing an invalid Host header can cause users to be redirected to malicious sites. Affected FAST/TOOLS packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB, across versions R9.01 to R1...

CVE-2025-66601

CVE-2025-66601 affects Yokogawa FAST/TOOLS, specifically packages RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB, versions R9.01–R10.04. The vulnerability is a MIME-type handling/content-sniffing issue that could allow execution of malicious scripts when processing content delivered over the network. The ...

CVE-2025-66601

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not specify MIME types. When an attacker performs a content sniffing attack, malicious scripts could be executed. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

CVE-2025-66602

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes into the network, it could potentially be attacked by the worm. The affected products and versions are ...

CVE-2025-66602

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes into the network, it could potentially be attacked by the worm. The affected products and versions are ...

CVE-2025-66607

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an insecure setting. Users could be redirected to malicious sites by an attacker. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

CVE-2025-66606

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

Zimbra Collaboration Server 安全漏洞

Zimbra Collaboration Server ZCS is an email and collaboration solution from Zimbra. The solution provides email, contacts, calendaring, file sharing, social networking, and other features. A security vulnerability exists in Zimbra Collaboration Server versions 9.0, 10.0, and 10.1, which stems fro...

PT-2024-8885 · Zimbra · Zimbra Collaboration

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 9.0 through 10.0 Description: The issue involves unauthenticated local file inclusion LFI in a web application, specifically impacting the handling of the packages parameter. Attackers can exploit this flaw t...

UBUNTU-CVE-2018-1053

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pgupgrade creates file in current working directory containing the output of pgdumpall -g under umask which was in effect when the user invoked pgupgrade, and not under 0077 which...

CVE-2016-4871

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service...