20 matches found
CVE-2026-11833
Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages:...
CVE-2025-66596
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites. The affected products and versions are as follows:...
CVE-2025-66597
CVE-2025-66597 affects Yokogawa FAST/TOOLS (Packages RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) from R9.01 to R10.04. The issue arises from the product’s support for weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. Connected sources (NVD/N...
CVE-2025-66599
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...
CVE-2025-66602
CVE-2025-66602 affects Yokogawa FAST/TOOLS, specifically FAST/TOOLS packages RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB, in versions R9.01 to R10.04. The issue stems from the web server accepting access by IP address, which could enable a worm that randomly scans IPs to interact with the service. Publ...
Yokogawa FAST/TOOLS 安全漏洞
Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the Yokogawa FAST/TOOLS R9.01 to R10.04 versions. These vulnerabilities stem from the Web server’s acceptance of IP address access;...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost versions 9.9.x through 9.9.1, 9.5.x through 9.5.7, 9.10.x through 9.10.0, and 9.8.x through 9.8.2, which stems from a failure to restrict inputs in the...
PT-2024-21900 · Zimbra · Zimbra Collaboration
Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 9.0 through 10.0 Description: An issue was discovered in the zmmailboxdmgr binary, a component of Zimbra Collaboration ZCS, which is intended to be executed by the zimbra user with root privileges for specifi...
PT-2024-19805 · Unknown · Controller 6000 +1
Name of the Vulnerable Software and Affected Versions: Controller 6000 and Controller 7000 versions 8.60 and prior Controller 6000 and Controller 7000 versions 8.70 prior to vCR8.70.240520a Controller 6000 and Controller 7000 versions 8.80 prior to vCR8.80.240520a Controller 6000 and Controller...
PT-2022-28142 · Unknown · Modbus Poll
Name of the Vulnerable Software and Affected Versions: Modbus Tools Modbus Poll versions up to 9.10.0 Description: A critical issue was found in the mbpoll.exe file of the mbp File Handler component, leading to a buffer overflow. This can be exploited remotely. The issue affects some unknown...
CVE-2021-1039
In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...
CVE-2020-14268
A vulnerability in the MIME message handling of the Notes client versions 9 and 10 could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which would execute with the...
IBM Domino 缓冲区错误漏洞
IBM Domino is a suite of enterprise-class application development platforms from IBM in the United States. A security vulnerability exists in IBM Domino server version 9, version 10, which stems from a vulnerability in MIME message handling that could be exploited by an unauthenticated attacker t...
Microsoft Internet Explorer Information Disclosure Vulnerability (CNVD-2019-16213)
Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft IE 9, 10, and 11. The vulnerability arises from errors such as configuration during operation of a networke...
Cybozu Office Cross-Site Scripting Vulnerability (CNVD-2016-08630)
Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A cross-site scripting vulnerability exists in Cybozu Office versions 9.0.0 through 10.4.0. The vulnerability can be exploited to execute arbitrary script in the web browser of a logged-in user...
Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05906)
Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A security vulnerability exists when Microsoft IE versions 9 through 10 fails to properly access objects in memory. The vulnerabilit...
PT-2014-4852 · Hewlett Packard · Hp Operations Manager
Name of the Vulnerable Software and Affected Versions: HP Operations Manager versions 9.10 through 9.11 on UNIX Description: The issue allows remote attackers to execute arbitrary code. The exact vectors used for the attack are not specified. Recommendations: For HP Operations Manager versions 9....
PT-2013-2070 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 9 through 10 Description: The issue allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object. This occurs due to the way Internet Explorer accesses ...
acroread: multiple code execution flaws (APSB13-02)
Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0626...
PT-2012-5590 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 9 through 10 Description: A use-after-free issue allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object. This vulnerability may corrupt memory in...