EUVD-2023-36707

Malicious code in bioql PyPI...

EUVD-2021-8019

Malicious code in bioql PyPI...

The vulnerability of graphic drivers in microprogramming software for Intel processors lies in insufficient validation of input data, allowing attackers to trigger malfunctions in the system’s functionality.

The vulnerability of graphics drivers in microprogrammed software for Intel processors is related to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system’s functionality...

CentOS 7 : rsyslog (RHSA-2022:4803)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4803 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...

The vulnerability of the methods used to verify the structure of TCP packets in Siemens LOGO!8 BM and SIPLUS LOGO! programmable logic controllers allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the methods used to check the structure of TCP packets in Siemens LOGO!8 BM and SIPLUS LOGO! programmable logic controllers is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code or...

Kaspersky Exits U.S. Market Following Commerce Department Ban

Russian security vendor Kaspersky has said it's exiting the U.S. market nearly a month after the Commerce Department announced a ban on the sale of its software in the country citing a national security risk. News of the closure was first reported by journalist Kim Zetter. The company is expected...

The vulnerability of the ASP Bootloader component of AMD’s microprogramming software allows a hacker to disclose sensitive information or cause system failures.

The vulnerability of the ASP Bootloader microprogramming system for AMD processors is related to the state of competition. Exploiting this vulnerability can allow attackers to disclose protected information or cause malfunctions in the system...

CVE-2023-49394

Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly...

CVE-2023-49394

Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from functioning properly...

CVE-2023-32463

Dell VxRail, versions 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction...

Design/Logic Flaw

Dell VxRail, versions 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction...

CVE-2023-32463

Dell VxRail, versions 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction...

CVE-2023-32463

Dell VxRail, versions 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction...

ABB System 800xA Base Incorrect Permission Assignment For Critical Resource (CVE-2020-8474)

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction. This plugin only works with Tenable.ot. Please visit...

Bids can be created while paused

Lines of code Vulnerability details createBid allows for bid creation while the Auction is paused. As the latter happens on a system error mint failure, this can allow an attacker to interacts with the malfunctioning system. This at least can lead to misallocation of user's funds, i.e. freezing t...

Input validation

Improper input validation vulnerability in GOT2000 series GT27 model all versions, GOT2000 series GT25 model all versions, GOT2000 series GT23 model all versions, GOT2000 series GT21 model all versions, GOT SIMPLE series GS21 model all versions, and GT SoftGOT2000 all versions allows an remote...

CVE-2021-20601

The CVE-2021-20601 issue affects Mitsubishi Electric GOT family HMI products: GT27/GT25/GT23/GT21 (GOT2000 series), GS21 (GOT SIMPLE), and GT SoftGOT2000. The vulnerability arises from improper input validation, allowing a remote unauthenticated attacker to write a value beyond the configured inp...

CVE-2020-8474

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...

CVE-2020-8474 ABB System 800xA Weak Registry Permissions

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction...

The vulnerability of Modicon microprogrammed controllers lies in the lack of checks for the integrity of updates to the embedded software. This allows a malicious entity to download the update without the presence of the software via FTP protocol, thereby causing service failure.

The vulnerability of Modicon microprogrammed controllers lies in the lack of checks for the integrity of updates to the embedded software. Exploiting this vulnerability allows a malicious actor to download updates to the embedded software without any interaction with the software via FTP protocol...