CVE-2019-2629

Vulnerability in the Oracle Health Sciences Data Management Workbench component of Oracle Health Sciences Applications subcomponent: User Interface. The supported version that is affected is 2.4.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

Security Bulletin: A Netty vulnerability affects Rational Test Workbench / DevOps Test Workbench ( CVE-2024-47535 )

Summary Rational Test Workbench / Devops Test Workbench are vulnerable to a denial of service due to a vulnerability in Netty CVE-2024-47535 Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of...

Security Bulletin: Rational Test Virtualization Server and Rational Test Workbench are vulnerable to denial of service due to Spring MVC (CVE-2024-38828)

Summary Rational Test Control Panel RTCP component of Rational Test Virtualization Server and Rational Test Workbench uses Spring MVC which is vulnerable to a denial of service attack CVE-2024-38828. Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an...

CVE-2023-30771

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of...

CVE-2022-1118

Connected Components Workbench v13.00.00 and prior, ISaGRAF Workbench v6.0 though v6.6.9, and Safety Instrumented System Workstation v1.2 and prior for Trusted Controllers do not limit the objects that can be deserialized. This allows attackers to craft a malicious serialized object that, if open...

CVE-2022-36006

Arvados is an open source platform for managing, processing, and sharing genomic and other large scientific and biomedical data. A remote code execution RCE vulnerability in the Arvados Workbench allows authenticated attackers to execute arbitrary code via specially crafted JSON payloads. This...

CVE-2022-2465

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Deserialization of Untrusted Data vulnerability. ISaGRAF Workbench does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if...

CVE-2022-2464

Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a Path Traversal vulnerability. Crafted malicious files can allow an attacker to traverse the file system when opened by ISaGRAF Workbench. If successfully exploited, an attacker could overwrite existing fil...

CVE-2020-25178

ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote...

The vulnerability of the Mint Workbench controller management software lies in the absence of quotation marks in the code for elements or search paths, allowing attackers to exploit their privileges.

The vulnerability of the Mint Workbench controller management software is related to the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability can allow an attacker to increase their privileges by sending a specially created file...

CVE-2024-36448

UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...

CVE-2024-36448

UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...

CVE-2024-36448

Apache IoTDB Workbench is affected by a Server-Side Request Forgery (SSRF) vulnerability. Affects versions 0.13.0 and later; attackers can access the local network. The project is retired and no fix will be released; users should restrict access to trusted users or seek alternatives as a temporar...

CVE-2024-36448 Apache IoTDB Workbench: SSRF Vulnerability (EOL)

UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...

CVE-2024-36448 Apache IoTDB Workbench: SSRF Vulnerability (EOL)

UNSUPPORTED WHEN ASSIGNED Server-Side Request Forgery SSRF vulnerability in Apache IoTDB Workbench. This issue affects Apache IoTDB Workbench: from 0.13.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restri...

The vulnerability of the WorkBench64 module in the GENESIS64 SCADA system allows a intruder to gain unauthorized access to project files.

The vulnerability of the WorkBench64 module in the GENESIS64 SCADA system is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to project files...

The vulnerability of the WorkBench64 module in the GENESIS64 SCADA system allows a intruder to disclose protected information.

The vulnerability of the WorkBench64 module in the GENESIS64 SCADA system is related to improper security checks for standard elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information...

CVE-2024-5402

Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 58...

CVE-2024-5402

Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 58...

CVE-2024-5402 Mint Workbench I Unquoted Service Path Enumeration

Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 58...