313 matches found
KLA90889 DoS vulnerability in Mozilla Thunderbird ESR
Heap buffer overflow vulnerability was found in Mozilla Thunderbird ESR. Malicious users can exploit this vulnerability to cause denial of service. Original advisories MFSA2026-11 Exploitation Related products Mozilla-Thunderbird-ESR CVE list CVE-2026-2447 unknown Solution Update to the latest...
Siemens Siveillance Video Management Servers
SUMMARY The Webhooks implementation of Siveillance Video Management Servers contains a vulnerability that could allow an authenticated remote attacker with read-only privileges to achieve full access to Webhooks API. Siemens has released new versions for the affected products and recommends to...
Siemens Simcenter Femap and Nastran
SUMMARY Siemens Simcenter Femap and Nastran is affected by multiple file parsing vulnerabilities that could be triggered when the application reads files in NDB and XDB formats. If a user is tricked to open a malicious file with any of the affected products, this could lead the application to...
Fanwei e-cology - SQL Injection
Fanwei e-cology 8.0 contains a sql injection caused by unsanitized user input in the sql parameter of getdata.jsp, letting unauthenticated attackers execute arbitrary SQL queries and access sensitive data. id: CVE-2025-34038 info: name: Fanwei e-cology - SQL Injection author: ritikchaddha severit...
Omnissa Workspace ONE UEM - Path Traversal
Omnissa Workspace ONE UEM contains a path traversal caused by crafted GET requests to restricted API endpoints, letting malicious actors access sensitive information, exploit requires sending crafted requests. id: CVE-2025-25231 info: name: Omnissa Workspace ONE UEM - Path Traversal author:...
KLA90859 ACE vulnerability in Mozilla Thunderbird
A remote code execution vulnerability was found in Mozilla Thunderbird. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories MFSA2026-07 Related products Mozilla-Thunderbird CVE list CVE-2026-0818 warning Solution Update to the latest version Download...
Siemens Industrial Edge Device Kit
SUMMARY Users of Industrial Edge Devices are advised to consult the respective Security Advisories for their devices for Siemens Industrial Edge devices see Additional Information. Industrial Edge Device Kit contains an authorization bypass vulnerability that could facilitate an unauthenticated...
PT-2025-53454
Name of the Vulnerable Software and Affected Versions Eaton UPS Companion software affected versions not specified Description The Eaton UPS Companion software contains a flaw related to insecure library loading. An attacker who has access to the software package could potentially execute arbitra...
Android App "Brother iPrint&Scan" improper use of an external cache directory
Overview iPrint provided by Brother Industries, Ltd. contains the following vulnerability. Improper use of an external cache directory CWE-524 - CVE-2025-64696 Johan Francsics reported this vulnerability to BROTHER INDUSTRIES, LTD. and coordinated. After the coordination, BROTHER INDUSTRIES, LTD...
KLA90807 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics...
Siemens RUGGEDCOM ROS
SUMMARY Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...
Siemens SINEC Security Monitor
SUMMARY SINEC Security Monitor before V4.10.0 contains multiple vulnerabilities. Siemens has released a new version for SINEC Security Monitor and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens strongly recommends to protect network...
KLA90824 DoS vulnerability in Wireshark
Denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories wnpa-sec-2025-08 · MEGACO dissector infinite loop Exploitation Public exploits exist for this vulnerability. Related products Wireshark CVE list...
"Dejira" App for iOS vulnerable to improper server certificate verification
Overview "Dejira" App for iOS provided by KDDI CORPORATION contains the following vulnerability. Improper server certificate verification CWE-295 Tsuyoshi Ogawa of SIE Co.,Ltd reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
Siemens COMOS
SUMMARY COMOS is affected by two vulnerabilities that could allow an attacker to execute arbitrary code or lead to data infiltration. Siemens has released a new version for COMOS and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general security measure, Siemens...
Siemens Software Center and Solid Edge
SUMMARY Siemens Software Center and Solid Edge is affected by a DLL hijacking vulnerability. This could allow an attacker to execute arbitrary code via placing a crafted DLL file on the system. Siemens has released new versions for the affected products and recommends to update to the latest...
CVE-2025-12351
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
Sudo vulnerability affects SICK SID products
SICK SID products are affected by the sudo vulnerability CVE-2025-32463. SICK strongly recommends to update to the latest version to mitigate the risk...
KLA89408 Multiple vulnerabilities in Oracle VirtualBox
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit this vulnerability to execute arbitrary code, obtain sensitive information, cause denial of service. Original advisories Oracle Virtualization Risk Matrix Related products Oracle-VirtualBox CVE list CVE-2025-61759 hig...
Siemens SiPass Integrated
SUMMARY SiPass integrated before V3.0 contains multiple vulnerabilities that could allow an unauthenticated remote attacker to exploit user accounts, manipulate data, impersonate users, or achieve arbitrary code execution on the SiPass integrated server. Siemens has released a new version for...