CVE-2022-25234

CVE-2022-25234 affects CX-Programmer (Omron) v9.76.1 and earlier within the CX-One v4.60 suite. It is an out-of-bounds write vulnerability that may allow information disclosure and arbitrary code execution when a user opens a specially crafted CXP file. JPCERT/CC and JVNDB summarize a fix: update...

CVE-2022-25230

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325...

CVE-2022-25230

CX-Programmer in the CX-One v4.60 suite is affected by a Use-After-Free vulnerability (CVE-2022-25230) in versions up to 9.76.1, which can trigger information disclosure or arbitrary code execution when a user opens a crafted CXP file. The issue’s root cause is a use-after-free condition in CX-Pr...

CVE-2022-21219

Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file...

CVE-2022-21219

CVE-2022-21219 affects Omron CX-Programmer v9.76.1 and earlier (CX-One v4.60) where opening a specially crafted CXP file triggers an out-of-bounds read, causing information disclosure and potential arbitrary code execution. Affected products/versions are stated across multiple sources (NVD/Red Ha...

CVE-2022-21124

Summary (CVE-2022-21124): An out-of-bounds write in CX-Programmer v9.76.1 and earlier (part of CX-One v4.60) may lead to information disclosure and/or arbitrary code execution when a user opens a specially crafted CXP file. Affected component is CX-Programmer; root cause is an out-of-bounds write...

CVE-2022-21124

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One v4.60 suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-2523...

Omron CX-Programmer资源管理错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to cause a user to open a carefully crafted CXP file to cause information...

Omron CX-Programmer缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to cause a user to open a carefully crafted CXP file, leading to information...

Omron CX-Programmer 资源管理错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to trick a user into opening a carefully crafted CXP file to cause information...

Omron CX-Programmer缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to trick a user into opening a carefully crafted CXP file to cause information...

[SECURITY] Fedora 34 Update: log4j-2.16.0-1.fc34

Log4j is a tool to help the programmer output log statements to a variety of output targets...

[SECURITY] Fedora 35 Update: log4j-2.15.0-1.fc35

Log4j is a tool to help the programmer output log statements to a variety of output targets...

Russian TrickBot Gang Hacker Extradited to U.S. Charged with Cybercrime

A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group. Court documents showed that Vladimir Dunaev, 38,...

CVE-2021-38396

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB...

Design/Logic Flaw

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB...

PT-2021-22109 · Boston Scientific · Zoom Latitude +1

Name of the Vulnerable Software and Affected Versions: Programmer installation utility affected versions not specified Description: The issue arises from the programmer installation utility's failure to perform cryptographic authenticity or integrity checks on the software stored on a flash drive...

Boston Scientific Zoom Latitude Programmer/Recorder/Monitor Model 3120 安全漏洞

The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is a portable cardiac rhythm management Crm programming system from Boston Scientific, Inc. The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is vulnerable to an encryption error that could...

Type confusion

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

PYSEC-2021-322

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...