CVE-2024-56181

A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC IPC PX-32A All versions V29.01.07, SIMATIC I...

CVE-2024-56182

A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC Field PG M6 All versions V26.01.12, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC...

CVE-2024-56182

A vulnerability has been identified in SIMATIC Field PG M5 All versions, SIMATIC Field PG M6 All versions V26.01.12, SIMATIC IPC BX-21A All versions V31.01.07, SIMATIC IPC BX-32A All versions V29.01.07, SIMATIC IPC BX-39A All versions V29.01.07, SIMATIC IPC BX-59A All versions V32.01.04, SIMATIC...

CVE-2024-56182

CVE-2024-56182 describes a local vulnerability in Siemens SIMATIC/SIEMENS IPC family where EFI variables are insufficiently protected. This could allow an authenticated local attacker to disable the BIOS password by communicating with the flash controller, affecting a wide range of Field PGs, IPC...

Ashlar-Vellum Cobalt 安全漏洞

Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. A security vulnerability exists in Ashlar-Vellum Cobalt that stems from uninitialized variables when parsing VS files, which could lead to remote code execution...

CVE-2024-12604

Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Recovery Exploitation, Functionality Misuse. This issue affects Tap&Sign App: before V.1.025...

Tap&Sign 安全漏洞

Tap&Sign is an easy-to-use, legally binding electronic signature solution from Tap&Sign, Inc. A security vulnerability exists in Tap&Sign versions prior to V.1.025 that stems from sensitive information stored in plaintext in an environment variable and a weak password recovery mechanism that coul...

Trimble SketchUp 安全漏洞

Trimble SketchUp is a suite of 3D modeling programs for architects, urban planners, producers, game developers, and related professionals from Trimble USA. A security vulnerability exists in Trimble SketchUp that stems from uninitialized variables when parsing SKP files, which could lead to remot...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of a read barrier, which could lead to the reading of outdated variable values...

kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider

A flaw was found in Apache Kafka Clients. Apache Kafka Clients accepts configuration data for customizing behavior and includes ConfigProvider plugins to manipulate these configurations. Apache Kafka also provides FileConfigProvider, DirectoryConfigProvider, and EnvVarConfigProvider...

Linux Distros Unpatched Vulnerability : CVE-2023-24531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a...

Linux Distros Unpatched Vulnerability : CVE-2024-40647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK 2.8.0 allows the environment variables to be passed to subprocesses despite th...

Linux Distros Unpatched Vulnerability : CVE-2022-41716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid...

Linux Distros Unpatched Vulnerability : CVE-2021-32747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 is an open source monitoring web interface, framework, and command-line interface. A vulnerability in which custom variables are exposed to...

Linux Distros Unpatched Vulnerability : CVE-2016-8628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variable...

Linux Distros Unpatched Vulnerability : CVE-2016-7543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. CVE-2016-7543 Note th...

Linux Distros Unpatched Vulnerability : CVE-2020-14370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible...

CVE-2025-0985

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user...

CVE-2025-0985

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user...

CVE-2025-0985

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user...