Open Automation Software OAS Platform V16.00.0121 - Missing Authentication

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

DeepCool DeepCreative 安全漏洞

DeepCool DeepCreative is a creative design and control software platform for the hardware ecosystem developed by DeepCool Corporation in China. Versions of DeepCool DeepCreative prior to 1.2.7 contained security vulnerabilities. These vulnerabilities were caused by improper permission settings,...

PT-2026-6523

EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

RLSA-2025:8468 Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 For more details about the security issues, including the impact, a CVSS...

Bizerba BRAIN2 安全漏洞

Bizerba BRAIN2 is an industrial software platform from Bizerba, Germany. A security vulnerability exists in Bizerba BRAIN2 that originates from the possibility that a non-administrative user may perform privileged operations via report scripts...

CVE-2021-38410

AVEVA Software Platform Common Services PCS Portal versions 4.5.2, 4.5.1, 4.5.0, and 4.4.6 are vulnerable to DLL hijacking through an uncontrolled search path element, which may allow an attacker control to one or more locations in the search path...

GO-2025-3584 go.rgst.io/stencil/v2 vulnerable to Path Traversal

go.rgst.io/stencil/v2 vulnerable to Path Traversal...

QNX Software Development Platform 代码问题漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A code issue vulnerability exists in QNX Software Development Platform versions 8.0, 7.1, and 7.0...

QNX Software Development Platform 安全漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A security vulnerability exists in QNX Software Development Platform SDP versions 8.0, 7.1, and...

QNX Software Development Platform 缓冲区错误漏洞

The Blackberry QNX Software Development Platform is a suite of QNX software development platforms from Blackberry Canada. The platform is primarily used to develop software based on the QNX platform. A buffer error vulnerability exists in QNX Software Development Platform versions 8.0, 7.1, and 7...

22 bug fix and enhancement update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

CGA-QQH5-Q6XP-3654

Bulletin has no description...

ROS-20240919-01

Vulnerability of Microsoft.NET Framework and .NET software platform of Windows operating systems is related to incorrect definition of symbolic links before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20240812-08

Node.js software platform vulnerability is related to mismanagement of code generation. Exploitation The vulnerability could allow a remote attacker to activate arbitrary code with elevated privileges when handling CAPNETBINDSERVICE exceptions. elevated privileges when handling CAPNETBINDSERVICE...

ROS-20240719-04

A vulnerability in the Microsoft .NET software platform and Microsoft software development tool Microsoft Visual Studio is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offers a...

IBM Cloud Pak for Automation CSV Injection Vulnerability

IBM Cloud Pak for Automation is an intelligent software platform for building automation applications in cloud environments from International Business Machines IBM. The platform uses pre-integrated automation technologies and low-code tools to design, build and run automation applications and...

Rapid Software Rapid SCADA Path Traversal Vulnerability

Rapid Software Rapid SCADA is an open source industrial automation platform from Rapid Software. A path traversal vulnerability exists in Rapid Software Rapid SCADA 5.8.4 and earlier versions, which stems from a vulnerability that allows an attacker to supply a malicious configuration file to...

ROS-20230911-10

Vulnerability of EmailValidator and URLValidator components of Django web application software platform is related to the use of regular expression with inefficient computational complexity when processing domain name labels in emails and URLs. domain name labels in emails and URLs. Exploitation ...

Eight vulnerabilities in Open Automation Software Platform could lead to information disclosure, improper authentication

Cisco Talos recently disclosed eight vulnerabilities in the engine configuration functionality in Open Automations Software Platform. OAS Platform is commonly found in industrial operations and enterprise environments. It allows various devices, including PLCs, servers, files, databases and...