13 matches found
EUVD-2026-11080
A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior...
CVE-2026-23814
A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior...
CVE-2026-23814
This CVE concerns a vulnerability in the AOS-CX CLI where command parameters can be exploited to inject malicious commands by a low-privileged, authenticated remote attacker. The issue is actionable via network access, with no user interaction required, and it affects the ability to maintain conf...
PT-2026-24569
Name of the Vulnerable Software and Affected Versions AOS-CX affected versions not specified Description A flaw exists in the command parameters of a specific AOS-CX CLI command. A low-privilege authenticated remote attacker could exploit this to inject malicious commands, potentially causing...
CVE-2024-43366 zkvyper ignored loop range bounds
zkvyper is a Vyper compiler. Starting in version 1.3.12 and prior to version 1.5.3, since LLL IR has no Turing-incompletness restrictions, it is compiled to a loop with a much more late exit condition. It leads to a loss of funds or other unwanted behavior if the loop body contains it. However,...
CVE-2024-43366
CVE-2024-43366 concerns the zkvyper Vyper compiler. From versions 1.3.12 up to 1.5.3, the LLL IR may be compiled into a loop with a late exit condition due to insufficient Turing-noncompleteness checks, potentially causing loss of funds or other unwanted behavior if the loop body contains it. Rea...
Siemens Opcenter Quality 安全漏洞
Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system DCS. the SINUMERIK...
Siemens SIMATIC PCS neo has a loose cross domain policy vulnerability with untrusted domains
SIMATIC PCS neo is a distributed control system DCS. Siemens SIMATIC PCS neo suffers from a loose cross-domain policy vulnerability with an untrusted domain, which can be exploited by an attacker to trick a legitimate user into triggering unwanted behavior...
CVE-2023-46098
A vulnerability has been identified in SIMATIC PCS neo All versions V4.1. When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior...
CVE-2023-46098
A vulnerability has been identified in SIMATIC PCS neo All versions V4.1. When accessing the Information Server from affected products, the products use an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior...
CVE-2022-45143
A flaw was found in the Tomcat package. This flaw allowed users to input an invalid JSON structure, causing unwanted behavior as it did not escape the type, message, or description values...
MSRT June 2017: Removing sneaky Xiazai
In the June release of the Microsoft Malicious Software Removal Tool MSRT, we’re adding Xiazai, a widespread family of browser modifiers that we have blocked and removed from millions of computers since 2015. Xiazai is a software bundler that can sneak in additional changes. Xiazai does not insta...
Microsoft Changing Detection of Adware and Browser Modifiers
One of the not-so-great side effects of the transition to virtually everything being done in the Web browser now is that advertisers, attackers and scammers constantly are trying to get their code to run in users’ browsers, any way they can. A lot of this is done through extensions and browser...