EUVD-2024-34305

Malicious code in bioql PyPI...

EUVD-2025-20872

Malicious code in bioql PyPI...

CVE-2025-6377

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threa...

CVE-2025-6376

A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write beyond the boundaries of an allocated object. Exploitation requires user interaction, such as opening a malicious file within the software. If exploited, a threa...

CVE-2019-13510

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code...

CVE-2025-2288 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-2285 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2024-11364 Rockwell Automation Third Party Vulnerability in Arena®

Another “uninitialized variable” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to access a variable prior to it being initialized. If exploited, a threat actor could leverage this vulnerability to...

CVE-2024-11364

CVE-2024-11364 concerns Rockwell Automation Arena Simulation. The issue is a vulnerability in the parsing of DOE files where an uninitialized variable/memory can be accessed, enabling arbitrary code execution. Exploitation requires some form of user interaction (e.g., opening a malicious DOE file...

CVE-2024-12175 Rockwell Automation Code Execution Vulnerability in Arena

Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could leverage this vulnerability to execute arbitrary...

CVE-2024-11155

Rockwell Automation Arena contains a use-after-free vulnerability in parsing DOE files that could allow an attacker to execute arbitrary code. The issue affects Arena versions prior to 16.20.06 (per Nessus and related advisories). Exploitation requires a legitimate user to run the malicious DOE c...

Rockwell Automation Arena Simulation Software 缓冲区错误漏洞

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A heap buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to...

CVE-2019-13519

A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena...

CVE-2019-13527

In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Versions 16.00.00 and earlier, a maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized...

PT-2019-13392 · Rockwell Automation · Arena Simulation

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena Simulation Software Cat. 9502-Ax versions 16.00.00 and earlier Description: A maliciously crafted Arena file opened by an unsuspecting user may result in the use of a pointer that has not been initialized, potentiall...

CVE-2019-13511

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation...

CVE-2019-13511

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted Arena file opened by an unsuspecting user may result in the limited exposure of information related to the targeted workstation...

CVE-2019-13510

Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code...